Nope. Not bored. Doing research. My take on it, so far, is that disabling xp_CmdShell to supposedly enhance security is like holding up a bath towel to protect you from a nuclear blast. 😛 If no one can use it other than SAs, then what is "everyone" so bloody afraid of? If someone that isn't supposed to, gets in as SA, it's not gonna matter if it's disabled or not. Some claim that it's an extra "layer" of security than an attacker would have to go through and I say they don't even have to use xp_CmdShell to raise hell at the OS level if they get in with SA privs.

To wit, if they think that turning off and not using xp_CmdShell is some form of security, I'm really concerned about what they think security is.

On the PowerShell thing, I use xp_CmdShell to call PowerShell. 😉 Between the two, a DBA can do some awesome stuff in a very secure manner.