North East Bytes - a Microsoft technology usergroup in North East England.

Powered by Squarespace


Desired State Configuration video

As I mentioned back in March, I recorded a short video on DSC as part of the UK and Ireland MVP Cloud OS Online event. However, I forgot to post the video here, so here it is:

There was a lot of great content over the two days, so you should check them all out on the MVP Rocks UK and Ireland YouTube channel.


MVP Cloud OS Week Online

Next Monday and Tuesday, you can get a day of online training for free from UK and Ireland Microsoft MVPs. The 31st has a load of sessions under the "Transform the Datacentre" banner, then on 1st April, it's all about "People Centric IT".

The schedule for content is as follows:

31 March: Transform the datacentre



MVP Speakers


Transform the Datacentre with Microsoft Cloud OS

Patrik Bihammar


What's New in Windows Server 2012 R2?

Aidan Finn


What's New in System Center 2012 R2?

Gordon McKenna


What’s New in Windows Azure?

Richard Astbury


PowerShell – Desired State

Jonathan Noble


Windows Server 2003 Migration – App Migration

Paul Keely


The hot topic of the moment: Storage Spaces  

Patrick Lownds


Find out more about SCOM

Kevin Greene


Understand how to use Service Manager

Steve Beaumont


Understand more about Azure Pack

Damian Flynn

1 April: Empower People Centric IT



MVP Speakers


What is People Centric IT?

Stuart Leddy


Why Windows 8.1 and Devices Overview

Mike Halsey


Windows XP End of Support – Why is this important to you?

Mike Halsey


Operating System Deployment in SCCM

Raphael Perez


Desktop and App Delivery with Virtual Desktop Infrastructure VDI /RDS

Robert Marshall


Unified Device Management with SCCM + Windows Intune

Gordon McKenna


Exploring Bring your own device (BYOD) vs. Choose your own device (CYOD)

Simon Skinner


Access to corporate apps and data with work folders/dynamic access control/RMS/Direct Access/VPN

David Nudelman


Identity Management with WS 2012 R2/AD/ADF

Simon Skinner

Please note each session is pre-recorded and will be released at the time listed above.

Just head over to the MVP Rocks UK and IE YouTube channel at the appropriate time (GMT+1). 

There are also a number of MVP Cloud OS roadshow events going on around the world. You can find out more about the global events on the MVP Program Blog.


Finding unlinked GPOs with PowerShell

Easy. One line
Get-GPO -all | where {([xml]($_ | Get-GPOReport -ReportType XML)).gpo.LinksTo.Length -eq 0}

Get the hell off Windows XP! NOW!

One month from today, support ends for the Windows XP operating system, and Office 2003.


This is why…

There are still a lot of people running Windows XP. There are bad people in the world who try to find vulnerabilities in Windows (and Office, and anything else with a decent user base). Those people know that any vulnerability that they find is only useful to them until it is patched. If they keep their newly discovered vulnerability to themselves until after 8th April 2014, it’s not going to be patched, so it will be useful to them forever (until people stop using Windows XP)! Therefore, it’s incredibly likely that people have been stock-piling zero day exploits for months if not years, waiting for this.

So, in case it isn’t clear yet, let me summarise: If you are running Windows XP this time next month, it is likely that very soon, someone with bad intent is going to take control of your computer (unless it is completely isolated from everything else).

The good news is that you have a month to do something about it. The bad news is that, depending on the size of your organisation, that pretty much makes it a DIRE EMERGENCY! Stop reading blogs and do something about it.

These links might help you:


PowerShell Scripting Tip: Choose your tests carefully

There's a lot that can be achieved in a little bit of PowerShell (a single (pipe)line, even), and that brings with it a tendency to throw a solution together quickly. As the saying goes, though, with great power comes great responsibility, so you need to be careful.

Using -whatif and -confirm can help you to avoid hanging yourself, but you also need to do more thorough testing before you put a script into production (and yes, I'm talking to myself as much as anyone else here).

For example, I have tripped over a problem (and I know others who have done the exact same thing), where I wrote a PowerShell script that altered some objects in Active Directory. I had some dummy objects to test on and after a few itterations I had a script which manipulated them in just the way I wanted. I changed my input to the appropriate set of live objects and it all worked. Brilliant.

The trouble occurred when the script was run subsequently on a different set of input which referred to some objects which had previously been removed from Active Directory. I hadn't tested the script with any input that referred to objects which didn't exist. If you'd asked me ahead of time, I probably would have said that I'd expect the script would just ignore those rows in the input file. Most of the time that's probably what would happen...

...except in this particular case, when no exact matching object was found, it dropped back to a WILDCARD MATCH!!! Cue a bunch of objects that shouldn't have been touched, getting messed up in some inconvenient ways! :-(

The first time this happened, it had everyone utterly perplexed. It was fixed with no understanding of the cause. The second time the same script did the same thing we worked it out, fixed the mess and the script. I subsequently saw a similar script create a similar problem for someone else, and I was able to help him remediate that situation before anyone noticed.

What those experiences hammered home for me was the need to formulate test input for my scripts very carefully. Don't get me wrong, this wasn't news for me, as I'm sure it isn't for you, but the awareness of how much worse things might have been in those semi-disasters has helped me to formulate better testing, and I'm pleased to say that I haven't had an avoidable problem caused by one of my scripts since then.

AttributionNoncommercialShare Alike Some rights reserved by Paul Robert Lloyd

So, if there's any chance that your script is going to face anything unexpected in the future, you need to test for it, and perhaps including some input cleansing in there. In your test input you should include some stuff that's fine and your script shouldn't alter, some things that your script should operate on, some duplicates, some things that don't exist, and some stuff that just plain make no sense. Try to break it as much as you can (although be careful where you're running it!).

Oh, and if there's any chance that someone else may run your script in the future, make sure that you document what you know it works for, and what you haven't tested. There might not be a need for you to test for every possible outcome today, but you don't want someone coming and knocking on your door blaming you for something that you didn't do, but didn't test for either. You can at least make people aware of the scenario that you did test for, and let them know that you didn't check that it wouldn't blow things up if they decided to run it as domain admin instead!