You can use PowerShell to install Windows Updates automatically, unattended and simple. Neat, right? For this, you don’t have to have an enterprise environment with WSUS, or Windows Server, but since this is Sysadmins of the North, I assume you do. In this post I’m going to show you how to install Windows Updates with PowerShell and the PSWindowsUpdate module.
Send email with PowerShell
Easily send your DevOps reporting by email with this PowerShell function, because the Send-MailMessage cmdlet is obsolete. Of course you’ll be using StartTLS and authenticated SMTP as additional security.
Windows 11/10 and WSL 2 DevOps environment
In this post I describe some of the settings and changes I made to make my Windows 10 and Ubuntu WSL into a fully fledged development environment. Here are the settings and tools I use for DevOps/SysOps on Windows.
Monitor .NET CLR Garbage Collected heap from your web application
Are you worried about your .NET webapp running out of memory? In order to let your .NET (web) application run smooth over a longer period of time, it is important to monitor the .NET CLR Garbage Collector (GC) and collection. The what? The .NET Common Language Runtime Garbage Collector. Here is how you can monitor this in a Zabbix template using Powershell WMI / CIM and Win32_PerfRawData_NETFramework_NETCLRMemory Windows Performance Counters.
Quickly check EnableTrailerSupport isn’t set in your network for http.sys (CVE-2022-21907)
If you want to find out fast if your IIS webservers have EnableTrailerSupport enabled for https.sys in the registry, here is a small PowerShell method. All you have to do is set the correct SearchBase.
Adding VirtIO drivers to Windows Recovery Environment (Windows RE)
If you need to add VirtIO drivers to your Windows Recovery Environment (Windows RE) to recover your Windows virtual machine, here is how. The following steps come in handy if you found out the hard way you don’t see any disks in Windows RE after a hard crash. As have I…
Retrieve SSH public key from Active Directory for SSH authentication
If you want to be able to log on to your Windows Servers through Win32 OpenSSH, you can make use of SSH public key authentication through a
~/.ssh/authorized_keys file. But if you have tens (hundreds) of servers and/or users, perhaps it’s easier to retrieve user SSH public keys from Active Directory (AD). In this article I’ll explain how.
Install SQL Server cumulative updates silently
Install SQL Server update silent: installing SQL Server cumulative updates is always a cumbersome, and quite daunting task. Unpacking and running the CU installer is a slow process, you have to click through a lot of screens, and it’s hard to get it to install silently. But here is how!
Remove computer object from Windows Server Update Services (WSUS) in PowerShell
Here is a short PowerShell snippet for you to remove a computer object from Windows Server Update Services (WSUS). In an elevated PowerShell session, adjust the following to your environment and execute:
How to add, list and remove IP addresses in Windows Firewall
Yesterday, I showed you how to block IP addresses in Windows Firewall using PowerShell. This comes in handy when blocking IP addresses that are brute-force attacking your servers. In this short post I’ll show you how to bulk add IP addresses in Windows Firewall, list an IP address and how to remove all IP addresses from Windows Defender Firewall with Advanced Security.
Block brute force attacks on SQL Server, block IP addresses in Windows Firewall using PowerShell
This PowerShell solution blocks IP addresses that are trying to brute force your SQL Server logins, by blocking IP addresses in Windows Defender Firewall with Advanced Security. For the time being, some manual labor is involved, but it is still manageable. You can use this to create your own solution to block offending IP addresses in SQL Server’s firewall.
Windows Defender: Turn off routine remediation
Long story short: During the transition of antivirus software to Windows Defender Antivirus (WinDefend), I don’t want Windows Defender remediation on threats it might find. Later, when I have more information about potential threats, I can always choose to remediate that threat, e.g. quarantaine or remove it. Unfortunately, there is no PowerShell cmdlet to configure this. Here is how to (temporarily) turn off routine remediation.
Increase WMI memory to support large volume of queries
Since I started expanding my Zabbix scripts and templates for monitoring Windows Server instances – AD, IIS and SQL Server – I found WMI was failing more and more. WMI stopped working:
WmiPrvse.exe would just crash after hitting some memory limit of 512 MB. If you run into the same issue with Windows Management Instrumentation, here is how you can increase WMI Provider Service’s memory quota. Doing so resolved my issues.
Install and setup IIS Manager for Remote Administration in Windows Server IIS (step by step)
Learn how to install and configure IIS Manager for Remote Administration of your Windows Server IIS web server, in Windows 10 and Windows 11. Step by step. You can use IIS Manager to administer various components of your website through a graphical user interface (GUI) if it’s hosted in Windows Server IIS.
Getting more out your Windows Performance Counters monitoring for web applications – part 3
This is part 3 about Zabbix monitoring for your websites and ASP.NET applications in IIS. This time I’ll show you how to get data from Win32_PerfRawData_PerfProc_Process counter, fast, for everey application pool This counter is notorious for its slowness, but you can get data a bit faster. IIS AppPool Insights in Zabbix – because there is always more than one way.