Book Image

Windows Server Automation with PowerShell Cookbook - Fourth Edition

By : Thomas Lee
Book Image

Windows Server Automation with PowerShell Cookbook - Fourth Edition

By: Thomas Lee

Overview of this book

With a foreword from PowerShell creator Jeffrey Snover, this heavily updated edition is designed to help you learn how to use PowerShell 7.1 effectively and manage the core roles, features, and services of Windows Server in an enterprise setting. All scripts are compatible with both Window Server 2022 and 2019. This latest edition equips you with over 100 recipes you'll need in day-to-day work, covering a wide range of fundamental and more advanced use cases. We look at how to install and configure PowerShell 7.1, along with useful new features and optimizations, and how the PowerShell compatibility solution bridges the gap to older versions of PowerShell. Topics include using PowerShell to manage networking and DHCP in Windows Server, objects in Active Directory, Hyper-V, and Azure. Debugging is crucial, so the book shows you how to use some powerful tools to diagnose and resolve issues with Windows Server.

Related Content you might be interested in

Current Title:

Small book image
Windows Server Automation with PowerShell Cookbook - Fourth Edition
Thomas Lee
Jul, 2021 | 674 pages
Small book image
Windows Server 2016 Automation with PowerShell Cookbook
Thomas Lee | Ed Goad
Sep, 2017 | 660 pages
Small book image
Powershell Core 6.2 Cookbook
JanHendrik Peters
Apr, 2019 | 372 pages
Small book image
PowerShell 7 Workshop
Nick Parlow
Feb, 2024 | 468 pages
Table of Contents (18 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Get in touch
1
Installing and Configuring PowerShell 7
Installing and Configuring PowerShell 7
Introduction
Installing PowerShell 7
Using the PowerShell 7 console
Exploring PowerShell 7 installation artifacts
Building PowerShell 7 profile files
Installing VS Code
Installing the Cascadia Code font
Exploring PSReadLine
Free Chapter
2
Introducing PowerShell 7
Introducing PowerShell 7
Introduction
Exploring new operators
Exploring parallel processing with ForEach-Object
Improvements in ForEach and ForEach-Object
Improvements in Test-Connection
Using Select-String
Exploring the error view and Get-Error
Exploring experimental features
3
Exploring Compatibility with Windows PowerShell
Exploring Compatibility with Windows PowerShell
Introduction
Exploring compatibility with Windows PowerShell
Using the Windows PowerShell compatibility solution
Exploring compatibility solution limitations
Exploring the module deny list
Importing format XML
Leveraging compatibility
4
Using PowerShell 7 in the Enterprise
Using PowerShell 7 in the Enterprise
Introduction
Installing RSAT tools on Windows Server
Exploring package management
Exploring PowerShellGet and the PS Gallery
Creating a local PowerShell repository
Establishing a script signing environment
Working with shortcuts and the PSShortcut module
Working with archive files
5
Exploring .NET
Exploring .NET
Introduction
Exploring .NET assemblies
Examining .NET classes
Leveraging .NET methods
Creating a C# extension
Creating a PowerShell cmdlet
6
Managing Active Directory
Managing Active Directory
Introduction
Installing an AD forest root domain
Testing an AD installation
Installing a replica domain controller
Installing a child domain
Creating and managing AD users and groups
Managing AD computers
Adding users to AD using a CSV file
Creating Group Policy objects
Reporting on AD replication
Reporting on AD computers
Reporting on AD users
7
Managing Networking in the Enterprise
Managing Networking in the Enterprise
Introduction
Configuring IP addressing
Testing network connectivity
Installing DHCP
Configuring DHCP scopes and options
Using DHCP
Implementing DHCP failover and load balancing
Deploying DNS in the Enterprise
Configuring DNS forwarding
Managing DNS zones and resource records
8
Implementing Enterprise Security
Implementing Enterprise Security
Introduction
Implementing Just Enough Administration (JEA)
Examining Applications and Services Logs
Discovering logon events in the event log
Deploying PowerShell group policies
Using PowerShell Script Block Logging
Configuring AD password policies
Managing Windows Defender Antivirus
9
Managing Storage
Managing Storage
Introduction
Managing physical disks and volumes
Managing filesystems
Exploring providers and the FileSystem provider
Managing Storage Replica
Deploying Storage Spaces
10
Managing Shared Data
Managing Shared Data
Introduction
Managing NTFS file and folder permissions
Setting up and securing an SMB file server
Creating and securing SMB shares
Accessing SMB shares
Creating an iSCSI target
Using an iSCSI target
Implementing FSRM quotas
Implementing FSRM reporting
Implementing FSRM file screening
11
Managing Printing
Managing Printing
Introduction
Installing and sharing printers
Publishing a printer
Changing the spooler directory
Changing printer drivers
Printing a test page
Managing printer security
Creating a printer pool
12
Managing Hyper-V
Managing Hyper-V
Introduction
Installing Hyper-V inside Windows Server
Creating a Hyper-V VM
Using PowerShell Direct
Using Hyper-V VM groups
Configuring VM hardware
Configuring VM networking
Implementing nested virtualization
Managing VM state
Managing VM and storage movement
Managing VM replication
Managing VM checkpoints
13
Managing Azure
Managing Azure
Introduction
Getting started using Azure with PowerShell
Creating Azure resources
Exploring the Azure storage account
Creating an Azure SMB file share
Creating an Azure website
Creating an Azure Virtual Machine
14
Troubleshooting with PowerShell
Troubleshooting with PowerShell
Introduction
Using PowerShell Script Analyzer
Using Best Practices Analyzer
Network troubleshooting
Checking network connectivity using Get-NetView
Exploring PowerShell script debugging
15
Managing with Windows Management Instrumentation
Managing with Windows Management Instrumentation
Introduction
Exploring WMI in Windows
Exploring WMI namespaces
Exploring WMI classes
Obtaining local and remote WMI objects
Using WMI methods
Managing WMI events
Implementing permanent WMI eventing
16
Other Books You May Enjoy
Other Books You May Enjoy
17
Index
Index

Discovering logon events in the event log

Each time you attempt to log on, whether you are successful or not, Windows logs the attempt. These log events can help you determine who logged on to a computer and when.

In Windows, there are several different logon types. A logon type of 2 indicates a local console logon (that is, logging on to a physical host), while a logon type of 10 indicates logon over RDP. Other logon types include service logon (type 5), batch or scheduled task (type 4), and console unlock (type 7).

You can read more details in this article: https://docs.microsoft.com/previous-versions/windows/it-pro/windows-server-2003/cc787567(v=ws.10). Note that this document is somewhat outdated and Microsoft has not updated it for later versions of Windows, although the information continues to be correct.

In this recipe, you use PowerShell to examine the Security event log and look at the logon events.

Getting ready

You run this recipe on DC1, a domain...

Previous Section
End of Section 5
Next Section