Monthly Archives: November 2013

CDXML: Module Manifest

Last time we created a module using CDXML to wrap the Win32_Bios WMI class. This gave us a cmdlet – Get-Bios.  As the intention is to create a number of modules that expose the WMI classes related to hardware we … Continue reading

Posted in CDXML, CIM, Modules, PowerShell and WMI, PowerShell V3, PowerShell v4 | Leave a comment

CDXML

Its been stated many times that over 60% of the modules in PowerShell 3 & 4 are created using CDXML – objects-over-cmdlets. This involves taking a WMI class and wrapping it in XML to create a PowerShell module. At this … Continue reading

Posted in CDXML, PowerShell and WMI, PowerShell V3, PowerShell v4 | Leave a comment

Defender Module: Threat Catalog

You can see the threats that defender is testing against Get-MpThreatCatalog | select SeverityID, ThreatName You get a long list like this 5 TrojanDownloader:Win32/Agent.A4 TrojanDownloader:Win32/Holistyc2 Dialer:Win32/EPlugin5 Backdoor:Win32/Fxsvc2 Adware:Win32/Networkone This is the important one: Get-MpThreatDetection You want this to return nothing … Continue reading

Posted in Powershell, Windows 8.1 | Leave a comment

Mac Address

No not where you go for a burger! I saw a post on the forum about getting the MAC address fro remote machines. The original post was using a fixed filter on NetConnectionID which assumes that all of your machines … Continue reading

Posted in Networking, PowerShell and WMI | Leave a comment

Clearing the Trusted Hosts list

This post rounds out the remoting series and shows you how to clear the trusted hosts list http://blogs.technet.com/b/heyscriptingguy/archive/2013/11/29/powertip-use-powershell-to-clear-the-trusted-hosts-file.aspx

Posted in Powershell | Leave a comment

Windows 8.1 Defender module

Windows 8.1 includes a module – Defender for working with the anti-malware engine on the machine.  I’m presuming this means Windows Defender only The starting point is Get-MpComputerStatus £> Get-MpComputerStatus AMEngineVersion                 : 1.1.10100.0AMProductVersion                : 4.3.9600.16384AMServiceEnabled                : TrueAMServiceVersion                : 4.3.9600.16384AntispywareEnabled              : … Continue reading

Posted in PowerShell and WMI, PowerShell v4, Windows 8.1 | Leave a comment

Remoting series

My remoting series on the Scripting Guy blog has finished.  The full set of posts is: http://blogs.technet.com/b/heyscriptingguy/archive/2013/11/29/remoting-week-non-domain-remoting.aspx http://blogs.technet.com/b/heyscriptingguy/archive/2013/11/28/powertip-remove-powershell-web-access-authorization-rules.aspxhttp://blogs.technet.com/b/heyscriptingguy/archive/2013/11/28/remoting-week-remoting-security.aspx http://blogs.technet.com/b/heyscriptingguy/archive/2013/11/27/powertip-use-powershell-to-discover-certificate-thumbprints.aspxhttp://blogs.technet.com/b/heyscriptingguy/archive/2013/11/27/remoting-week-configuring-remoting.aspx http://blogs.technet.com/b/heyscriptingguy/archive/2013/11/26/powertip-determine-version-of-wsman-on-remote-computer.aspxhttp://blogs.technet.com/b/heyscriptingguy/archive/2013/11/26/remoting-week-remoting-sessions-in-powershell.aspx http://blogs.technet.com/b/heyscriptingguy/archive/2013/11/25/powertip-use-powershell-to-find-key-of-wmi-class.aspxhttp://blogs.technet.com/b/heyscriptingguy/archive/2013/11/25/remoting-week-remoting-recap.aspx http://blogs.technet.com/b/heyscriptingguy/archive/2013/11/27/powertip-use-powershell-to-discover-certificate-thumbprints.aspxhttp://blogs.technet.com/b/heyscriptingguy/archive/2013/11/27/remoting-week-configuring-remoting.aspx http://blogs.technet.com/b/heyscriptingguy/archive/2013/11/26/powertip-determine-version-of-wsman-on-remote-computer.aspxhttp://blogs.technet.com/b/heyscriptingguy/archive/2013/11/26/remoting-week-remoting-sessions-in-powershell.aspx http://blogs.technet.com/b/heyscriptingguy/archive/2013/11/25/powertip-use-powershell-to-find-key-of-wmi-class.aspxhttp://blogs.technet.com/b/heyscriptingguy/archive/2013/11/25/remoting-week-remoting-recap.aspx

Posted in Powershell | Leave a comment