Deploying PowerShell Down-level
There have been many great features added to PowerShell throughout the years. Lots of new cmdlets come through the Remote Server Administration Tools (RSAT) or baked into the new version of the operating system. Some features we’re deemed so important that they were back-ported to older operating systems like Windows 7. Remember that Windows 7 came with Windows Management Framework (WMF) 2 so updates are definitely needed. The best PowerShell experience is still going to be using the latest Windows operating system with the latest WMF installed.
Features
Package Management
This has been my favorite addition to PowerShell since version 2. The ability to install community modules has been great and has opened the administration plane way beyond what is default and in-box. Also, updates to the built in modules can be found on the PowerShell Gallery.
Desired State Configuration (DSC)
At the PowerShell Summit I heard something that finally made DSC click in my mind. DSC will ‘make it so’. A framework built instead of on imperative programming but on declarative programming. You write your Documentation in a specific format and DSC Makes it so. All of the previous work on PowerShell pays off with the ability to use DSC to control your Windows boxes.
PowerShell Classes
Jeffrey Snover talks about being yelled at by people on the Azure team for not supporting more programming like constructs. Classes was the response. This is a step beyond building PowerShell functions and is a more traditional way of object-oriented programming.
Transaction and Security Logging
The newest releases of PowerShell can log all of your PowerShell usage into the event viewer. This is super helpful if you’re attempting to figure out what malware written in PowerShell is doing on the machine. The event log traces can even be encrypted and forwarded so you know the attacker hasn’t altered the logs.
Upgrade Path
With upgrading PowerShell you are expected to install the entire Windows Management Framework (WMF) install. It is also required that you upgrade the WMF versions in order. No jumping from v2 to v5.1. Here are the Knowledge base articles for the downloads.
Windows Management Framework 5.1
| OS | Knowledge Base | Platform |
|---|---|---|
| Server 2012 | KB3191565 | x64 |
| Win 7 | KB3191566 | x64 |
| Server 2008 R2 | KB3191566 | x64 |
| Win 7 | KB3191566 | x86 |
| Win 8.1 | KB3191564 | x64 |
| Server 2012 R2 | KB3191564 | x64 |
| Win 8.1 | KB3191564 | x86 |
Windows Management Framework 5
| OS | Knowledge Base | Platform |
|---|---|---|
| Server 2012 | KB3134759 | x64 |
| Win 7 | KB3134760 | x64 |
| Server 2008 R2 | KB3134760 | x64 |
| Win 7 | KB3134760 | x86 |
| Win 8.1 | KB3134758 | x64 |
| Server 2012 R2 | KB3134758 | x64 |
| Win 8.1 | KB3134758 | x86 |
Windows Management Framework 4
| OS | Knowledge Base | Platform |
|---|---|---|
| Server 2012 | KB2799888 | x64 |
| Win 7 | KB2819745 | x64 |
| Server 2008 R2 | KB2819745 | x64 |
| Win 7 | KB2819745 | x86 |
Importing into WSUS
The task of installing the updates is even easier if you have Windows Server Update Services (WSUS). You can import the KBs directly through the WSUS console to push out to your fleet.
Open Update Services, right click on Updates and select Import Updates.
Install the ActiveX component.Add the updates you’d like to import.
Use the Import directly into Windows Server Update Services feature.