For the last few months, I’ve been getting more and more infuriated with my PowerShell sessions opening in a tiny raster font (4×6). On a high resolution display like the one on the Surface Pro 3, that’s a complete pain and, whilst I could change the font in the properties for that session, it wasn’t “sticky”, with an error that said:
Error Updating Shortcut
Unable to modify the shortcut: Check to make sure it has not been deleted or renamed.
For reference, I’m experiencing this on Windows 8.1, 64-bit and it only applies to the Windows PowerShell shortcut and the Microsoft Azure PowerShell shortcut – not to the PowerShell ISE, nor to the various shortcuts created by modules like the SharePoint Online Management Shell, Lync Server Management Shell or the Windows Azure Active Directory Module for Windows PowerShell.
Solving the “stickiness” of my changes was simple enough – I asked our support team to change the permissions on the shortcut to allow Users to Modify it – but I still couldn’t get it to stay on my preferred setting: Lucida Console 20.
I could set it to Consolas, or raster fonts (urgh), but Lucida Console just wouldn’t stick. It’s been recorded as a bug in Microsoft Connect for a couple of years but there’s no sign of a fix yet (not even in Windows 10).
Being unable to set the default PowerShell font to Lucida Console seems to be a widely recognised problem. Various options are discussed on this SuperUser post including that it may be a language issue. Others have suggested the issue is the space in the font name, with a workaround that involves installing a new font and editing the registry (not an option for me without administrator permissions). I also looked at using the SetConsoleFont module to change the font within my PowerShell profile but struggled to work out the settings I would require.
In the end, I gave up and accepted that Consolas 24 is vastly preferable to a 4×6 raster font!
For a long time now, the default behaviour in OneDrive for Business has been to provide a folder (called “Shared with Everyone”) which is an easy way to share files with everyone in the organisation. By default, the permissions on this allow editing of files in the folder by “Everyone except external users” (and guest links can be provided for others – either on a view-only or an edit basis).
From 1 August 2015, Microsoft changed the default setting for OneDrive for Business so that the Shared with Everyone folder is no longer provisioned. It can be created manually by a user, or the tenant settings for the entire organisation can be set to provision the folder by default:
Set-SPOTenant –SharingCapability Disabled –ProvisionSharedWithEveryoneFolder $true
It’s also possible to remove users’ ability to use the “Everyone,” “All Users” and “Everyone except external users” groups from the people picker in OneDrive for Business and SharePoint Online with the following commands:
Set-SPOTenant -ShowEveryoneClaim $false
Set-SPOTenant -ShowEveryoneExceptExternalUsersClaim $false
Set-SPOTenant -ShowAllUsersClaim $false
Enabling them is achieved with the equivalent commands but set to
One of the side effects of no longer having a company car is that I’m having to take direct responsibility for maintenance again. It’s a world away from my days of learning how to maintain my Mum’s 1980 Ford Fiesta! For example, I recently learned how the wiring in modern cars is totally changed so that it uses a controller area network (CAN) and a serial bus to integrate the various electronic components and to reduce the amount of physical wiring in use. This CANbus system uses common wiring (CAN high and CAN low) and each device communicates using its own frequency… or at least that’s how it was explained to me.
Last month, I had a new car stereo fitted in my family’s 2008 Golf. The Pioneer DEH-4700BT was a bargain at just under £79 (from Halfords) including Bluetooth connectivity to multiple phones for calls and media playback but, by the time fitting and the various cables/adapters/fascia components had been added, the cost had gone up by another £100!
I’m amazed what a difference the new head unit makes on the existing speakers (apparently manufacturers tend to over-specify the speaker to avoid warranty claims if they are “blown” early in the vehicle’s life) but I also learned a little about the car electrics whilst it was being fitted for me.
Initially, the unit was wired in with a live feed taken from the cigarette lighter socket; however that wasn’t needed once all of the necessary parts arrived – the final piece being a stalk control adapter for integration with the steering wheel controls (I can re-use the permanent live if I buy a dash cam in future). Unfortunately, the use of these third party interfaces to the Volkswagen CAN has an interesting side-effect as it seems it listens for control on a range of frequencies, rather than a specific signal. This means that, when I use the steering wheel controls to adjust the car’s multi-function computer (e.g. to switch from fuel economy to distance driven), it skips forward/back a track on the stereo! One workaround is to switch the stereo to Aux input before changing the computer settings, then switching back again – but it is a bit clunky really!
I’ve since found a Mk5 Golf GTI forum post that suggests using Volkwagen’s own single-DIN facia unit and a Connects2 steering wheel interface. It certainly looks like a better finish but having already shelled out over £100, our car (which is certainly no GTI) will keep the AutoLeads version for now (I have an AutoLeads PC99-505 with PC99-SON, which I’m told is the same as the PC99-PIO Pioneer version, a PC2-75-4 harness adapter and an FP-17-03 fascia adapter with removable pocket).
I’ve been trying to write a weekly Windows 10 blog post but this week has been incredibly hectic and the planned post on Windows Hello isn’t complete yet. Hopefully that will come next week…
In the meantime, I’ve been looking at updating Office on some of my PCs. Regular readers may recall that I wrote about Office 365 Home last month. I’ve been waiting for theh Windows Update process to tell me that Office 2013 was ready to be updated to 2016 but it seems that’s not how it works. Instead, log into your Office account and click install. This will then download an installer that does the rest of the work for you and a few minutes later you’ll have the latest Office apps (replacing the existing 2013 versions).
Some more mini-snippets, this week with a focus on Windows 10 and Office/Office 365.
Windows 10 shortcuts and other productivity guides
A few days ago, I added a link to my delicious account with a useful list of shortcut keys for Windows 10. Quite why it’s a Word document downloaded from the Microsoft Download Center is anyone’s guess but I did find it’s one of many potentially useful productivity guides at the Microsoft IT Showcase.
Office and Office 365 training
Another resource for IT training materials, particularly around Office (and Office 365) is the Office Training Center. I’m a little embarrassed that it was one of my customers who alerted me to this… but it’s worth knowing about, with some useful guides for users – for example this quick reference card for OneDrive for Business.
In common with most platforms, Office 365 has a mechanism of password policies to set intervals after which a password must be changed; however there are cases where it may not be desirable to force password changes. In those cases, it’s possible to disable password expiry.
I came across an issue recently though where, once the password expiry notification was displayed in the Office 365 portal, even changing the account to disable password expiry wouldn’t dismiss the notification. I think this only occurs if the password expiry has been disabled after the initial notification has triggered. I’m not sure what would have happened if I had left it to run through to expiry (I didn’t, because that would have clashed with a major milestone on our project) but it seems I’m not alone in experiencing this.
In the end, the only way I could get the notification to disappear was to changed the password (after which I changed it back again…).
I have a growing collection of PowerShell scripts for Office 365 management and, whilst I may not be the best scripter/coder out there (I’m pretty sure there are many people who could look at my scripts and say “there’s a better way to do that”), I’m open-sourcing them in the hope that others will contribute.
The current scripts are:
- Connect-O365.ps1 – connect to multiple Office 365 sessions in a single PowerShell window.
- Check-ODBQuotas.ps1 – checking a list of UPNs to see if their OneDrive for Business folders have been created and, if so, if their quotas need to be set.
- Set-O365Licences.ps1 – setting usage locations and applying/removing licences for Office 365 users.
- Set-ODBQuota.ps1 – setting a quota for a user’s OneDrive for Business folder.
More details on the use of these scripts can be found in the readme file for the project.
Others scripts are in development for:
- Setting restrictions on audio/video settings in Skype for Business Online.
This collection is up on github under the name of posh-o365 and I’d be interested to hear what people think of these, and what other scripts might be useful for performing Office 365 management tasks at scale in an enterprise context.
Yesterday was a beautiful day. Unfortunately I spent most of it in my home office but I did manage to get out on the bike for a quick ride before sunset (the first time I’ve worked at home in weeks, with a correspondingly low occurrence of exercise on a work day…). Unfortunately, when I got home, my Garmin 810 cycle computer froze whilst saving my ride.
It actually needed a reset (holding the lap and power buttons together for about 5 seconds) before I could get it to respond at all but my biggest concern was whether my ride data had been lost (if it’s not on Strava, it didn’t happen).
The Garmin Connect app on my phone wouldn’t upload the ride, so I tried installing Garmin Express on a PC. It decided that there was a file on my device that couldn’t be uploaded. Sadly, that file was the data from last night’s ride.
I ignore Garmin Express’s offer to remove the file and, thanks to Chesilboy’s post on the Garmin forums, I managed to rescue some of the data.
- First, I connected the Garmin to my PC and navigated to \Garmin\Activities.
- There, I located the .FIT file for the ride and copied it to somewhere safe.
- Next, I uploaded the .FIT file to Strava.
- Strava read the data, warning me that the file was damaged, possibly truncated and that some of the ride would be lost. Importantly though, it would use the data that could be read (as it happens, almost all of my ride – only missing the last 1.5 kilometres).
- At this point, I could export a GPX file and import it to Garmin Connect, but I’m not really that bothered about my records there (I find the site clunky and unreliable and I only really use it to get my data to Strava).
As Chesilboy notes, shame on Garmin for a) not keeping the data safe (why not write it throughout the activity) and b) actually offering to delete it! Thank goodness Strava is better at data processing!
I’ve been writing quite a lot of PowerShell recently and I decided that I really should look into using some kind of source control system. I’ve used Git before, integrating GitHub with VisualStudio and this time I wanted to integrate with the PowerShell ISE (by the way, if you don’t have a Windows 8.1 shortcut for the PowerShell ISE, Carlo/Happy SysAdmin describes how to find it).
It’s actually pretty straightforward using Keith Dahlby’s posh-git scripts (what a great name that is!) and GitHub Desktop. Jeff Yates has a post that describes the process but I found I needed to do a bit more to make it work for me…
My PowerShell ISE didn’t have a profile, so I created one and added the entries Jeff suggests but, even so, I was getting errors in my console:
Resolve-Path : Cannot find path ‘C:\Users\username\AppData\Local\GitHub\PoshGit_869d4c5159797755bc04749db47b166136e59132’ because it does not exist.
At C:\Users\username\AppData\Local\GitHub\shell.ps1:26 char:26
+ $env:github_posh_git = Resolve-Path “$env:LocalAppData\GitHub\PoshGit_869d4c51 …
+ CategoryInfo : ObjectNotFound: (C:\Users\username\…47b166136e59132:String) [Resolve-Path], ItemNotFoundException
+ FullyQualifiedErrorId : PathNotFound,Microsoft.PowerShell.Commands.ResolvePathCommand
Resolve-Path : Cannot find path ‘C:\profile.example.ps1’ because it does not exist.
At C:\users\username\Documents\WindowsPowerShell\Microsoft.PowerShellISE_profile.ps1:3 char:4
+ . (Resolve-Path “$env:github_posh_git\profile.example.ps1”)
+ CategoryInfo : ObjectNotFound: (C:\profile.example.ps1:String) [Resolve-Path], ItemNotFoundException
+ FullyQualifiedErrorId : PathNotFound,Microsoft.PowerShell.Commands.ResolvePathCommand
The expression after ‘.’ in a pipeline element produced an object that was not valid. It must result in a command name, a script block, or a CommandInfo object.
At C:\users\username\Documents\WindowsPowerShell\Microsoft.PowerShellISE_profile.ps1:3 char:3
+ . (Resolve-Path “$env:github_posh_git\profile.example.ps1”)
+ CategoryInfo : InvalidOperation: (:) , RuntimeException
+ FullyQualifiedErrorId : BadExpression
After some hunting around, and an attempt to install posh-git manually, I realised that the
shell.ps1 script from Github Desktop was looking for posh-git in a folder at $env:LocalAppData\GitHub called PoshGit_869d4c5159797755bc04749db47b166136e59132 (I’m guessing that’s a GUID in the foldername, so it’s likely to be different for others). After copying a clone of posh-git to that folder and reloading my profile
(. $profile), everything was working as it should to commit changes from within PowerShell.
So far in my “series” of Windows 10 posts, I’ve written about refreshing or resetting the PC (to get a clean configuration) and about getting an Office 365 Home subscription for some productivity apps but I skipped one area that many people are sold products for… security software.
Actually, this is one of my major bug-bears. In the enterprise, I often see third party security products used but there’s only one reason I can see for that: management. Not just of the updates, but of quarantine for any infections that are caught.
Unfortunately, in the consumer space anti-virus products are often foisted onto unsuspecting consumers. Both the PCs I’ve bought for family in recent years have come with McAfee products installed (removed soon afterwards) and high street PC shops/office suppliers/supermarkets will happily sell alternatives. I was particularly annoyed to see that, after my parents in-law went to a local “PC specialist” (because they thought I was too busy), Microsoft Security Essentials had been removed (from their Windows 7 PC) and replaced by AVG. Now, don’t get me wrong, there’s nothing wrong with AVG, except that, the last time I used the free version, it kept nagging to be upgraded to a paid one – and there’s simply no need to clog up the system with third party apps like this.
Reputable providers of consumer advice seem to be caught up in the trap too: I took a look at the Which? report for security software best buys and even their best free antivirus software guide doesn’t include the software built into the operating system – indeed it says:
“Two programs could interfere with one another causing problems. If you are installing a third party piece of security software make sure you uninstall Microsoft Defender.”
I’d put it a different way: don’t waste time and money on third party anti-virus software – just use Windows Defender!
- Windows Defender scans for malicious software. The schedule for scans can be edited in Task Scheduler.
- In Windows 10, Windows Defender is enabled by default. It will turn itself off if you install another antivirus application, but equally it can be left in place and will receive updates through the same mechanism as other Windows updates.
- If Windows Defender finds a virus it can’t remove, it will prompt to download and run Windows Defender Offline. Once the download is complete, the PC will automatically restart into the recovery environment, where Defender will run a more complete scan and remove threats.
Other security features built into Windows (avoiding the need for third party products) include Windows Firewall (which helps to protect a PC from damage caused by worms or hackers attacking across a network) and SmartScreen (a phishing and malware filter implemented in several Microsoft products including Internet Explorer, Microsoft Edge, and inside Windows).
Find out more about the security settings in Windows 10 by searching for Security and Maintenance.