One part of my job that I find particularly enjoyable is working closely with other members of the PowerShell Community. It doesn’t take any time at all when working with these people to feel the passion and excitement that they have for Windows PowerShell and PowerGUI. One such person I have been working with a fair amount recently is Vadims Podans. Vadims is a PowerShell MVP from Latvia and you may have seen some of his work in the past on his blog or in the Enterprise PKI Management PowerPack that he entered in our PowerPack Challenge contest last year. From my experience working with him I’ve come to learn that he knows a heck of a lot about PKI and security in general, not to mention PowerShell. Vadims’ expertise in these areas has resulted in quite a few new security-related releases in the past several weeks, as follows:
AD-PKI Cmdlets Tech Brief
Quest Software recently published an AD-PKI Cmdlets tech brief that was written by Vadims. This tech brief reviews the security concepts surrounding digital certificate management and provides details and many examples showing how the AD-PKI cmdlets can be used with Active Directory to simplify PKI management.
Enterprise PKI Management PowerPack
Vadims recently released version 1.5 of his Enterprise PKI Management PowerPack. This update includes support for the AD-PKI cmdlets that were introduced as part of the 1.4 release of the Quest AD cmdlets. Notable features listed on the PowerPack page include:
- A lot of code now uses native Quest AD Cmdlets (version 1.4.2) so the PowerPack demonstrates new PKI cmdlets in action!
- Added additional error handling.
- In Certification Authorities node added properties that contains helpful information about CA CRL status. In addition there was revisited View CRL action and renamed to View CRL Info
- Added Active Directory PKI node that contains the most common AD PKI-related containers. You will be able to review container contents and publish/unpublish certificates/CRLs by using new actions.
- Changed Enterprise OCSP location behavior. Now the PowerPack realizes the same behavior as it is implemented in pkiview.msc MMC snap-in. Now the PowerPack correctly retrieves all available Enterprise OCSP Responders even if they are not running CA service
- For Certificates node added two subcontainers (subnodes, as shown in the last screenshot) — Certificates and CRLs. This allows you to browse both — certificates and CRLs in the local certificate store. For CRLs added new basic actions.
- Revisited certificate export and import actions. In addition to Quest AD cmdlet usage, the interface is provided in GUI form. So now you will be able to use standard dialogs to select a file to save/open.
Script Signing Add-on
Very shortly after I released the first version of the Script Signing Add-on for the PowerGUI Script Editor, Vadims provided me with some great feedback that I was finally able to incorporate into an update. Yesterday I released version 1.1 of this Add-on, which includes the following changes:
- Replaced “Test Certificate” functionality with View Signature, allowing users to view script signing certificates used to sign files in the native Windows Certificate properties dialog.
- Added View Certificate support to the Script Signing Options dialog.
- Changed the default signing method to include all certificates in the certificate chain.
- Optimized the script signing certificate search algorithm so that it only searches for script signing certificates in the My containers.
And if that’s not enough for you, you can also keep your scripts secure by using the integrated source control functionality in the Script Editor in PowerGUI Pro so that you can track any and all changes that are made to your scripts whether they are signed or not!
Please let us know what you think of these and other releases, as well as what you would like to see us add in the future, either here or on the PowerGUI Forums. The feedback system really works!
|Share this post:|