Intro I’ve been asked the question on “How can I turn my script to an exe-file” more times than I can remember. My answer has always been:
-“Just host Windows PowerShell in an executable and run what ever code you like.”
Scared of using C# most people has ignored my advice and used some kind of tool to do this, and there is no fault in that (as long as you choose a tool from a provider you trust, not a random tool from a shade site on the Internet).
Intro Even though we have group managed service account, regular user accounts are still used by various services and applications. The passwords for these accounts are (hopefully) hard to remember and might be shared by a group of people. This means that when it’s time to modify that service , scheduled task or application we haven’t touched in years I really want to make sure I have the right username and password before I start.
Intro Sometimes you need to store secrets and PowerShell has a great way of encrypting text for you with the *-CMSMessage cmdlets! Now what if I want other people to be able to encrypt information without being able to decryot it again or if I want to encrypt something myself and only be able to decrypt it by going through a certain procedure like checking out the decryption-key from a secure storage?
Intro Are you keeping your PowerShell code version controlled using git? Or any code for that matter. That’s great! Are you having problems accessing private repositories on GitHub or VSTS? Then this post if for you!
Git for Windows comes with this awesome component called Git Credential Manager for Windows. It keeps track of all your credentials by storing them in the Windows Credential Store AND it gives us support for multi-factor authentication for Visual Studio Team Services, GitHub and Bitbucket!
Intro I have a public codesigning certificate issued by DigiCert. I want to be able to sign my PowerShell scripts anywhere, for example when I’m at a customer, but it’s a hassle having to move the code to where I have my code signing certificate just to sign it. I’ve been experimenting with build jobs in VSTS so if I check in a script a build job will automatically sign it for me, but that requires access to internet and VSTS.