Get-Sysinternals–Not for Windows Servers

I recently posted about Keeping SysInternals Up-To-Date. Since then I’ve had trouble getting it to work on any of our Windows Server machines.  I couldn’t find much info on this online, so maybe it’ll be helpful to raise the problem here.

There is a problem with Get-Sysinternals.ps1 that prevents it from working on Windows Server platforms.  The problem is due to its dependence on WebClient – the service that provides the ability to treat a URN on the web as a local drive.  The specific line in Get-Sysinternals is:

New-PSDrive -Name SYS -PSProvider filesystem -Root \\live.sysinternals.com\tools

When WebClient is active, this line successfully creates a local drive called SYS that points to \\live.sysinternals.com\tools.  When WebClient is not active, this line causes an error:

 

New-PSDrive : Drive “\\live.sysinternals.com\tools” does not exist or it’s not a folder.

At …\Get-Sysinternals.ps1:26  char:15

+ New-PSDrive <<<< –Name SYS -PSProvider filesystem -Root \\live.sysinternals.com\tools

     + CategoryInfo : ReadError: (SYS:PSDriveInfo) [New-PSDrive], IOException

     + FullyQualifiedErrorId : DriveRootError, Microsoft.PowerShell.Commands.NewPSDriveCommand

Is the solution to simply turn on the WebClient service?  Unfortunately not.  The official method for installing WebClient is to turn on the Desktop Experience feature. Microsoft does not offer another way (see Installing WebClient Service without Desktop Experience?Desktop Experience also includes (reference Desktop Experience Overview, TechNet): 

  • Windows Media Player
  • Desktop themes
  • Video for Windows (AVI support)
  • Windows SideShow
  • Windows Defender
  • Disk Cleanup
  • Sync Center
  • Sound Recorder
  • Character Map
  • Snipping Tool

Hmmm. We don’t want any of these running on our servers.  Not only do they violate the Least Required Principle, many of them are CPU hogs (Themes, SideShow, Aero), others may execute at unknown times (Disk Cleanup, Sync Center), etc.  Which of these involve installing drivers (Video for Windows?)

No, Desktop Experience is far from appropriate for gaining the functionality of WebClient (which we would only run temporarily anyway).

 

So, back to the drawing-board.  What are others doing to update SysInternals on Windows Servers?  Is anyone interested to collaborate on adapting the Get-SysInternals script to work for servers?

Keeping SysInternals Up-To-Date

Ed Wilson, Microsoft Scripting Guy, has a good article on TechNet about automatically keeping your local SysInternals files up-to-date.  If you use the SysInternals tools, you know that they are updated fairly frequently – often due to suggestions from outside Microsoft.  If you aren’t using SysInternals, well, you should start.

Scripting Guy’s article is a bit long-winded (in a Spencer F. Katt way), so here’s the quick and dirty for getting started.

  1. Copy the Powershell script, Get-Sysinternals.ps1, from the TechNet Gallery
  2. Paste the script into your favorite editor and save it to the location where you keep scripts (e.g., %UserProfile%/Scripts)
  3. Open Powershell or Powershell ISE as admin (otherwise the script provides a warning: This script requires running as an elevated administrator
  4. Before running the script, make sure you know exactly where SysInternals tools are stored (e.g., %ProgramFiles(x86)%/SysInternals).  You’ll provide this path when you run get-sysinternals.ps1.  If you don’t provide a path, the script will put the SysInternals tools in %SystemRoot%/SysInternals.  Call me paranoid, but I don’t like making changes within %SystemRoot% if it can be avoided.
  5. Run the script.  For example, I run the script like this:

Get-SysInternals “${env:ProgramFiles(x86)}/SysInternals”

Don’t forget the curly braces, or you’ll end up with a path like C:\Program Files(x86)\SysInternals (note the missing space b/t Files and (x86))

 

Here’s a screenshot of the output on my machine:

image

 

Worth noting:

  • Colorized output is a very nice touch!
    • New apps / utilities are reported in green
    • Updated apps / utilities are reported in yellow
    • Unchanged apps / utilities are reported in white
  • The script appears to re-write your machine’s path environment in a different order!  (See the Old Path and New Path sections of the screenshot above) I wasn’t expecting that, and I’m not sure I like it.  That’s a pretty aggressive move.

 

I’m pretty satisfied with manually executing this script occasionally.  Automating it, I have to admit, is pretty cool, however.  So, if you want to automate the script, check out Scripting Guy’s article.

Now, if we just had a way of keeping Get-Sysinternals.ps1 up-to-date.  Smile

Process Explorer 14.01 Revives Single View of Indicators

You just gotta love the SysInternals team’s responsiveness!  Just last week I wrote that didn’t like how the v14 release of Process Explorer did not include a single view of all the System Information indicators.  Yes, it’s nice to have an independent view of each indicator on its own tab, but I still want the synchronous summary view.

Say hello to Process Explorer v14.01!  In this release, the team added (revived) the Summary tab to the System Information dialog.

Process Explorer v14.01 - System Information Summary tab screenshot
Process Explorer v14.01 - System Information Summary tab

Summary view, it’s good to have you back!  You’ll notice that this view is not quite the same as the original (pre-v14.x) dialog.  (See prior post for v12 screenshot).  The Summary tab really is a summary of the other three tabs:  CPU Usage History from the CPU tab; Commit & Physical Memory Histories from the Memory tab; I/O, Network and Disk Bytes History from the I/O tab.

Unfortunately, the Summary view does not offer Show one graph per CPU support, so you only get the aggregated graph.  That’s not such a big deal though.  A nice to have feature, however, would be the ability to double-click a graph on the Summary tab which would navigate you to the appropriate detail tab.

Process Explorer v14: Good changes or not?

On Nov. 16 Microsoft’s SysInternals group released an update of the SysInternals Suite.  Some of the most notable changes in this release are related to the famous & fantastic Process Explorer.  The announcement for v14 of Process Explorer from SysInternals’ blog states (emphasis added):

This major update to Process Explorer adds a slew of enhancements and new functionality including network and disk monitoring, an improved multi-tab system information dialog, additional memory statistics, a new column that shows aggregate CPU usage for a tree of processes, improved DLL scanning performance and accuracy, command-lines in process tree tooltips, support for more than 64 CPU systems, and more.

I like most of the features and changes, although I have no way of testing the >64 CPU support 😉  I like the Tree CPU column, command-line args info in process tooltip (particularly useful for services), and network and disk monitoring.  I don’t, however, like the change to the (solely) multi-tab system information dialog.  Why not?  Let’s take a before & after look.

Process Explorer v12, System Information dialog screenshot
Process Explorer v12, System Information dialog

And now screenshots from v14:

Process Explorer v14, System Information - CPU screenshot
Process Explorer v14, System Information - CPU Tab

The new System Information dialog only shows one ‘metric’ at a time – CPU, Memory or I/O. I wish they’d kept the original as an All tab. In previous versions provided some sense of correlation between the three in time. The options now are to switch back and forth between tabs – reduced correlation effect – or go back to good ol’ PerfMon.

In case you wanted to see the Memory and I/O tabs…

Process Explorer v14, System Information - Memory Tab screenshot
Process Explorer v14, System Information - Memory Tab
Process Explorer v14, System Information - I/O Tab screenshot
Process Explorer v14, System Information - I/O Tab

BTW, it’s mildly interesting to note that Process Explorer jumped from version 12 to version 14.  I guess the SysInternals folks are pretty superstitious about 13th releases!