PowerShell x64 and Filesystem Redirection

Well thanks to my kind folk over at Server Fault, I now have a solution as to why dnscmd suddenly stopped working. It would turn out that the strange behaviour I was seeing was a result of a Microsoft implementation of handling 32bit running on 64bit (WoW64) Operating systems.

Specifically, it was caused by Filesystem Redirection

However, I found that trying to user %windir%\sysnative did not work for me in my powershell console. That’s odd, so I did a bit more research. A post over at Nynaeve got me on the right track.

Filesystem redirection causes Powershell to redirect paths pointing at %windir%\System32 to %windir%\SysWoW64. If you are running a 32bit powershell on a 64bit OS, you can override this behaviour by using the path %windir%\Sysnative.

However if you are running an x64 instance of Powershell like I was then you are out of luck. The Sysnative alias is only recognised by the WoW64 subsystem, and as x64 Powershell runs natively to the OS, there is no subsystem to intercept the alias and redirect accordingly.

The only workaround I have at this point is to move the files you require (like dnscmd.exe) to a folder location that is not affected by filesystem redirection.

In Summary:

  • x64 versions of Windows Operating systems have two different system locations (%windir%\System32 & %windir%\SysWoW64)
  • Filesystem Redirection will make decisions as to which system folder to expose to the application, and this might cause strange things to happen with powershell.
  • If running Powershell 32 bit on a 64 bit OS, you can override the Redirection behaviour by using %windir%\Sysnative\ as a path
  • The Sysnative alias does not work for 64 bit Powershell
  • When using 64 bit Powershell, it may be prudent to relocate commands that are typically in %windir%\system32 to a different location that is not affected by folder redirection.

I will never go back to using dnscmd to enumerate DNS in powershell, but it bugged the hell out of me that up until now I had no idea why dnscmd worked on some machines and not others, particularly after upgrading my desktop machine.