Week in Review

See what I did there?

Anyway. I’m finally noticed again on the Internet — I’ve already got some spam comments. I couldn’t help but chuckle to myself about them. On to the actual content.

This week has been busy, despite the feeling of lack of accomplishment. On the MSCA front, I’m a bit more familiar with the concepts in Chapter 1. My next step will be practicing some usage scenarios for DISM and more practice with deploying Nano server. Unfortunately, all I can really do are some contrived scenarios. The goal is to feel a bit more familiar with the commands necessary. The goal is not to memorize every possible switch with DISM or New-NanoServerImage.

There were a few challenges this week with my MSCA work. First, remote management via PowerShell. This has been my experience with remote management of Fedora and CentOS Linux systems.

  1. Open a terminal on a computer, which loads the BASH shell.
  2. Make an SSH connection to a computer I want to manage, or to a jump box, and from there make an SSH connection to the computer I want to manage.
  3. Upon making an SSH connection, I have a BASH shell available with whatever privileges are granted to the account I’m using.

There are differences between running PowerShell at the console for my Hyper-V host, and connecting to the Hyper-V host with PowerShell Remoting. My knowledge of PowerShell isn’t good enough to explain the exact differences, but here are a few that I’ve noticed.

  • Some commands seem to not work during a PowerShell Remoting session.
  • You cannot enter another PowerShell session from an existing PowerShell remoting session.

For example, deploying a Nano Server and attempting to domain join it with the -domainname parameter failed 100% of the time during PowerShell Remoting, but was successful from the console (using the exact same user account). Running the cmdlet with -Verbose revealed that the piece that was failing was djoin, which I thought was curious. Apparently using the -domainname somedomain parameter, actually results in doing an offline provisioning then domain join using djoin. I did not have a chance to try djoin alone from a remote powershell session.

The second example prevents you from using a jump box with PowerShell remoting. For example, From Host A, I cannot enter a PowerShell remote session on Jumpbox B, then within that session, enter another PowerShell remote session into Server C.

I suspect there are workarounds for these situations, and likely some particulars about PowerShell remoting that I don’t yet understand. I also understand contrasting SSH and PowerShell remoting is an apples::oranges situation. However, coming from an environment where “the” protocol used for remote management just works, to an environment where it sort of works is a bit frustrating. This wasn’t entirely a shock to me, as I’ve dealt with this before with trying to access SMB shares from a remote PowerShell session, but that doesn’t make it any less frustrating.

The final challenge deals with KMS. Let me be the first to say, I don’t expect Microsoft (understanding their licensing model) to just give me a KMS key to play with. That makes it a challenge to practice setting up a KMS server. By challenge, I mean it can’t be done. So while I understand conceptually what happens, and I can read about it in my cert book, I don’t see a way, legally, to get what I’d need to actually practice setting up a KMS environment. If there is a way, feel free to leave a comment about it, as I’m sure there are others who want to know.

There was more to my week than MSCA, but I don’t think it’s blog worthy. My overall goal is to not let the blog be neglected, so if I happen to stumble on some worthwhile content, I’ll make a post before another week goes by.

Leave a Reply

Your email address will not be published. Required fields are marked *