Getting ready for PowerShell .NET Notebook

The latest release of .NET Interactive Preview 2 (February 6), which includes .NET Notebook for PowerShell. Remember, this is a .NET Core component that is available cross-platform.

This is great! You can start using notebook file and share it across many systems, both Windows and Linux Operating Systems.

Check out Microsoft blog post on “Public Preview of PowerShell Support in Jupyter Notebooks.”

Before you continue, I suggest to get Anaconda 2019.10 (v4.8.1) installed in your system.

Installing .NET Interactive in Ubuntu

In Windows, just takes a few steps to set it up. For Linux, it takes a few extra steps but still is quick enough to get you started.

For Windows, follow the instructions found at the .NET Interactive page in Github.

For Linux, for Ubuntu 18.04, follow the blog post “Ubuntu 18.04 Package Manager – Install .NET Core“.

Basically, in either operating systems, you install:

  • Install the .NET Core SDK
  • Install the ASP.NET Core runtime
  • Install the .NET Core runtime

After these components are installed, proceed to install .NET Interactive Tools, which will include PowerShell support in Jupyter Notebook.

1. Install the .NET Interactive Global tools with this simple command:

$ dotnet tool install --global Microsoft.dotnet-interactive

2. Then install .NET Interactive “Jupyter” component with the following command:

$ dotnet interactive jupyter install

At this point, in Ubuntu, you will encounter the following known error: (see image)

To resolve the issue, use the text editor to open the ~/.bashrc file to add the path to .NET Tools folder:

$ sudo vim ~/.bashrc
## - Add path to .NET Tools:
export PATH=$PATH:~/.dotnet/tools
:wq
$ source ~/.bashrc

Now, we rerun the command, and this time it will complete without any errors:

$ dotnet interactive jupyter install

To verify that all Jupyter kernel was installed, execute the following command:

$ jupyter kernelspec list

Now, you’re ready to work with PowerShell Jupyter Notebook.

Starting Jupyter Notebook

In Windows, you use any console application to start a Jupyter Notebook session using: DOS, Windows PowerShell, and even PowerShell 7 Preview. Have you to use the Anaconda menu shortcut has provided for running the Windows PowerShell prompt?

Better yet, check my instructions on how to create the “Anaconda Pwsh7 Preview Prompt” shortcut in my previous blog post “ANACONDA AND POWERSHELL WORKING TOGETHER!“.()

Back in Linux, open a bash terminal session.

Now, to start a .NET Interactive Jupyter Notebook session, at the console prompt type the following command:

jupyter lab

At this point, the Jupyter Notebook will open on your default browser (Windows or Linux).

The launcher will show all available components for creating notebook files.

Just pick the notebook kernel you wish to start working… let say “.NET PowerShell.”

Notice that I running the $PSVersionTable in the Notebook that the .NET PowerShell kernel is one release behind the latest update.

Now that I test that my .NET Notebook works, I can save my results for later use.

Please, if you encounter any issues with .NET Interactive/.NET Notebook, post them in their Github repo.

Wait! How can I get PowerShell 7 Preview RC 2 updated in .NET Interactive?

I did post the issue about why I was getting PowerShell 7 Preview RC 1 instead of RC2 and got the answer.

It looks like the initial build of .NET Interactive installation will install version ‘1.0.110801‘, which includes PowerShell 7 Preview RC1.

To get the latest build available with PowerShell 7 Preview RC 2, you need to run the update command:

## - To update tool - use PowerShell 7 Preview RC2
dotnet tool update -g --add-source "https://dotnet.myget.org/F/dotnet-try/api/v3/index.json" Microsoft.dotnet-interactive

Run the “jupyter lab” command again and run again the saved *.ipynb.

And that’s it!  As you can see, this command can get your .NET Interactive installation refreshed with the latest build.

Some exciting features are coming down the pipeline. Stay tuned for more!

At Coders Cafe: PowerShell – Introduction to SQL Server Containers

I’ll be presenting at the South Florida .NET User Group Coders Cafe on Tuesday, August 8th, 6:30 PM. Location: Cendyn Spaces, Boca Raton.

Topic: PowerShell – Introduction to SQL Server Containers

Description: This session will be covering the basic of working with Containers and PowerShell Core. We’ll be taking the steps of creating a SQL Server 2019 container in an Ubuntu 18.04 Linux system. Then, will be using PowerShell Core to connect to the SQL Server containers to extract information.

  

Interested in attending this session, click here to register.

Powerhell Core Ubuntu 18.04 – PSRemoting to an Active Directory Machine

Sometime there’s the need to do PowerShell remoting from Linux to a Windows System. In my lab environment, I was able to install, configure, and established a PowerShell Remote connection from a Linux Ubuntu 18.04 system to *Active Directory joined Windows System.

*Note: Before trying to following steps, if you’re in a corporate domain, consult with your security team. I would recommend that you try this scenario in virtual machine environment.

I’ve been struggling trying to OpenSSH in both Windows 10 (Build 1803) and Windows Server 2019 with no success connecting from Linux. So, I decided to try install Kerberos component on my Ubuntu system and it works!  And, with no need to joined my Linux system to my virtual Active Directory domain.

Install and configuring Kerberos Client

  • I need to install and configure the Kerberos Client application on my system:
$ sudo apt-get install krb5-user
  • Customizing *krb5.conf file settings for my domain:
$ sudo vim /etc/krb5.conf
  • The following are my custom settings in the krb5.conf file for “DOMAINNAME” Kerberos:
[libdefaults]
default_realm = DOMAINNAME.COM

# The following are custom settings for "DOMAINNAME" Kerberos:
dns_lookup_realm = true
dns_lookup_kdc = true
default_tgs_enctypes = arcfour-hmac-md5 des-cbc-crc des-cbc-md5
default_tkt_enctypes = arcfour-hmac-md5 des-cbc-crc des-cbc-md5
permitted_enctypes = arcfour-hmac-md5 des-cbc-crc des-cbc-md5

[realms]
TRINITY.COM = {
kdc = DOMAINMACHINENAME
admin_server = DOMAINMACHINENAME
}

[domain_realm]
.com = DOMAINNAME

*Note: Make a copy of the krb5.conf file before any changes.

One thing to point out! Both DOMAINNAME and DOMAINMACHINENAME, must be in uppercase.

Configuring ssh

Next step involves in configuring the ssh for Kerberos negotiation. This is the ssh_config file (not sshd_config).

$ sudo vim /etc/ssh/ssh_config

Make sure the following parameters are set at the end of the *ssh_config file:

SendEnv LANG LC_*
HashKnownHosts yes
GSSAPIAuthentication yes
GSSAPIDelegateCredentials no
GSSAPIKeyExchange yes

*Note: If there are missing ones, don’t touch the commented ones. Just copy/paste and set the values.

After completing the changes, I would recommend a reboot.

Testing and working Kerberos Client

Here are a few linux commands to work with Kerberos client.  If the krb5.conf setting are set correctly, then the following commands should work without any issues.

1. This command will verify user domain, asking for password.

$ kinit username@domainname

2. Shows the list of Kerberos Cached tickets and credential.

$ klist

3. To delete\clear all Kerberos Cache entries:

$ kdestroy

What about setting in Windows Systems?

I’m will cover the whole PowerShell remoting setup. But, I will highlight what’s needed to make Linux connect to a Active Directory Domain system.

  • Enable PSRemoting

In PowerShell Conscole, run the “Enable-PSRemoting -force” command line on both client and server. This command will add the firewall rule to allow PowerShell remoting to work.

  • Check WinRM Service

Check the Windows Remote Management service is running. By default, in Windows 10 client, this is set to “Manual”.
On the server, just verify that the service running.

Before, connecting Linux to a windows domain system, make sure to test PowerShell remoting between Windows machines. This will guarantee that you got everything working correctly.

Name Resolution Tip

I don’t join my Linux system to my AD domain. So, to resolve my name resolution issues, I manually update the hosts file on my systems. This will include the domain ip-address as well as all other systems

hosts file
:
xxx.xxx.xxx.xxx domainname.com
:

Testing connectivity

Ubuntu 18.04 Connecting to a domain system final test.

1. In Linux, open PowerShell:

$ pwsh

2. Prepare the domain user:

PS /home/user> kinit domainuser

3. Create a *PowerShell Remote interactive session:

PS /home/user> Enter-PSSession -ComputerName wincomputer -Authentication Negotiate -Credential user@domainname.com

*Note: This remote connection will open Windows PowerShell and not PowerShell Core.

Summary

So, in Ubuntu 18.04 installing and configuring Kerberos user client only, you can connect your Linus system to a Active Directory Domain systems. But remember, this will connect to a Windows PowerShell session only.

I’m hoping that in the near future we can have the ability to select a PowerShell versions. Wait!!  There’s a way to open a PowerShell Core session instead of Windows PowerShell!!

How To Connect to PowerShell Core

So, by default you’re going to connect to Windows PowerShell. But, if you use the following parameter ‘-ConfigurationName’ folllowed by either ‘PowerShell.6‘ or ‘PowerShell.6-Preview‘ then you’ll get PowerShell Core session.  Also, you can use an specific version ‘PowerShell.6.1.0‘.

Enter-PSSession -ComputerName venus -Authentication Negotiate -Credential max_t@trinity.com -ConfigurationName PowerShell.6

Thanks to Steve Lee (Microsoft PowerShell Team) for letting me know this is already available.

References

The following links help figured out the needed components to make my lab environment work.