PowerShell is everywhere. Admit it, even if you don't like change, you've probably needed to run a one-off command or small script in order to accomplish something...whether it was in AD, Exchange, VMWare or something else. Running a single command is one thing, but what about making a reusable piece of code that anyone can run, or even better, schedule it? Get a report every Monday about drive space, remove old log files every month, report on logon failures... We're going to take a command that fulfills a 'single-serving' role and turn it into something more dynamic; something that can be run over and over and be both relevant and timely! Be ready to learn about parameters, basic functions, comment-based help, and other useful techniques - bring your laptop and code along with us! Let's build a PowerShell tool! Watch me present this topic via YouTube: https://youtu.be/akTypRvwr7g (video 1 of 2)

1. Scripting as a
Second Language
Basic PowerShell Toolmaking

2. Rob Dunn - @maximillianx
• Lead Systems Administrator
• IT Pro for 22 years
• In the Spiceworks Community since 2007
• Pure Capsaicin since 2014

3. Sponsored by Netwrix – www.netwrix.com
Free products:
• Change Notifier for AD, File Servers, Group Policy
• Account Lockout Examiner Tool
• Password Expiration Notifier
• Effective Permissions Analyzer
• And more!
Flagship Product:
• Audit (Active Directory, Azure AD, Oracle, SharePoint, VMware, O365, and more)

4. #SPICEWORLD2016
• My take on the Difference Between a Script and a Tool
• Toolmaking with a Tool (not just me), the ISE
• The Genesis of the Tool
• Demo!
What We’ll Cover

5. #SPICEWORLD2016
A simple script is a file containing a series of runtime
instructions which can be executed repeatedly with a
relatively specific focus which produces an expected
outcome.
Typically, the user running the script doesn’t have much, if
any control over the output.
What is a Simple Script?

6. #SPICEWORLD2016
• Input
• Functional
• Output
What is a Tool – Three Types

7. #SPICEWORLD2016
What do We Use to Make Our PowerShell Scripts
and Tools? [Demo]
Use the right tool for the job!
• Not NotePad or other text-based
editors
• Something that is “PowerShell”
aware
• This could be Visual Studio,
VSCode, Sapien PowerShell Studio,
or…the FREE Microsoft ISE.
Advantages?
1. Easily execute single lines or
sections of code
2. Tab completion of parameters,
properties & methods
3. Debugging, error discovery, and
syntax highlighting
4. Add-on support

8. #SPICEWORLD2016
Toolmaking: My Thought Process
Problem
Level of
Need
Output Input

9. #SPICEWORLD2016
Start with a bit of code that you’ve used once or twice and build your script
around that.
Today’s Method: Build From the “Inside Out”

10.  Get-Command - Find that cmdlet you’re looking for
 Get-Help (RTFM, right?! Don’t forget to ‘Update-
Help’ as well!)
 Get-Member - Find out the methods and properties
associated with an object*
* Pretty much everything in PowerShell is an object
Quick review: Cmdlets you must know

11. Quick review: What is a PowerShell Object?
It’s a “thing” that represents
something.
You can also think of it like
a row in a database table -
with a twist
Properties
• $Friend.FirstName = Scott
• $Friend.LastName = Brosnan
• $Friend.Height = 1.7272
• $Friend.Funny = $True
• $Friend.BurnsUnderAStreetL
ampBecauseHeMustBeAVam
pireNotATwilightVampireThe
OtherKind= $True
$Chair
$Friend = Get-Friend | Where-Object FirstName –eq “Scott”
$Friend.BeatBox(20)
$Friend

12. Methods
• $Friend.Complain
• $Friend.TellHorribleJoke
• $Friend.TakeDownStorage
Array
• $Friend.BeatBox
Quick review: What is a PowerShell Object?
It’s a “thing” that represents
something.
You can also think of it like
a row in a database table -
with a twist
$Chair
$Friend = Get-Friend | Where-Object FirstName –eq “Scott”
$Friend.BeatBox(20)
$Friend

13. Get Event Log Entries surrounding an item of interest
The Scenario
#SPICEWORLD2016

14. #SPICEWORLD2016
The Problem
A service account is experiencing a lockout in the middle of the night.
IT needs to gather all the event log entries from the system log x minutes
before and x minutes after the time of a specified event to see if there is
“something else” going on.

15. #SPICEWORLD2016
The IT manager has determined this problem occurs enough times to warrant a
closer look at the symptoms by his junior staff; preferably by utilizing a
consistent method when the problem recurs.
The Level Of Need

16. #SPICEWORLD2016
The IT manager would like to have all the surrounding event log entries in a
view which can be browsed or exported to CSV for further analysis; potentially
in Excel so they can compare them.
The Output

17. #SPICEWORLD2016
1. The date and time of Event we’re interested in
2. The range of minutes before and after the event to gather other possible
interesting information.
The Input (our Parameters)

18. #SPICEWORLD2016
…find system event log items x minutes before and x
minutes after event of interest occurs
…output events to end user as objects
BONUS:
Can we get these items from ALL event logs?
To use these parameters, our script needs to:

19. Let’s Code!
#SPICEWORLD2016

20. #SPICEWORLD2016
• Comment-Based Help
• Format your script – look like a Pro!
• Make your scripts and functions single purpose, name them accordingly
• Use Microsoft supported verbs to name your functions and scripts (Get-
Verb)
• Configure Execution Policy to run PS1 files (Set-ExecutionPolicy –
ExecutionPolicy RemoteSigned, etc.)
Best Practices

21. #SPICEWORLD2016
1. Save your file as a .PS1 and share with your co-workers
2. Create a module (easier than it sounds)
Share and Enjoy! I.e. Extra Credit 

22. #SPICEWORLD2016
[Book] PowerShell in a Month of Lunches, Don Jones &
Jeffery Hicks
[Book] PowerShell ToolMaking in a Month of Lunches, Don
Jones & Jeffery Hicks
[Web] PowerShell 3.0 JumpStart, Microsoft Virtual
Academy, Jason Helmick, Jeffery Snover*
*heck, anything by Jeffery Snover, I mean, he invented it!
Learning PowerShell?

23. Thank you!