Skip to main content

Running local PowerShell scripts

Although I work with Linux primarily, any good system administrator always knows a little bit about the Other Operating System(tm).  One of the most useful thing to come out of Windows in years is PowerShell and running PowerShell scripts.  In Windows 8 (and 7 to an extent), there is a security feature that prevents any PS scripts from running non-interactively- something called the Execution Policy. 

Running a script will probably result in something like this: 

. : File C:\Users\jadmin\PowerShell\some-random-script.ps1 cannot be loaded because running scripts is disabled on
this system. For more information, see about_Execution_Policies at http://go.microsoft.com/fwlink/?LinkID=135170.
At line:1 char:3
+ . .\some-random-script.ps1
+   ~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : SecurityError: (:) [], PSSecurityException
    + FullyQualifiedErrorId : UnauthorizedAccess


Get-ExecutionPolicy -List should return an output that may resemble this:

            Scope                                             ExecutionPolicy
            -----                                             ---------------
    MachinePolicy                                                   Undefined
       UserPolicy                                                   Undefined
          Process                                                   Undefined
      CurrentUser                                                   Undefined
     LocalMachine                                                RemoteSigned

When it is Undefined, it defaults to Restricted- which means no scripts are allowed to run.  By default, all levels are set to Undefined.  Here you can see LocalMachine is set to RemoteSigned.  You can set it per-process or per-user, which is neat but out of the scope of this blog post.

In order to allow your machine to run locally created PowerShell scripts, you'll need to open a PowerShell window as an Administrator (as easy as right-click, Run As Administrator).   UAC will prompt you (you didn't disable UAC, right?).  Next, type "Set-ExecutionPolicy RemoteSigned".  Type Y and hit Enter (or just hit Enter as "Y" is the default). 

Now you should be able to run locally created scripts.  

In many online resources, there are people advising you to set your ExecutionPolicy to Unrestricted.  This is a mistake, especially if only for locally created PowerShell scripts. Unrestricted allows anything to run as a script, including those from remote sources such as Outlook,  Internet Explorer, and so on.  If you happen to forget to set it back, you'll be at risk. 

Comments

Popular posts from this blog

Starting vmtoolsd as a service on Red Hat / CentOS

If you're like me;  you may manage virtual servers within vSphere.. Linux ones.  Red Hat ones, in particular, but this applies to CentOS as well.

A long, long time ago, in a galaxy far away, the vmware-tools setup procedure installed the necessary init script for you.  Lately though, for new images that I've been building - those init scripts aren't getting installed by the vmware tools installation package.  So they don't start up on reboot.  VMware based backups failed; clock were going askew, you name it.   I need that daemon started on reboot.

Without a SysV init script handy, I had to roll my own.. and this is the result;  despite having worked with Linux for well over 15 years, setting up SysV init scripts remain somewhat of a black art.  The ones on our older system were more complicated than we needed.  I was aiming for something simpler and portable.

With RHEL 7, the rumor mills are abuzz with systemd so that may change. But, I'm a practical system admini…

Attempting to use dd on Mac OSX? Resource Busy?

If you're trying to use the dd command to image a usb disk or another device and you're running into an error that looks like:

# dd: /dev/disk#: Resource busy

There is a simple solution.

Use OSX's Disk Utility and unmount any of the partitions you have mounted on that particular disk without unmounting or ejecting the disk itself.

Afterwards, attempt the dd command again.

Update:  

Attempting to use the umount utility in Mac OSX will result in a "Resource busy -- try 'diskutil unmount'".  The command-line equivalent would be:

# sudo diskutil unmount /Volumes/<disk in question>

E.g.  

# sudo diskutil unmount /Volumes/FLASHUSB

NetApp: Disabling snapshot for a volume on Data OnTAP

This is one of those things that isn't always very obvious. Sometimes, you need to disable snapshots for a volume.

Why in the world would someone want to disable a perfectly good feature of NetApp NAS Storage? Server/data migration for one. Disabling it temporarily will prevent the volume from filling up the snapshot directory. Maybe your volume doesn't need snapshots (data always changing, and can not be recoverable even with snapshots- such as oracle data dirs, in which case snapshots are useless).
You have to perform simple but important tasks. If your volume has a schedule, turn it off.

somefiler> snap sched rootvol Volume rootvol: 2 4 8@2,4,6,12,164
somefiler> snap sched rootvol 0 0 0 
somefiler> snap sched rootvol Volume rootvol: 0 0 0

That takes care of that. Next step is to disable the automatic snapshot option.

somefiler> vol options rootvol nosnap on

Now if you issue vol options rootvol You should see an option that says nosnap=on.

Lastly, you'l…