What is the proper way to check if HyperV is running? - powershell

I am trying to write a powershell script to install and set up Hyper-V machines. The install seems to be ok, however, I get contradictory responses from the system.
Basically, I use the (gcim Win32_ComputerSystem).HypervisorPresent to determine if HyperV is running.
It return False.
There is a similar class with the same member (gcim CIM_ComputerSystem).HypervisorPresent what is also returning False.
Also found this question How do you check to see if Hyper-V is enabled using PowerShell?
and this state property is Enabled
Do I miss something? These queries aren't the same? Could you point if any of these are deprecated?
Am I totally fooled, and Enabled means the system is capable to run HyperV, but actually it is not running?

CIM and WMI are a long tale but the short summary is that WMI is a Microsoft implementation of the OMI Standards defined by the DMTF, the Distributed Management Task Force, to come up with an industry wide standard. So, of course, creating one new standard resulted in a bunch of different implementations, which are basically their own standard.
But otherwise CIM and WMI can be thought of as different gateways to the same information for Windows computers. Different doors to the same house. More on that history and the distinctions here.
When I run the PowerShell commands you shared (either of them) on my machine with Hyper-V present, even when running as a standard, non-admin user, I get True back for both.
You can also check to see if the BIOS firmware has virtualization enabled by looking in the CIM_Processor class.
(Get-CimInstance win32_processor).VirtualizationFirmwareEnabled
True
You could also check to see if the Windows Feature is installed but that doesn't give you the full picture (what if the Windows feature is enabled in an image applied to a machine without virtualization components enabled in the BIOS, for instance.)
[ADMIN] C:\>(Get-WindowsOptionalFeature -FeatureName Microsoft-Hyper-V-All -Online).State
Enabled
Also, that technique 👆 requires admin permissions.
Another way, and maybe the easiest is to check is to see if the Hyper-V Computer Service is running, which is needed for any VMs to launch, and can only run if everything else on the machine is done correctly to enable Hyper-V.
Get-Service vmcompute
Status Name DisplayName
------ ---- -----------
Running vmcompute Hyper-V Host Compute Service
We used to deploy servers with a MDT Task Sequence and enable Hyper-V along the way. It required reboots and special commands to run to apply the right bios settings. Then, we could enable the Windows Features, but those required two reboots, so it was quite tricky to handle with most imaging systems. Our final 'Sanity Check' was whether the Hyper-V compute service was running.

Related

Remote Execution of "get-process" Fails, Couldn't Connect to Remote Machine

In my workplace, we administer hospital intensive care PCs (Windows 7 desktop clients) that are meant to be on and running a particular program in near-perpetuity. To that end we've developed a few powershell scripts that run every 5 minutes and alert us whenever the PCs drop off the network or the processes / programs we require crash.
Our program monitoring script relies on the powershell cmdlet "get-process" run remotely by an admin-credentialed account. The script works on all of our PCs except one and we haven't been able to determine what's causing the failure.
At its most basic, the command looks something like
get-process -computername [hostname]
When pointing toward our problem PC we get the error
Get-Process : Couldn't connect to remote machine
Our research indicates that this is likely caused by permissions, firewall, or remote registry service problems. We've triple-checked and on this PC and
the monitoring account has admin privileges, no firewall is active, and remote registry service is on and set to start automatically. The code works when run on the local machine but not when run remotely.
Similar powershell cmdlets run remotely, like "get-service", work with no issues. As noted above "get-process" runs successfully on our other PCs. Any insight into this strange issue would be appreciated.
One thing to note is that the Invoke-Command workaround that has been offered in answer to other, similar questions doesn't work on this PC or any of our others.
Have you tried validating the all RPC services are up?
1.Remote Procedure Call(RPC)
2.Remote Procecure Call(RPC) Locator
3.Remote Registry (You said it's up though)

Running BitsTransfer from Local Service account

I am working on making some scripts to make my job a little bit easier.
One of the things i need is too download some files to use. I first used powershell with the command Invoke-WebRequest.
It is working really well, however it dont run on windows 7 computeres, as they have powershell 2. As i have about as many windows 7 pc's as win 10 i need to find another way.
I found that Start-BitsTransfer is a good way that should work on most computeres. My problem now is, that when using the script via my remote support session it runs the script on the local service account, and then BitsTransfer wont run and gives me an error. (0x800704DD)
Is there a way to get around that problem, or any command that can be used on both win 7 and 10 and run from the local service account?
You should update PowerShell as gms0ulman states, but if you are not the person who is in charge of this decision, you have to take other steps.
This error code...
0x800704DD
The error message ERROR_NOT_LOGGED_ON, occurs because the System Event Notification Service (SENS) is not receiving user logon notifications. BITS (version 2.0 and up) depends on logon notifications from Service Control Manager, which in turn depends on the SENS service. Ensure that the SENS service is started and running correctly.
By default, BITS runs under the LocalSystem account. To modify, stop or restart BITS, you must be logged on as an administrator. In your situation, when you log on a regular account and start the PS in elevated privilege, the BITS doesn’t run under regular user account. To resolve it, you may need to configure the log on user for BITS. Please visit the following link to configure how a service is started.
Configure How a Service is Started
Services are often run with default settings — for example, a service
may be disabled automatically at startup. However, you can use the
Services snap-in to change the default settings for a service. This is
useful if you are troubleshooting service failures or if you need to
change the security account under which a service runs. Membership in
Account Operators or Domain Admins, Enterprise Admins, or equivalent,
is the minimum required to complete this procedure. Review the details
in "Additional considerations" in this topic.
https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc755249(v=ws.10)
I also agree that you should not continue supporting PowerShell 2.0. Ideally, ditch Windows 7 (it's way too old now), if you can't do that, upgrade PowerShell, if you can't do that, find a new job, if you can't do that, then I guess bring on the workarounds!
postanote's answer covers the BITS angle.
The other thing you can do is just use the .Net framework's underlying libraries, which is exactly what Invoke-RestMethod and Invoke-WebRequest do (those cmdlets were introduced in PowerShell 3.0, but the guts of them were around much longer).
try {
$wc = New-Object -TypeName System.Net.WebClient
$wc.DownloadFile($url, $path)
finally {
$wc.Dispose()
}
Most people don't bother disposing IDisposable objects in PowerShell so you'll see a lot of shorthand around like this:
(New-Object Net.WebClient).DownloadFile($url, $path)
Which is probably fine if your script's process isn't going to be around for a while, but it's good to keep in mind in case you incorporate this into something of a larger scale.

iot-core custom oem image/ffu: crashing only in custom oem/ffu image. Bottom line: looking for a unique board ID

We have an iot-core UWP, headless app that runs fine (for months, hundreds of devices) when deployed directly from Visual Studio 2015 or as an App onto the retail iot-core distribution. In order to avoid over-air-update problems caused by recent automatic iot-core updates, we are trying to get a custom oem image/ffu built and deployed to the microsoft store. However, even after walking through the documentation/examples in detail, our app is still crashing when we deploy our oem image/ffu.
UPDATE
OK, no debugger still, but I found where it crashes, now is the question why the oem-ffu behaves differently from the side-deployed code (our code is identical) Since iot-core/UWP provices no way to get the board-UUID, I use the MAC of the primary network interface. To get this, I use this http://embedded101.com/BruceEitman/entryid/676/Windows-10-IoT-Core-Getting-the-MAC-Address-from-Raspberry-Pi which requires that a webserver be running, which it normally is, otherwise the console webapp would not work. However, on the OEM-Custom-Build-Version I get a crash in this routine. I don't know where since I can't debug, but it crashes, and I get a null back, which causes my azure storage connect to crash. I do not block processing since I have a retry loop... Anyway, what is the difference or what must we do to enable this code to also work in the OEM build?
The grass roots issue is: all I really need is a unique ID for the RPi board from somewhere... which does not seem possible via C#!? See How to get the processor serial number of Raspberry PI 2 with Windows IOT
So it looks like my MAC-Address solution above was the best we can expect at the moment, but doesn't work on the oem build. Why?
If your purpose is to avoid problem with auto update, you can use powershell script or putty to disable auto-update. Will that work for you?
Below is the command line you can use to disable auto-update,
Use powershell or putty to connect to pi using administrator
sc.exe config wuauserv start=disabled
sc.exe query wuauserv
sc.exe stop wuauserv
sc.exe query wuauserv
REG.exe QUERY HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv /v Start

Remote execute Power Shell scripts to collect data

I am looking to collect data snapshot on a random interval from various machines in our network that we don't own, but may get access to install an agent to collect these data.
These machines are either in a domain or work-group and kind of data i get are based on the role they play and information they have. The machines are "Windows Server 2003" and above and I do not want to install anything on those machines before i get started, so thought I can use the PowerShell scripts that I can remote invoke form my server and pass the script it has to run to return the data.
I was wondering if this is possible to do that with the PowerShell scripts and as this is supposed to run in a secure environment, is there any major security implications with this approach. i.e. do I need to do anything on the client machines that can make them vulnerable to security threats.
BTW these machines are not exposed to internet and are behind a firewall.
I would appreciate if you point me to any other alternatives that can be useful for my analysis.
Regards
Kiran

How to determine if EMC PowerPath is installed on an ESX host using PowerCLI

TL;DR How can I use PowerCLI to determine if EMC PowerPath is installed on an ESX host?
I am attempting to write a script that will perform a host-masking operation when moving a LUN from one storage group to another. This is to accommodate the All Paths Down error that can occur due to a race condition in ESX 4.1. The steps are described in VMWare KB 1015084 and 1009449. These steps are written for use from the service console. I want to avoid scripting SSH activity and instead do the entire thing in Powershell/PowerCLI.
In our environment, we are using EMC PowerPath on most - but not all - of our hosts. This LUN masking only needs to be performed on hosts where PowerPath is installed, so I am attempting to test each host to determine this.
I have been pulling my hair out trying to determine how to do this with PowerCLI. If connected to the ESX service console, the command esxcfg-mpath --list-plugins will show if PowerPath is installed. In the vCenter GUI, it can be determined by:
Select Host -> Configuration -> Storage Adapters -> Select Adapter -> View Devices -> Examine "Owner" column
Using get-scsilun in PowerCLI returns an object that contains all this information except this Owner column.
I am stumped. I had hoped that a get-esxcli object would have some kind of equivalent methods, maybe in satp or nmp, but so far I can't find anything.
As suggested, I'll answer my own question:
The answer is: $esxcli.corestorage.plugin.list() will return a list of plugins installed on the host.
To get this information from PowerCLI 6.5 you can use the following:
(Get-ESXCLI -VMHost <host>).Storage.Core.Plugin.List()