Create a GPO for PowerShell 5.0 settings

July 28, 2016

I’ve written the following piece of code to automate the creation of a Group Policy that would configure all the new PowerShell 5 settings – ScriptBlock Logging, Protected EventLog and …

Source: Create a GPO for PowerShell 5.0 settings

Safely storing credentials and other things with PowerShell

July 14, 2016

storing Credentials

Hey guys,

This post is mostly going to be me sharing an answer I wrote on StackOverflow, about a technique I use in my PowerShell modules on Github to safely store credentials, and things like REST Credentials.  This is something I’ve had on my blogging ‘To-Do’ list in OneNote for a while now, so it feels nice to get it written out.

I hope you like it, feel free to comment if you think I’m wrong!

The Original Question

I currently have a project in powershell which interacts with a REST API, and the first step after opening a new powershell session is to authenticate myself which creates a websession object which is then used for subsequent API calls. I was wondering what the best way of going about storing this token object across all Powershell sessions, because right now if I authenticate myself and then close & reopen powershell I need to re-authenticate which is rather inconvenient. I would like the ability to in theory authenticate once and then whenever I open up powershell be able to use my already saved websession object. At the moment I store this websession object in $MyInvocation.MyCommand.Module.PrivateData.Session Original Question

My Take on Safely Storing objects on a machine with PowerShell

Since I’ve written a number of PowerShell Modules which interact with REST APIs on the web, I’ve had to tackle this problem before. The technique I liked to use involves storing the object within the user’s local credential store, as seen in my PSReddit PowerShell Module.

First, to export your password in an encrypted state. We…

View original post 301 more words

Building Better PowerShell Dashboards

April 11, 2016

First off, YUUGE props to Flynn Bundy for shining lights on the possibility with his post Making DSC Beautiful and @Neeco of for these gorgeous HTML5 and CSS templates.

If you check out, there are a ton of absolutely beautiful templates, for free! (Well, you have to leave a link to the site, unless you pay $20, then you can edit it to your heart’s content).


Some of them REALLY lend themselves well to a dashboard system for consumption of data.

…you know, PowerShell makes an excellent data collection and processing system.

It even has  native HTML capabilities, as we’ve covered previously in our post: Using ConvertTo-HTML and CSS to create useful web reports from PowerShell.  If you’re lost and don’t even know where to start, begin here.  I’ll bet we could make some REALLY cool looking dashboards using PowerShell and Neeco’s templates!

Let’s make a cool…

View original post 1,422 more words

Breaking CIM sessions

April 8, 2016

Richard Siddaway's Blog

A CIM session is analogous to a PowerShell remoting session but for CIM based cmdlets – the CIM cmdlets themselves and any CDXML based cmdlets e.g. the networking cmdlets

By default a CIM session uses WSMAN as its transport protocol – the same as remoting. You do have the choice to create a CIM session using DCOM for transport (same as the WMI cmdlets use)

I’ve always maintained that DCOM based sessions could be broken if the remote machine was re-started. This was based on the testing I did when writing PowerShell and WMI.

Some recent information cast doubt on that assertion though. I’ve digging into CIM sessions recently and have what I think is a definitive statement on DCOM based CIM sessions.

If you create a DCOM based CIM session to a machine running PowerShell 2.0 from a machine running PowerShell 3.0 (or PowerShell 4.0 – I haven’t tested…

View original post 249 more words

PowerShell Summit: CIM Deep Dive

April 8, 2016

Richard Siddaway's Blog

A big thank you to everyone who attended my Summit pre-conference workshop. The interaction was great and I really enjoyed it even though I was feeling the efffects of my flight the previous day.

One thing we discovered was that good old dependable calc has changed. On a Windows 10 (build 14295 and last couple of builds) its now calculator.exe.

PS> Get-CimInstance -ClassName Win32_Process -Filter “Name LIKE ‘calc%'”

ProcessId Name HandleCount WorkingSetSize VirtualSize
——— —- ———– ————– ———–
1400 Calculator.exe 373 56770560 336953344

On Windows 2012 r2 its still calc.exe which caused a bit of confusion until we realised what was happening

View original post

Creating a Robust Services Function

March 24, 2016

Fantastic script as usual…

Learn Powershell | Achieve More

I had a time when I needed to know whether or not a service had triggers, which would mean that the StartMode could be Auto (Triggered Start) so that the service might just stop for its own reason and if I happened to have a script that looked for non-running services set to Automatic, then it would be flagged in a report. After some research, I found that I could hop into the registry and look at for the TriggerInfo folder to determine if the service actually had any triggers. If the folder exists, then it has triggers and if not…well you get the idea! SmileSNAGHTML3d8704b

If you work in PowerShell, you know that this is a simple query either through the registry provider or using some .Net types to make the remote registry connection and see if the folder exists.

But that’s not where this ends for me. While searching…

View original post 1,165 more words

SQL Code for SCCM Status Message Viewer

December 15, 2015

I found myself juggling many different Status Message views in SCCM to try to keep on top of various messages that would arise in one environment.  So I did what anyone would do, and through liberal code-reuse and copy pasting, I reinvented the wheel.

What I’ve created here is based off of two built-in SCCM reports.  The first, Component Messages for the Last 12 Hours, and Count Errors for the last 12 hours (should be reports 80 and 89).

The output is a three-drill down view as seen here.

1 The first page is a collection of a count of messages separates by Warnings and Errors, and then a listing of each grouped by Component ID.

2 Clicking the link icon takes you to a listing of the warnings and errors for that site. I tried to transpose the actual message into the fields, but ran into a number of road blocks…

View original post 39 more words


Get every new post delivered to your Inbox.

Join 652 other followers