SQL Clone
SQLServerCentral is supported by Redgate
Log in  ::  Register  ::  Not logged in

Powershell in a Month Day 17 – Security Alert

This is part of my Powershell Challenge, to learn more about PowerShell (PoSh) using the Learn Windows Powershell 3 in a Month of Lunches book by Don Jones.

Security. It’s important, and I was thinking this chapter would show us more about changing security. Instead, this chapter is really an outline and discussion of what security method are built into the PoSh shell. The chapter first emphasizes that the PoSh environment doesn’t bestow and special rights or abilities to the executor. The commands just execute, or fail to execute, base do on the rights you have in windows already. I can see that as some of the commands I run at times fail when I haven’t run the shell as an administrator.

From there the chapter talks about the different execution policies, which I haven’t thought much about. I end up typically changing the execution policy on each VM initially so I can run scripts to Unrestricted. I know that isn’t recommended, but I typically need things to just work.
I also hadn’t realized that I could set this in a GUI in Windows. That’s good to know, and I suspect, it’s another example of where Windows is implementing PoSh commands under the hood of the GUI. It would be nice to see a Trace for PoSh to watch commands come through GUI actions.
The chapter finisheds by talking about the digital signing of scripts, how it works, and what you need to do. I haven’t messed with this and it’s not a part of the lab, but it’s something I’d probably do in a large organization, or even any organzation to be sure that hte code that’s being automated and run is actually the code that has been tested.
Overall, a short chapter. Slightly informative, and definitely an easy day.

Filed under: Blog Tagged: career, powershell, syndicated

The Voice of the DBA

Steve Jones is the editor of SQLServerCentral.com and visits a wide variety of data related topics in his daily editorial. Steve has spent years working as a DBA and general purpose Windows administrator, primarily working with SQL Server since it was ported from Sybase in 1990. You can follow Steve on Twitter at twitter.com/way0utwest


Leave a comment on the original post [voiceofthedba.wordpress.com, opens in a new window]

Loading comments...