View
217
Download
3
Embed Size (px)
Citation preview
great people, great experience, great passion
Administering SharePoint with Windows PowerShell
Go Beyond the Management Shell with SharePoint and Windows
PowerShell
great people, great experience, great passion
Gary Lapointe
Aptillon, Inc.– Director and Founding Partner– http://www.aptillon.com
SharePoint MVP since January 2008Blog: http://blog.falchionconsulting.comTwitter: @glapointe
great people, great experience, great passion
Agenda
Conditional LogicIterationFunctions and ParametersSupporting the PipeLineScriptsError HandlingRemoting
great people, great experience, great passion
Load Snap-in For any Editor
great people, great experience, great passion
Conditional Logic
if / elseif / elseif (<expression>) { <code>} elseif (<expression>) { <code>} else { <code>}
switchswitch (<value to evaluate>) { <value 1> { <code> } <value 2> { <code> } <value N> { <code> } default { <code to execute if no condition met> }}
Only perform a given task when an expression evaluates to $true
great people, great experience, great passion
Iteration
Whilewhile (<conditional expression>) { <code> }
Do Whiledo { <code> } while (<conditional expression>)
Do Untildo { <code> } until(<conditional expression>)
For Loopfor (<start exp>; <end condition>; <step exp>) { <code> }
Foreachforeach (<variable> in <collection>) { <code> }
Warning!!!
The foreach statement is not the same as the ForEach-Object cmdlet (aliased as foreach and %)
great people, great experience, great passion
Quick Tips
Verify your conditional logic before making changes!Test your loops before making any changes within them!Watch for disposal issues when iterating through SPSite and SPWeb objects!
great people, great experience, great passion
Abstract common/complex tasks into a reusable unit of codeName and call functions just like cmdlets:function Set-SPListVersioning($list, $enable) {…}Set-SPListVersioning $list $trueSet-SPLIstVersioning -list $list -enable $true
Functionsfunction <Name> (<parameter list>) { <code> [return [<variable>]]}
great people, great experience, great passion
Function Parameters
Can use either implicit or explicit parametersImplicit Example:function <Name>($param1, $param2, $paramN) { … }
Explicit Example:function <Name>() { param ( $param1, $param2 )}
Optionally prefix variable names with type information
great people, great experience, great passion
Advanced Function ParametersWith explicit parameters you can add cmdlet binding attributesfunction Set-SPListVersioning() { [CmdletBinding()] param ( [Parameter(Mandatory=$true, Position=0)], [ValidateNotNull()] [Microsoft.SharePoint.SPList]$List,
[Parameter(Mandatory=$false, Position=1)] [switch]$Enable ) <your code here>}
Type help about_functions_advanced_parameters for more examples
great people, great experience, great passion
Current object is accessible via the $_ automatic variable
Supporting the PipeLine
function <Name> (<parameter list>) { begin { <execute once before processing> } process { <execute for each item> } end { <execute once after processing> }}
Be Careful!!PipeLine enabled functions need extra handling when called like a normal function
great people, great experience, great passion
Quick Tips
Best Practice: Include a Pipeline parameter and name it $InputObjectUse the filter statement if begin {} and end {} are not needed:
great people, great experience, great passion
Scripts
A script is, effectively, just a function known by a file nameA script can contain many different functions, but doesn’t have to have anyA script can have explicit parameters, just like a functionGive scripts a .ps1 file extensionLoad all script functions into memory using “dot source notation”
great people, great experience, great passion
Quick Tips
Be careful of scripts that execute when loaded– Use a function to wrap tasks
Functions within scripts can be made available without dot sourcing by changing the scope of the function:function global:<name>() { … }
great people, great experience, great passion
try/catch/finally only works with V2– Use trap statements for V1 (or just don’t use V1!)
In the catch statement block, use the $_ automatic variable to access the error detailsThe finally statement block is optional
Error Handlingtry { <code>} catch [error type][, [error type]] { <code: executed on error>} finally { <code: always executed when finished>}
great people, great experience, great passion
WINDOWS POWERSHELL REMOTING
Administering SharePoint remotely…
great people, great experience, great passion
Remoting
PowerShell Remoting uses WinRM, Microsoft’s implementation of the WS-Management protocol– WinRM allows you to run scripts against remote
servers over HTTP and HTTPS
Works with V2 onlyRequires that WinRM be enabled on both the client and the server
great people, great experience, great passion
Enabling Remoting
Run Enable-PsRemoting on the client and server machinesMust Enable CredSSP– Credential Security Support Provider– Allows cmdlets to talk to SQL using the provided credentials (handles
the double-hop issue)
Increase the MaxMemoryPerShellMB setting on remote server (default is 150MB)– Set-Item WSMan:\localhost\Shell\MaxMemoryPerShellMB 1000
Decrease MaxShellsPerUser and MaxConcurrentUsers (default is 5)– Set-Item WSMan:\localhost\shell\MaxShellsPerUser 2– Set-Item WSMan:\localhost\shell\MaxConcurrentUsers 2
great people, great experience, great passion
Enabling CredSSP
On the client machine– Group Policy must be edited to allow credential delegation to the
target computer. • Use gpedit.msc
– Computer Configuration -> Administrative Templates -> System -> Credentials Delegation -> Allow Delegating Fresh Credentials
– Verify that it is enabled and configured with an SPN appropriate for the target computer (WSMAN/myserver.domain.com or WSMAN/*.domain.com)
– May have to similarly enable “Allow Fresh Credentials with NTLM-only Server Authentication” if the above setting does not work
– Enable-WSmanCredSSP -Role Client -DelegateComputer <remote server name>
On the server machine– Enable-WSmanCredSSP -Role Server
great people, great experience, great passion
Running Remote Commands
great people, great experience, great passion
Session Configurations
Use Register-PSSessionConfiguration to preload SharePoint PowerShell Snap-In– Must also set threading options
Use Set-PSSessionConfiguration with -ShowSecurityDescriptorUI parameter to set securityProvide configuration name when calling New-PSSession
great people, great experience, great passion
DEMO…Windows PowerShell Remoting
great people, great experience, great passion
Summary
If you plan on writing more than 2-3 lines of PowerShell then consider using a script editorTest your scripts incrementally– Validate your loops and conditionals before
making changes!
Consider PowerShell remoting over integrated login for common admin tasks