programming:powershell
Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revision | |||
| programming:powershell [2023/11/01 07:31] – removed - external edit (Unknown date) 127.0.0.1 | programming:powershell [2023/11/01 07:31] (current) – ↷ Page moved from camunda:programming:powershell to programming:powershell skipidar | ||
|---|---|---|---|
| Line 1: | Line 1: | ||
| + | ===== Powershell ===== | ||
| + | ==== Execution of Powershell Scripts ==== | ||
| + | Execution of *.ps1 files by doubleclicking is forbidden on default. \\ | ||
| + | There are sevaral ways to still execute Scripts, e.g. by starting a **powerShell** with the script as command parameter | ||
| + | |||
| + | There is a detailed describtion of that https:// | ||
| + | |||
| + | |||
| + | ==== Execution scope in powershell ==== | ||
| + | The scope in which powershell variables are visible: http:// | ||
| + | ==== Policy ==== | ||
| + | |||
| + | < | ||
| + | |||
| + | The execution policies you can use are: | ||
| + | |||
| + | * Restricted - Scripts won’t run. | ||
| + | * **RemoteSigned** - Scripts created locally will run, but those downloaded from the Internet will not (unless they are digitally signed by a trusted publisher). | ||
| + | * AllSigned - Scripts will run only if they have been signed by a trusted publisher. | ||
| + | * Unrestricted - Scripts will run regardless of where they have come from and whether they are signed. | ||
| + | * You can set PowerShell’s execution policy by using the following cmdlet: | ||
| + | |||
| + | < | ||
| + | |||
| + | |||
| + | ==== Execution of commands on remote PCs ==== | ||
| + | |||
| + | Remote execution of Scripts via powershell is described here: https:// | ||
| + | |||
| + | - < | ||
| + | < | ||
| + | PS C: | ||
| + | </ | ||
| + | </ | ||
| + | - < | ||
| + | < | ||
| + | C: | ||
| + | </ | ||
| + | </ | ||
| + | - < | ||
| + | < | ||
| + | PS C: | ||
| + | </ | ||
| + | </ | ||
| + | - < | ||
| + | < | ||
| + | PS C: | ||
| + | </ | ||
| + | </ | ||
| + | - < | ||
| + | < | ||
| + | PS C: | ||
| + | </ | ||
| + | </ | ||
| + | |||
| + | |||
| + | Executing with autehntification: | ||
| + | |||
| + | < | ||
| + | $username = ' | ||
| + | $password = ' | ||
| + | |||
| + | $cred = New-Object System.Management.Automation.PSCredential -ArgumentList @($username, | ||
| + | |||
| + | invoke-command -computername ANB13010 -Credential $cred -Authentication CredSSP -scriptblock {powershell -File D: | ||
| + | </ | ||
| + | |||
| + | |||
| + | == ACHTUNG: Powershell is not able to execute interactive processes == | ||
| + | As stated here: http:// | ||
| + | |||
| + | You cannot start interactive processes using WMI or PowerSHell remoting. This is a security limitation/ | ||
| + | |||
| + | You can use PSExec tool for that, available here http:// | ||
| + | < | ||
| + | # WORKS! | ||
| + | |||
| + | $remoteMachine = ' | ||
| + | $username = ' | ||
| + | $password = ' | ||
| + | |||
| + | D: | ||
| + | |||
| + | </ | ||
| + | |||
| + | ==== Executing Executables ==== | ||
| + | |||
| + | Just write the .exe down with the parameters or use the call operator **&** | ||
| + | |||
| + | Details are here http:// | ||
| + | |||
| + | |||
| + | ==== Second Hop Problem ==== | ||
| + | |||
| + | When executing commands on foreign computer B - B will not be able to access another computer C via Network. \\ | ||
| + | This happens because B can not pass the creadentials further to another PCs on default. | ||
| + | |||
| + | You can bypass this problem by giving B this ability. | ||
| + | |||
| + | == 1) Execute on local PC - the first PC in a row. This PC will call invoke-command. Here its name is a-pc-p31dash01 == | ||
| + | < | ||
| + | #Erlauben die Powershell Skripte auszufuhren | ||
| + | Set-ExecutionPolicy RemoteSigned | ||
| + | |||
| + | #workaround second-hop um auf Netzfreigaben zu zugreifen http:// | ||
| + | Enable-WSManCredSSP –Role client –DelegateComputer * -force | ||
| + | |||
| + | # trust the deployment machine | ||
| + | Set-Item wsman: | ||
| + | Set-Item wsman: | ||
| + | </ | ||
| + | |||
| + | |||
| + | == 2) Execute on remote PC B. On this PC the commands will be executed remotely. Here it's name is ANB13010 == | ||
| + | < | ||
| + | #Erlauben die Powershell Skripte auszufuhren | ||
| + | Set-ExecutionPolicy RemoteSigned | ||
| + | |||
| + | #erlaube den remote Zugriff via Skripte | ||
| + | Enable-PSRemoting -force | ||
| + | |||
| + | #workaround second-hop um auf Netzfreigaben zu zugreifen http:// | ||
| + | Enable-WSManCredSSP –Role server -force | ||
| + | |||
| + | #fuge die BuildSlaves zu TrustedHosts hinzu | ||
| + | Set-Item wsman: | ||
| + | Set-Item wsman: | ||
| + | </ | ||
| + | |||
| + | == 3) Now execute remote commands with request to Network PCs. here it happens on a-pc-p31dash01 == | ||
| + | You can invoke commands on foreign PCs as following. The following command can be called from PC A \\ | ||
| + | to be executed on PC B with name ANB13010 \\ | ||
| + | in order to list files on network share on PC C with ip 192.168.51.116 | ||
| + | < | ||
| + | |||
| + | $username = ' | ||
| + | $password = ' | ||
| + | |||
| + | $cred = New-Object System.Management.Automation.PSCredential -ArgumentList @($username, | ||
| + | |||
| + | invoke-command -computername ANB13010 -Credential $cred -Authentication CredSSP -scriptblock { Get-ChildItem -Path \\192.168.51.116\networkShare | echo} | ||
| + | </ | ||
| + | |||
| + | |||
| + | ==== API ==== | ||
| + | |||
| + | === Replacement in Files using regex=== | ||
| + | < | ||
| + | (Get-Content c: | ||
| + | -replace ' | ||
| + | Out-File c: | ||
| + | </ | ||