Powershell related code snippets

Enabling Azure Point-to-site-VPN

Using Azure's Point-to-site vpn avoids having to expose ssh or winrm ports to the internet to get onto the systems.

Before a Point-to-site VPN can be established, a Virtual Network Gateway must be created.  This will be associated with the Virtual Network that will be accessible.

Access to the network will be controlled by certificates.

Create and Azure Application & SPN with Certificate Authentication

This PowerShell code snippet creates an Azure AD application registration with an associated SPN and self-signed certificate for Azure authentication.

I've used this for generating certificates that Virtual Machines can use for authenticating to Azure as an alternative to Managed Identities.

Using Azure Automation to generate a certificate

Some time back I had cause to demonstrate the possibility of using Azure Automation in generating time limited certificates for use with Azure.  It turned out to be more difficult than I thought as certificate creation on a local server or desktop uses the COM based CryptoAPI... which isnt available for use with Automation Runbooks.

This example script used the brilliant "Bouncy Castle" library for creating certificates.

SCCM Application Objects - Enhanced Registry Detection

Over the years I've posted a number of atricles related to using PowerShell with SCCM.  The most read of these was about creating SCCM Applications with Enhanced Detection methods - specifically for File Based Detection.  A number of people have asked for an example of the same script using Registry based detection for installed applications.

Not to go over old ground - the earlier blogs that may be of interest are found here:

PowerShell DSC - using an IP address to Configure a Workgroup Machine


PowerShell’s Desired State Configuration is becoming a core component of Windows and is included with the installation of PowerShell 5.

Earlier I wrote about enabling WinRM using a self-signed certificate (http://www.laurierhodes.info/?q=node/115).   Use those instructions to configure WinRM on a newly built machine.

Using Azure Automation with only REST API’s

Azure Automation is the next step in Microsoft’s Orchestration path.  Using predefined workflows / with REST/Odata/WebAPI has been a core component of Orchestrator, Service Management Automation and the Cloud based Azure Automation.

Hardware Reporting with PowerShell

WMI is easy to use and great for querying information about remote machines.  It’s the obvious choice for reporting on hardware usage – especially for scoping EC2 instances.  What is a little more interesting is using the retrieved information to construct a report.

Enabling Windows Remote Management (WinRM) with HTTPS

Windows Remote Management is a core technology for the remote management and configuration of Windows machines.  WinRM is essential for automating complex Azure and AWS tasks.  This guide will outline how to establish WinRM using SSH and a self-signed certificate.  A certificate issued from a Certificate Authority would be preferable but for the purpose of establishing a test environment, the steps below are enough to get the technology working.

This demonstration is in three parts.

Calling PowerShell Modules with the REST / ODATA IIS Server extension (Example 2 - SSH)

To demonstrate how powerful the IIS Odata extension for PowerShell is, I’ve tweaked the SSH PowerShell module that I published previously for use with Azure Pack.  By doing so, as long as I can connect to my Windows IIS web server, I can relay SSH commands from any other physical environment.

You will need to have setup the Odata IIS server extension as described in http://www.laurierhodes.info/?q=node/111

Calling PowerShell Modules with REST / ODATA API

For a long time now, Windows Server has come with a feature called the “Management OData IIS Server Extension”.  As technology increasingly moves toward cloud computing and Microsoft technology is congealing around PowerShell, the power of this little known feature could hardly be overstated.  Built-in to Windows is the ability to run any PowerShell module remotely via a REST / ODATA API call. 


Subscribe to RSS - PowerShell