QuickStart Blog

Monthly Archives: May 2015

  1. 3 Ways to Monitor with PowerShell

    A student in a recent class asked for a script that could take every command a user typed into PowerShell and send it to a csv file for monitoring purposes. That prompted me to think about the choices you have with PowerShell. He didn’t want to capture history after the fact, with a ‘get-history’ command, since the user could easily have run ‘clear-history’ resulting in the removal of the commands they had run to that point. That made me think about what his choices were. His chosen alternative was to send events to the PowerShell event log, however, when monitoring anything, you could also decide to send data a SQL database. My thanks to David W for his question, and his eventual script, which you can see below.

    With PowerShell, you can easily export your data to a csv file. For ease of demonstration, I’ll use a simple command:

    Read more

  2. Auditing Tools in SQL Server 2008 and SQL Server 2008 R2

    This is the third article in a series discussing database auditing. The first article discussed the need to audit from various governmental mandates and best practices of auditing just the data you need to meet requirements.  The second article discussed the auditing log data best practices, both what event data to include in your audit logs and the need to protect your audit log systems and data from tampering.  This article will look at the various tools that we can use for auditing and the pros and cons of various tools that SQL Server 2008 provides to us administrators and developers to enable auditing compliance.

    Read more

  3. Microsoft Operations Framework (MOF) v4

    Wait, what’s a MOF?  Microsoft Operations Framework?  Why would I need that?

    In the 1980’s there was a movement to create standards for managing IT within the British government.  The result was the Information Technology Infrastructure Library (ITIL) was initially published as a series of books between 1989 and 1996.  It documented IT best practices without regard to platform, nationality, industry or size of organization.  The sponsoring organization, the Central Computer and Telecommunications Industry, (CCTA) enlisted experts from various telecom and computer companies to write and edit the guidance.  Microsoft was one of those companies.

    Read more

  4. Microsoft Report Builder 3.0

    With the release of SQL 08 R2Microsoft is making Report Builder 3.0 available. It has been a long road from the original Report Builder 1.0. It was a little clunky, not very intuitive, and was dependent on Report Models. Report Models are an abstraction of the data, and are generally designed by the BI Developer to expose data to the Business User for report creation.

    While there are some benefits to using Report Models, (You can give fields and views logical names, group data logically, define relationships where none existed, and use them to enforce security to name a few), it still falls on the BI Developer to create them.

    Read more

  5. PowerShell Credentials and SecureStrings, Part I

    I frequently get asked questions in my PowerShell classes about providing credentials to commands and scripts, including storing passwords in scripts.  In this blogpostI’ll discuss howthe .NET Framework handles strings and why that behavior is undesirable for working with passwords and other secure strings of data.  I will also discuss methods of providing passwords, credentials, and other secure strings into our commands and scripts interactively. AttheendI will introduce a method of securely saving credentials so that a script can be executed without prompting for passwords, although the script must be executed by the user who entered the credentials.  In afollow uppost, I’ll discuss options when you need multiple people to execute scripts with saved credentials.

    Read more

  6. PowerShell Credentials and SecureStrings, Part II

    In my first blog post on using secure passwords in PowerShell scripts, I discussed methods in PowerShell to keep passwords and other secure strings secure in memory and protect against memory dump attacks and the like.  I showed how to use those secure strings to run commands either an alternate username and password if the commands ask for those or by building and using PSCredential objects for those commands that expecta full credential objects.  At the end of theblogI showed how to convert that secure string to a regular encrypted string using the Windows Data Protection API (DPAPI).  While highly secure, that method of encrypting the string is limited to that one user account on that one computer by the way it uses the Windows DPAPI.

    In this blogpostI will present some of the security considerations we want to be aware of when configuring security for scripts, especially automating their execution.

    Read more

  7. PowerShell Credentials and SecureStrings, Part III

    In my first blog post on using secure passwords in PowerShell scripts, I explained how the .NET Framework uses Strings and a new object type, SecureStrings.  SecureStrings have several features that protect against attacks to read string values from memory, not the least of which is that the string is encrypted from the start in memory.  I then introduced the Get-PSCredentialcmdlet that will prompt for a username and password and store that password in a SecureString property, with the property incidentally named “Password”.  An alternative discussed there, when only a SecureString is needed and not a full credential, was the Read-Host cmdlet with the –AsSecureString parameter.

    Read more

  8. Sequencing Identity Numbers in SQL Server 2012

    Identity columns are nothing new in T-SQL.  They are great when you want a unique number to be automatically assigned every time you insert a new record.  The trouble is that while they are unique within the table, they are probably the same between tables.  Every table with an identity column has a 1 for the first record, a 2 for the second, etc.  Of course you can set the seed and increment for the identity column to something other than (1,1), but you still have to manually track which table has which seed.  Trying to track that is destined for failure.  What we really need is a way to have automatically assigned numbers for new records, but ones which are guaranteed to be unique across any table that uses them.  Of course, you know I wouldn’t be writing this if there weren’t a solution.  In SQL Server 2012, Microsoft introduced something called the SEQUENCE object that does this very thing.

    Read more

  9. SharePoint Designer Governance

    I hear these and many similar comments and questions all the time in my SharePoint Site Administrator/Power User classes:

    • “Oh, I can’t do that because my company won’t let us use SharePoint Designer.”
    • “I’d like to create a workflow, but no one is allowed to use SharePoint Designer.”
    • “How do I get my company to let me use SharePoint Designer?”

    These questions and comments all relate to SharePoint governance.  SharePoint governance is a very important consideration for any SharePoint deployment, one that from myexperience a lot of organizations cut corners (or don’t even realize what they should be doing), to the detriment of their SharePoint deployment’s success.  SharePoint governance is a big subject; more than one blog post can cover.  Of all the subjects and classes we teach (from Citrix, Cisco, VMWare, to Microsoft SQLServer, WindowsServer, Exchange, etc.), there is only one product we have a dedicated class on Governance for:SharePoint.  I present this as evidence for the need for SharePoint governance, without which has led some people to call SharePoint a “virus”.  (Go Google or Bing “SharePoint” and “Virus” if you don’t believe me).

    Read more