Getting Started With Nutanix and PowerShell

Now that I have my hands on some Nutanix hardware it was about time to play a little bit with the features that are available on the platform. All of the stuff we do in PRISM is linked to the REST API, Nutanix also has a PowerShell cmdlets which also leverages the REST API.

Downloading the Nutanix cmdlets can be done from within PRISM

In order to connect to a cluster use the follwing command line

NOTE: for security reasons we should store our passwords as a secure string, by declaring these as variables before starting PowerShell.

$user = «your prism user»

$password = read-host «Please enter the prism user password:» -AsSecureString

connect-ntnxcluster -server ip -username -password password –acceptinvalidcert (only if you are using the self-signed certificate)

After we have connected we can use other commands such as



Using the command get-command -module NutanixCmdletsPSSNapin will list out all cmdlets available in the snapin. Now most of the cmdlets have the same requirements in form of input as the REST API 

But not all cmdlets are properly documented, so during the course of the week I found out that there was one line of code that was crucial.

Get-ntnxalert | resolve-ntnxalert


And also for instance if someone has read my blogpost on setting up Nutanix monitoring using Operations Manager we can also use PowerShell to setup the SNMP config using these simple commands

add-ntnxsnmptransport –protocol “udp” –port “161” | add-ntnxsnmpuser –username username –authtype SHA –authkey password –privtype AES –privkey password

BTW: Here is a reference poster for all PowerShell cmdlets for Nutanix

Getting started with PowerShell management with Arista

In 2012 Microsoft Introduced (Open Management Infrastructure) OMI which allows for standard based management across different platforms. As of now Microsoft is working with Cisco and Arista to port OMI to their network switches. And also with the latest version of PowerShell DSC we can also use DSC against OMI servers running on these switches, stay tuned for more about that.

But this is a blogpost on how to get started with PowerShell management with Arista. We can download a trial from Arista’s website to run in a virtual enviroment.

After setup we need to configure a management IP and define the port parameters for the CIM session and deploy an ACL, then save the configuration.

interface management 1
ip address


management cim-provider
no shutdown
http 5985
https 5986


aaa root secret Password1

ip access-list OMI
10 permit tcp any eq 5985 5986


ip access-group OMI in

copy running-config startup-config

Now that the appliance is available we need to connect to it using a new-cimsession

# Since the computer does not trust the certificate we need to skipCAchecks
$nossl = New-CimSessionOption -SkipCACheck -SkipCNCheck -UseSsl

# Switch credentials
$password = ConvertTo-SecureString «Password1» -AsPlainText -Force
$credentials = New-Object System.Management.Automation.PSCredential( «root», $password )

# Create a session to the switch
$switch = «»
$session = New-CimSession -CN $switch -port 5986 -Auth Basic `
        -Credential $credentials -SessionOption $nossl

Now with WMF 5.0 we can use the included NetworkSwitchManager module to do management against the switches natively without knowning the diferent CIM classes.

For instance, we can use get-networkswitchfeature or ethernetport.


for instance we can define trunk ports and VLAN access


And as we can see from the running configuration that the parameters are set


Still there is alot missing from the NetworkSwitch module, hence we need to use the built-in CIM classes to do much of the management, stay tuned for more.

Howto create a custom RemoteApp image in Microsoft Azure

Finally its here! the ability to remote custom remoteapp images in Microsoft Azure. Before this we had a long process of creating a custom VM locally and sysprepping it and running a powershell command to upload the VHD file containing all our LOB to Azure. Those days are over! Smilefjes

Instead we can use this method to create remoteapp images. Setup a new virtual machine in Azure, choose from Gallery and there choose the “Windows Server Remote Desktop Session Host” VM this is the one that we  use to create our Image.


Then we provisoing the VM (Note this is automatically setup as an A3 because of the instance size on RemoteApp) Next we can install our applications that we need.

Next we run the ValidateRemoteApp image PowerShell script on the desktop (This will go trough all the prerequisites to setup the image.


Then do a sysprep and generalize

Run Sysprep

Then do a capture of the virtual machine so it is stored in the virtual machine library


Then we go into RemoteApp, templates and choose Import an image from your virtual machine library.



And we are good to go! Smilefjes

Automating Citrix Netscaler and PowerShell

This is something I have been wanting to do for some time now, and now that I am doing a lot of research for my upcoming book, this subject poped up in my head…. How can we automate setup on a Citrix Netscaler ?

Citrix Netscaler has a NITRO protocol which is in essence a REST interface, which means that we have an API to communicate with on the Netscaler. We can also make custom applications using C# and JAVA since within the NITRO SDK comes with common libraries for both.

You can download the Netscaler SDK for each build in
Link to the latest SDK –>

Extract the Csharp tar file and browse into the lib folder. Here we have to import the two library files.

$path1 = Resolve-Path Newtonsoft.Json.dll
$path = Resolve-Path nitro.dll

After we have imported the library files we can start a connection to Netscaler. First of we can either code the variables here NSIP, Username and password before or we can use read-host command. In this example the NSIP of the Netscaler is set to and the username and password is default nsroot Smilefjes As you can see security is my top priority Smilefjes

$nsip = «»
$user = «nsroot»
$pass = «nsroot»

$nitrosession = new-object com.citrix.netscaler.nitro.service.nitro_service($nsip,”http”)
$session = $nitrosession.login($user,$pass)

This COM object is the one that contains the common services against the Netscaler for instance

  • Login / Logout
  • Save Config
  • Restart
  • Enable / Disable features

If we wanted to for instance do a restart we would need to use the same object. For instance some examples to save config and restart.

$session = $nitrosession.save_config()

$session = $nitrosession.reboot($true)

Since the Com object is already loaded we can just run the commands directly. Just to name a few (refer to the SDK documentation for info about all the classes)
So what are some of the basic configurations that we need to do on a Netscaler? First of we need to change the default hostname for instance.

$hostname = New-Object com.citrix.netscaler.nitro.resource.config.ns.nshostname
$hostname.hostname = «NSpowershell»;

Next we should also add an DNS server to the Netscaler so It can do hostname lookups.

$dns = New-object com.citrix.netscaler.nitro.resource.config.dns.dnsnameserver
$dns.ip = «»;
$ret_value=[ com.citrix.netscaler.nitro.resource.config.dns.dnsnameserver]::add($nitrosession,$dns)

And then if we want it to do load-balancing we first need to add a server or two which we want it to load-balace.

$server1 = New-Object com.citrix.netscaler.nitro.resource.config.basic.server
$ = «Powershell»;
$server1.ipaddress = «»;  

Next we need to bind that server to a service.

$service1 = New-Object com.citrix.netscaler.nitro.resource.config.basic.service
$ = «IIS»;
$service1.servicetype = «HTTP»;
$service1.monitor_name_svc =»http»;

And lastly create a load balanced vServer and do a service to vServer binding.

$lbvserver1 = New-Object

$lb_to_service = New-object
$ = «lbvip_sample»;
$lb_to_service.servicename = «IIS»;

And of course lastly remember to save the config of the Netscaler

So there you have it, some example Netscaler/PowerShell commands! I just getting started here myself so I will return when I have some more usefull commands and im going to make a custom setup script as well Smilefjes

Excalibur and Orchestrator Magic

When Citrix released Excalibur they also included a whole bunch of Powershell which allows you to run Powershell cmdlets to alter anything.
If you are inside the Studio console you can see that there is a PowerShell window there, which shows all of the cmdlets that you have run.

and how does this help ? With the combination of Orchestrator, we can add automation to the equation.
What if we could automate the assignment of application to users via Orchestrator? and we could also add an approval workflow if we used it with Service Manager.
If a new users want a set of 20 new desktop for his or hers company we could create a new workflow which would run a PowerShell script against MCS and do this automatically.
However, I’m not going to go ahead of myself here, this is a start post to show what we can do with the provided PowerShell modules.

First I’m going to show how to import the modules that Citrix provides in this release.
Head over to the Studio server and open Powershell ISE
From there you can run this import commands.

There are more modules but these cover most of the administrative tasks.
If you refresh the ISE modules list now, the Citrix components will show up.

If we created a simple «Publish Application task» We can use the New-BrokerApplication to publish notepad.

New-brokerApplication -CommandLineExecutable C:\windows\notepad -displayname notepad -Applicationtype HostedonDesktop

NOTE: A bit of advice if you are unsure of how the cmd should look like, create an application with the wizard and extract the info after using the get-brokerapplication cmdlet.
Now we have a functional PowerShell cmd to publish Notepad to the studio.

So we know now that we have to import the modules first, then we can run the command to publish notepad, but how do to this via Orchestrator?
First set set-executionpolicy unrestricted on the Studio server.

And your script should be saved.

Now we simplest way is to use the Run Command activity in Orchestrator

I saved the script file locally on the Studio server, and the script looks like the output from the PowerShell ISE above.
So when I run this runbook what happens ?

This just publishes the application in Desktop Studio, it still isn’t assigned a user yet, that requires a bit more in PowerShell ill come back to that later this is just to show the abilities you have with Excalibur and PowerShell

Automating Configuration Manager 2012 SP1 with PowerShell

First part of this series, I showed how you could run and install all the necessary prerequisites silent and automated, this time I will write a bit more instead of just adding the commands.
In Service Pack 1, Configuration Manager will finally include cmdlets for PowerShell this allows for a scripted and automated setup process. Therefore I took the liberty of creating this post which will show you how-to.

Now with this you can actually create a script for a new customer (If you already have knowledge of the customers infrastructure) with contains all the necessary you need to setup a fully site. Then where you are at the customer, run the script and take the rest of the day of.

Now what do we need in order to setup a fully Configuration Manager site?

We need a boundary group (Which contains a boundary, refer my earlier post –> ) Which again contains a distribution group and is assigned a site.
And we need to activate discovery objects to fetch information such as Users, Group, Computer objects.
We also need to setup AD publish (In case we did a manual ConfigMgr site agent install we wouldn’t have to setup this but for the administration ease we are going to do so)
Next we are going to Create Computer Collection which is going to include our test servers. We are also going to Create User Collection b
After that we are going to Create an application which we are going to deploy to our computer collection

All using PowerShell.
Now in order to start PowerShell against Configuration Manager, just click the file button inside the Console and press the Connect using PowerShell.

You can use the get-command –module ConfigurationManager to show all the commands available for Configuration Manager
You can also use the get-help cmdlets if you are unsure of the parameters that you need to use.
Also you can use the get-help cmdlets –examples if you want to show some examples.

NOTE: Will trying to get this fully automated, I find its hard with the current release of the PowerShell cmdlets but still I’ve gotten far.  So this post will be updated periodically.

Create a new Boundary: New-Cmboundary -type ADsite -value «Default-First-Site-Name»

Create a new BoundaryGroup: New-CmboundaryGroup -name Test -DefaultSiteCode TST

Add boundary to group:
Add-CMBoundaryToGroup -Boudaryid 16777218 -GroupName «Test»

I got this BoundaryID using Get-CMboundary since the command didn’t parse the value ID properly.

You can use the Get-Cmboundary and Get-CmBoundaryGroup to view the values. And you need to add the site code to the command so it assigns
that as the default site for the boundary group.

Get info from Active Directory Forest: New-CMactiveDirectoryForest -ForestFqdn demo.local -EnableDiscovery $true

Install Configuraiton Manager Agent: Install-CMClient -DeviceName ConfigMgr -includeDomainController $false -AlwaysInstallclient $false -SiteCode TST

Create a new device collection: New-CMdevicecollection -name «My Servers» -LimitingCollectionName «All Systems» -RefreshType Manual

Still more to come

Windows Server 2012 deployment via PowerShell

Now with the release of Windows Server 2012, Microsoft has added a huge huge huge improvement in PowerShell, there are about 2400 cmdlets available, and Microsoft have said that there are more to tome.
Just to display how easy it is, I thought Id give a walkthrough deployment of a simple Server 2012 farm.
1x AD Domain Controller
1x RDS server session deployment with remoteapps.
1x File Server using data DE duplication and used for serving the user profile disks on the RDS server with NIC teaming. And Having 3 disks in a storage space and volumes using disk parity.

Now we are going to host all of these 3 servers on a WS2012 Hyper-V server. So first of we create a virtual network where these hosts are going to be.

First we create the switch

New-VMswitch –name vm-switch –switchtype internal

Then we create the first virtual machine and add it to that internal network.

New-VM -NewVHDPath e:\vm\ad.vhdx -NewVHDSizeBytes 20GB -BootDevice CD -MemoryStartupBytes 2GB -Name AD
Remove-VMNetworkAdapter –VMName AD –Name “Network Adapter”
Add-VMNetworkAdapter -VMName AD -Name «Network Adapter» -SwitchName vm-switch

After that we can boot the first computer. This is going to be our domain controller, and for the purpose of this demonstration we are going to install this as a Server Core server. (Server Core is a stripped down server which basically gives you an command prompt that you can work from.
IF you wish to manage the server you either need to use sconfig, PowerShell or Server Manager

If you wish to install full GUI on it afterwards you can do this using the commands

Install-WindowsFeature server-gui-mgmt-infra,server-gui-shell -source:wim:d:\sources\install.wim:4 –restart

If you look at the last command there you see that I needed to specify the source (Because when I install with Server Core it removes all the unnecessary binaries from the install so you need to insert the installation media and in my case it was ISO file on the D: drive.  And I also needed to specify the install WIM file and the WIM file contains the images for Datacenter and Standard Core and with GUI so the number 4 states Datacenter with GUI.

When the server is up and running we have to configure the network, domain name and such.

New-Netipaddress –ipaddress –interfacealias «Ethernet» –Prefixlenght 24
Set-DnsClientServerAddress -InterfaceAlias «Ethernet» -ServerAddresses
Rename-computer adds

This will add the IP address of on the interface Ethernet with a subnet mask of /24
And set the DNSclient to itself (since the ADDS installs DNS as well)
Renames the computer ADDS and does a restart.

After that we install ADDS. This is the simplest setup and uses most of the default values.

Install-WindowsFeature AD-Domain-Services -IncludeManagementTools
Install-ADDSForest –DomainName test.local

This will install a ADDS domain service on this server (as well including DNS server) with the domain name of test.local
after that you have to restart the computer. When the server is finished booting, you have a fully functional domain server so now its time to install the RDS server.

New-VM -NewVHDPath e:\vm\rds.vhdx -NewVHDSizeBytes 20GB -BootDevice CD -MemoryStartupBytes 2GB -Name RDS
Remove-Vmnetworkadapter –Vmware RDS –name “network adapter”
Add-VMNetworkAdapter -VMName AD -Name «Network Adapter» -SwitchName vm-switch

So now we run the same create vm command as we ran before just change the name and file name.
We install a full server with GUI this time since we want the remote desktop users to get a full desktop Smile
After the server is finished installing we need to setup the basic stuff as we did before.

New-Netipaddress –ipaddress –interfacealias «Ethernet» –Prefixlenght 24
Set-DnsClientServerAddress -InterfaceAlias «Ethernet» -ServerAddresses
Rename-computer rds
Add-Computer -Domainname test.local –Credential

This time we set the DNS client to point to the AD server. And change its name and join it to the domain. After the restart we have to install the RDS server role.
As we are going to host all the server roles on the same server (not very secure or recommended but simple Smile 

New-RDSessionDeployment -ConnectionBroker test02.test.local -WebAccessServer test02.test.local -SessionHost test02.test.local



Remove-RDSessionCollection QuickSessionCollection

New-RDSessionCollection -Collectionname Statistikk -sessionhost test02.test.local -connectionbroker test02.test.local

New-RDremoteApp -Collectionname Statistikk -Alias Notepad -Filepath C:\windows\system32\notepad.exe -ShowInWebAccess 1 -ConnectionBroker test02.test.local -Displayname skriveskrive

Now what this does is to 1: Install the RDS server roles and point to where each server role is located, and then restart the computer.
After that is done it removes the QuickSessionCollection as is created by default when using Quick Deployment.

Creates a new collection and points to which sessionshost and connection broker is included in this collection.
Then it publishes the application Notepad and makes in available to users via the RDweb portal.  And note I didn’t set up user profile disk on the RDS server yet since we need to set up the file server before we do that.

Now we have to create the file server, now this server needs to have multiple network cards and multiple disks in order to have High-availability.
So we start by creating the VM with multiple nics and hdds.

New-VM -NewVHDPath e:\vm\rds.vhdx -NewVHDSizeBytes 20GB -BootDevice CD -MemoryStartupBytes 2GB -Name FS

New-Netipaddress –ipaddress –interfacealias «Ethernet» –Prefixlenght 24
Set-DnsClientServerAddress -InterfaceAlias «Ethernet» -ServerAddresses
Rename-computer fs
Add-Computer -Domainname test.local –Credential

So here we create a fileserver virtual machine with 2 NICs and 3 virtual harddrives.
Drive 2 and 3 will be used for a storage pool with mirrored setup. Now setting up two virtual drives in a mirrored setup doesn’t make much sense but this is just to show how easy and flexible the deployment is.
Now after the server is finished installign and has joined the domain we can start by setting up the NIC teaming.

New-lbfoteam –name Test –Teammembers «ethernet 2», «ethernet» -loadbalancingalgorithm Ipaddresses –teamingmode switchindependent –teamnicname SuperPowah

You can run the command

get-lbfoteam and get-lbfoteamnic

To see the status of the team and the NIC (If its up and down or not )
Now what this does is to create a new load balance and failover team called Test, and it includes the two interfaces ethernet 2 and ethernet and the load balancing algorithm is based on IP addresses, and I choose the teaming mode switch independent and the team nice is called SuperPowah. Now that we have done that the first NIC loses it’s IP address settings so now we have to setup an IP setting for the new NIC name SuperPowah

New-Netipaddress –ipaddress –interfacealias «SuperPowah» –Prefixlenght 24
Set-DnsClientServerAddress -InterfaceAlias «SuperPowah» -ServerAddresses

Next we have to install the dedup features (Which is not installed by default. )

Install-windowsfeature FS-data-deduplication

By default the schedule for a dedup job is set to default 5 days, but that can be changed. You can also run it manually by running the command.

Start-dedupjob –volume e: –type optimization

You can view the status by running the command


If you wish to remove dedup from a disk you can run the command

Start-dedupjob –volume e: –type unoptimization

Next we create a new folder on the new share then we share the folder.

mkdir userdata on C:\
new-smbshare –path c:\userdata –name userdata

Now after that share is created. We have to update the RDS collection configuration

Set-RDSessionCollectionConfiguration –Collectionname statistikk –EnableUserProfileDisk –diskpath \\fs\userdata –MaxProfileDiskSizeGB 40

So there you go, I will try to update this with some other scenarios as well.