Git and Text Editor Notes for Windows 10

This post is just some notes to remind me how I like to setup a Windows 10 machine for editing scripts.

 

Install and configure Git
First step, install Git. Download the git installer. After downloading, run the installer and accept the default settings.

Then add posh-git for Powershell :
Open a Powershell window “as Administrator” and execute the following :

set-ExecutionPolicy bypass
git clone git://github.com/dahlbyk/posh-git.git
cd posh-git
./install.ps1
. $PROFILE

 

Install and configure Sublime Text
Start by downloading and installing Sublime Text. Accept the default settings during installation.

Next, we want to be able to launch Sublime Text from the command line. To do this we need to make some changes to our environment variables.

First create a new system variable with a name of SUBLIME and a value of C:\Program Files\Sublime Text 3

Add a system variable named SUBLIME and set the value to the path to Sublime Text

Next, Edit the user variable Path and append ;%SUBLIME% to the end.

Now we can simply use subl.exe to launch the editor from a command line.

I like to add some packages to Sublime Text to make it more useful. To do this, first install Package Control. To do this, visit the Package Control site and follow the instructions.

After installing package control, we can install some packages. Open Sublime Text and press Ctrl-Shift-P. Start typing install into the search box and choose Package Control: Install Package You can now search for useful packages. I like to install support for Powershell and VBScript.

 

Reference Links
http://learnaholic.me/2012/10/12/make-powershell-and-git-suck-less-on-windows/
https://scotch.io/tutorials/open-sublime-text-from-the-command-line-using-subl-exe-windows

Building a Signed Package with The Luggage

Recently I wanted to be able to sign a package that I was building with The Luggage.

Since The Luggage is calling pkgbuild to build the package, I took a look at the pkgbuild documentation and determined that the following argument was needed :
--sign "Common name of signing cert"

The question then became : how to add this to my Makefile? Taking a look at luggage.make I saw that PB_EXTRA_ARGS is the variable used to contain the arguments for the pkgbuild command.

To add my signing argument, I simply added this line :
PB_EXTRA_ARGS+= --sign "Developer ID Installer: John Doe (ID12345678)"
This appends my –sign argument to the list of pkgbuild arguments and can be placed anywhere after the statement that includes luggage.make.

Enabling Syntax Highlighting for vim in Mac OS X

Mac OS X ships with the vim editor, which supports syntax highlighting.  By default, however, syntax highlighting is not turned on.  Fortunately it is not hard to enable it.

Settings for vim are controlled by two files, one controlling settings globally and the other controlling settings for the user.  /usr/share/vim/vimrc is the file that will control the global settings.  changes made to this file will affect all users of the machine. On a new build of 10.9, here is what the file contains :

" Configuration file for vim
set modelines=0 " CVE-2007-2438

" Normally we use vim-extensions. If you want true vi-compatibility
" remove change the following statements
set nocompatible " Use Vim defaults instead of 100% vi compatibility
set backspace=2 " more powerful backspacing

" Don't write backup file if vim is being called by "crontab -e"
au BufWrite /private/tmp/crontab.* set nowritebackup
" Don't write backup file if vim is being called by "chpass"
au BufWrite /private/etc/pw.* set nowritebackup

The file for controlling vim settings for the user is ~/.vimrc By default, this file does not exist. To turn on syntax highlighting, we can simply create a text file by that name and add this line :

syntax on

vim will now use syntax highlighting the next time a file is opened. But what if you don’t care for the default color scheme? We can set the color scheme by adding a second line to the .vimrc file like so :

syntax on
colo desert

My favorite color scheme is desert, I find it works nice with my preferred Terminal color scheme (Homebrew). To see what color schemes ship with Mac OS, look at /usr/share/vim/vim73/colors The .vim files in this directory are the color schemes. Just try different ones by changing the .vimrc file and find the one you like best.

Powershell Script to Query for Bitlocker Keys in Active Directory

In my organization, we are using Bitlocker to encrypt Windows 7 computers. We are storing the recovery keys in Active Directory, this stores the key as an attribute of the computer object. I recently wanted to generate a report of the bitlocker status of the computer objects in AD. I found out I could do this pretty easily in Powershell, and thought I would document that here.  My inspiration for this script came from this Technet Gallery script

To start, we need the Quest ActiveRoles Management Shell for for Active Directory.   This is available for free from Quest and can be downloaded from here.  This should be downloaded and installed on the workstation that is going to be used to run the script.  With this installed, we are ready to take a look at the script.

# Check to make sure the path has been specified otherwise display a message and exit the script
param([string]$CsvFilePath)
if (!$CsvFilePath) {
Write-Host ""
Write-Host "Path not not specified!"
Write-Host "Please specify the path for the output as a parameter e.g. : "
Write-Host ".\Get-BitlockerComputerReport.ps1 """c:\reports\BitlockerReport.csv""""
Exit
}

Continue reading

More on Displaying the Bitlocker Wizard with Windows 8 and MDT 2012 U1

I a previous post, I detailed how to get the Bitlocker wizard page to appear when deploying Windows 8 pro.

I recently confirmed another case where the wizard does not show up. I became aware of this thread on Technet because another user linked to my previously mentioned blog post.

I was able to confirm after a bit of testing, that when using the Windows 8 Enterprise evaluation media, MDT does not show the Bitlocker wizard page. At this point, I am not sure of the reason for this.

Sending Email Notification from MDT 2012

In my recent rework of my Build and Capture sequences that are used for updating my reference images, I thought it would be nice to have an email notification when the process was done.  This post is to show how I did this.

I did this using Powershell’s Send-MailMessage cmdlet.  This provides a simple way to send a message via SMTP, and this MDT 2012u1 provides support for Powershell scripts it seemed a logical choice.  Since I wanted to send the message at the end of a Capture process, I needed to be able to send the message from the WindowsPE environment. Continue reading

Of Black Boxes and Complex Systems

I am currently re-reading John Lienhard’s The Engines of Our Ingenuity and I came across this nugget that I think we can apply to IT.

We must teach students that someone else’s subject matter is not a black box, that those boxes can and must be opened.  What one fool can do, another fool can also do, and any student is smart enough to open any other student’s black box.  That in turn brings us back to the matter of systems.  Once we realize that we cannot deal with part of a system in isolation, it becomes very clear that encasing knowledge in boxes is one of the most destructive things we do. [page 171]

I find that last sentence to be very powerful.  While Lienhard is talking about educating engineering students in this passage, I feel that this can be applied to IT organizations.  If we allow ourselves to become too compartmentalized, then we are less efficient at trouble shooting and will provide less satisfactory service to our constituents.

Don’t misunderstand me here, I understand that there  is a place (and even need) for a separation of duties and a system of checks and balances.  The problem arises when we start guarding information and building silos around our disciplines. When we do this, we make both ourselves and those around us less effective.

Edit : For more from John Lienhard visit www.uh.edu/engines

Displaying the Bitlocker Wizard Pane with Windows 8 Pro and MDT 2012 Update 1

Using MDT 2012 Update 1 with ADK, I built and captured a Windows 8 Pro image to enable my institution to more easily do some testing with Windows 8. After setting up a task sequence to deploy this reference image I noticed something unexpected. When choosing the Win 8 task sequence, I was not presented with the Bitlocker wizard pane. The wizard pane was showing up fine for my Win 7 task sequences.

I posed the question on the MDT-OSD email list, and Michael Niehaus to the rescue! Turns out there is logic in the MDT scripts to determine if the edition of Windows is a “Premium SKU” to determine what features are available. Since I was using Windows 8 Pro instead of Enterprise it was not getting marked as a premium SKU.

Of course, since Win 8 Pro does support Bitlocker (Win 7 Pro did not), this is a bug. A user posted a bug report to Microsoft along with some work around code. If you have a Connect account, you can see the bug report here.

The work around :

In ZTIUtility.vbs add the following two lines of code after line 3846 :

</p><p></p><p>case "PROFESSIONAL", "PROFESSIONALE", "PROFESSIONALN"</p><p> If Left(oEnvironment.Item("OSCurrentVersion"), 3) &gt;= 6.2 Then IsHighEndSKUEx = True</p><p></p><p>

Update 1-14-2014 :

Hat tip to this Post on MDT2012.com. This bug still exists in MDT 2013 and Windows 8.1 has been released since the writing of this post. The above lines of code have been changed to allow for Windows 8.1 (changed from equal to greater than or equal).