PowerShell Re-Introduction Part Three: Spript Prerequisites
Part One: More PowerShell: A Re-Introduction If You’re Starting from Scratch
Part Two: PowerShell Re-Introduction: Part Two
So in our last two efforts, we tried to cover the PowerShell Command Line Interface (CLI) and the way it runs programs and cmdlets. Remember, we covered the way to get help regarding a cmdlet and the way to list all the available cmdlets.
This time, let’s explore that a little more and then see if we can begin to chain cmdlets together to form PowerShell scripts and manage those scripts in PowerShell’s native Integrated Script Editor (ISE.)
First, let’s look at what we already know and what the robot inside PowerShell might be trying to tell us.
We can run Get-Help. Part of what we get back is the Get-Help cmdlet’s syntax, including some examples:
Get-Help Syntax
So as we see, we can run Get-Help for any of our cmdlets. But we can also just run plain old Help.
We can also just drop a -? after a cmdlet and get it’s help file. Let’s try the first example:
Get-Help Get-Process and Get-Process -? return the same page:
Get-Process -?
If you read the synopsis, you get an idea of where we’re headed; with get-process, you can actually get a running process in Windows and make it do stuff, even from a remote computer.
But first things first. Let’s look at one we already know, get-command and see what we get with Get-Help Get-Command -full and look at the syntax and description:
Syntax and Desription for Get-Command
First, the syntax tells us we can select a single command, like get-process:
Get-Command Get-Process
But we can also filter for cmdlets or functions, etc. Try these:
-
Get-Command -CommantType cmdlet
-
Get-Command -CommantType Function
-
Get-Command -CommantType Alias
The first just lists all our cmdlets.
The second lists all our functions. If you look at these:
Get-Command -CommandType Function
You’ll see some functions that are intended to make PowerShell act like DOS. For example, you can log on to your D drive simply by typing D: and you can create a new directory using the mkdir function. But look at the far right column, Definition. Here we see some of how PowerShell works. Those functions are just a cmdlet with some added text. For example, D: is defined as Set-Location D: and mkdir is defined as …
Okay, we get it. We’re not really sure what … means but we understand that we can run functions that act like cmdlets.
But we can run a Help mkdir and we see we get the help for New-Item and mkdir is just a method of invoking New-Item to create a new folder. So let’s navigate down our root folder on C: using CDs.. and then create a PSTest folder using this New-Item cmdlet.
New-Item
Here, we’ve lapsed into some kind of immeidate response mode and PowerShell is asking us for an item type. If we type Foo here, we’re going to get an error that says only “Directory” or “File” are acceptable values. So you can try that or just enter Directory.
And success; we can see and then log into our new folder:
Creating and Logging into a New Folder
Okay, you say, enough with this trivial mechanics, let’s build something.
Sure, when but the something we’re going to build is a script or function (we’ll start with a script) and in order to do that, you have to work your away around a PowerShell’s built in security called its ExecutionPolicy. Its Execution Policy is PowerShell’s way of determining if it can trust a script. Remember that, in PowerShell, you can do anything a user can do at the Windows GUI so running a script is like letting someone else sit down at your desktop, even if that someone is a monkey, or worse, a sick, evil mastermind monkey like GoGo JoJo from the PowerPuff Girls.
So let’s do this. Let’s run Get-ExecutionPolicy:
Get-ExecutionPolicy
Ah, so, we’re Restricted, whatever that means. Well, to figure this our, let do this: Remember when we ran Get-Command?
One of the syntax options was -Noun. This means that we can get all our commands the involve our ExecutionPolicy with a Get-Command -Noun ExecutionPolicy:
Get-Command -Noun ExecutionPolicy
So we see we can Get or Set our ExecutionPolicy. Well, yes, we run Get-Help Set-ExecutionPolicy -full.
Now there’s lots of gems here and some are more valuable than others:
-
We see that to set the exection policy, we actually have to start PowerShell by right clicking and selecting Run As Adminstrator.
-
We see that the execution policy can be assigned to the user, the machine or a process; the default is LocalMachine.
-
We see it protects configuration files including your PowerShell profile. We’ll need to know more about this, huh?
-
Our default policy is Restricted which means we can’t run scripts or configuration files.
-
We can require scripts to be “Signed” but that sounds like a technical challenge.
-
There’s stuff about Common Parameters we’ll have to cover.
-
There’s group policy restrictions that are override an ExecutionPolicy set in PowerShell.
That’s a lot of stuff. Let’s just restart PowerShell as an administrator and set our execution policy to Unrestricted and see what we can do realizing full well that if GoGo JoJo barges in, we are so screwed.
Let’s review:
-
Get-Help.
-
Get-Command with filters.
-
Native Functions.
-
Mimicing DOS commands.
-
Run As Administrator.
-
Execution Policy.
-robot
Tags: