Category: Uncategorized

On the fly GUI Generating Class in PowerShell?

Classes have arrived and the gloves are off!  One thing lacking in PowerShell is re-usability of code. At the root of this problem was the structures and object variability.  With the addition of classes code will be much easier to build in a reusable way.  For example… user interfaces are cumbersome and tedious.  Why not use my GUI class?  It accepts an object.  Creates fields for each property and lets the end user modify the text.  Once they click save it returns and object with the same properties but the updated fields.

gui class

You can call it with this:

gui class dec

Result:

gui window

This class is very powerful.  What if you sent/gave it an AD object?

PowerShell: break, continue, return and exit

example

Scope is what the lexicon is looking at, aka what is being looked at.  How are we to communicate the correct stop in your branching (example if else)?

  • break #complete stop of the loop
  • continue #skip this time but keep going through the loop
  • return #break and return to calling scope
  • exit #break EVERYthing including calling scope

note: A PowerShell best practice is to output values as you process through the loop.  As opposed to saving the values in a property and then outputting at the end.  This will help you when you want to pipe the data.  Happy PowerShelling!

PowerShell Parameter Validation

It’s possible to validate input in PowerShell!

fun

out

There are eight built in functions:

  1. ValidateNotNull
  2. ValidateNotNullOrEmpty
  3. ValidateLength
  4. ValidateCount
  5. ValidateRange
  6. ValidateSet
  7. ValidatePattern
  8. ValidateScript

With dynamic typing,  I don’t see the importance of one through seven, but eight!  Is amazing.  Let’s say you need to have the function only fun as administrator.  You  can throw in a short script block that returns $true when run as admin.

admin

Happy PowerShell!

Powershell lastlogon vs lastlogontimestamp

lastlogon

Last logon is an attribute that can be configured in your active directory (AD) Schema, with that said, by default it isn’t accurate.  By default it is only accurate within 15 days. It isn’t predictable; it depends on the way the user accesses the network.  It also isn’t replicated.

lastlogontimestamp

The lastlogontimestamp is accurate and it is replicated. As a good standard practice to always ensure you are connecting to a root Domain Controller (DC) when checking this attribute as the replication for this is one way. Effectively meaning you can check each DC and see when the user connected to each while checking the root to see the newest time.

PowerShell in Server 2012

I’ve seen some people struggling with PowerShell scheduled tasks in Server 2012 so I thought I’d take a minute to talk about security in the post 7 operating systems.   The shell is always going to run with the least possible security, for example, if you have to specify that you want it to run as an admin even if you are an admin.  To run script as admin you will need to add the verb runAS.   If you’re using excel don’t forget to get your system account a desktop folder…  otherwise it will fail there too!

Automating security tasks is the only way you can manage security effectively.

encryption or restriction of access

It’s been said that, if you defend everything you are in fact defending nothing. In a world where computer networks are routinely bent and broken it rings true. So it comes down to what are you going to protect and once you’ve chosen to protect something are you going to do it through encryption or restriction of access?

Well, the answer is pretty straight forward: encryption. You can store invaluable information in the most open setting if it is encrypted properly. In the spirit of limiting overhead of encryption/decryption only encrypt while it is in storage and allow only the accessing clients to decrypt and encrypt. The implementation of encryption in your software can be somewhat complicated but, this complication is what makes it the perfect solution! If you buy an off the shelf product, for example THE currently most popular encryption software what are you getting? The biggest target. Implement unique encryption. Even simple encryption if uniquely applied is going to put a larger hurdle up than the most common solution placed in the most routine way. Not only is your data hidden but the simple fact that your info is multiplexed adds an incredibly amount of complexity.  Complexity that can not be computationally broken but rather requiring the ‘by hand work’ that so few are capable of doing.