Using PowerGUI® to manage security

One part of my job that I find particularly enjoyable is working closely with other members of the PowerShell Community.  It doesn’t take any time at all when working with these people to feel the passion and excitement that they have for Windows PowerShell and PowerGUI.  One such person I have been working with a fair amount recently is Vadims Podans.  Vadims is a PowerShell MVP from Latvia and you may have seen some of his work in the past on his blog or in the Enterprise PKI Management PowerPack that he entered in our PowerPack Challenge contest last year.  From my experience working with him I’ve come to learn that he knows a heck of a lot about PKI and security in general, not to mention PowerShell.  Vadims’ expertise in these areas has resulted in quite a few new security-related releases in the past several weeks, as follows:

AD-PKI Cmdlets Tech Brief

Quest Software recently published an AD-PKI Cmdlets tech brief that was written by Vadims.  This tech brief reviews the security concepts surrounding digital certificate management and provides details and many examples showing how the AD-PKI cmdlets can be used with Active Directory to simplify PKI management.

Download the AD-PKI Cmdlet Tech Brief here.

Enterprise PKI Management PowerPack

Vadims recently released version 1.5 of his Enterprise PKI Management PowerPack.  This update includes support for the AD-PKI cmdlets that were introduced as part of the 1.4 release of the Quest AD cmdlets.  Notable features listed on the PowerPack page include:

  • A lot of code now uses native Quest AD Cmdlets (version 1.4.2) so the PowerPack demonstrates new PKI cmdlets in action!
  • Added additional error handling.
  • In Certification Authorities node added properties that contains helpful information about CA CRL status. In addition there was revisited View CRL action and renamed to View CRL Info
  • Added Active Directory PKI node that contains the most common AD PKI-related containers. You will be able to review container contents and publish/unpublish certificates/CRLs by using new actions.
  • Changed Enterprise OCSP location behavior. Now the PowerPack realizes the same behavior as it is implemented in pkiview.msc MMC snap-in. Now the PowerPack correctly retrieves all available Enterprise OCSP Responders even if they are not running CA service
  • For Certificates node added two subcontainers (subnodes, as shown in the last screenshot) — Certificates and CRLs. This allows you to browse both — certificates and CRLs in the local certificate store. For CRLs added new basic actions.
  • Revisited certificate export and import actions. In addition to Quest AD cmdlet usage, the interface is provided in GUI form. So now you will be able to use standard dialogs to select a file to save/open.

Learn more and download the Enterprise PKI Management PowerPack here.

Script Signing Add-on

Very shortly after I released the first version of the Script Signing Add-on for the PowerGUI Script Editor, Vadims provided me with some great feedback that I was finally able to incorporate into an update.  Yesterday I released version 1.1 of this Add-on, which includes the following changes:

  • Replaced “Test Certificate” functionality with View Signature, allowing users to view script signing certificates used to sign files in the native Windows Certificate properties dialog.
  • Added View Certificate support to the Script Signing Options dialog.
  • Changed the default signing method to include all certificates in the certificate chain.
  • Optimized the script signing certificate search algorithm so that it only searches for script signing certificates in the My containers.

Learn more and download the latest version of the Script Signing Add-on here.

And if that’s not enough for you, you can also keep your scripts secure by using the integrated source control functionality in the Script Editor in PowerGUI Pro so that you can track any and all changes that are made to your scripts whether they are signed or not!

Please let us know what you think of these and other releases, as well as what you would like to see us add in the future, either here or on the PowerGUI Forums.  The feedback system really works!

Kirk out.

Share this post:

PowerGUI 2.1: The release that keeps on giving

Last Monday while I was down at Tech·Ed we quietly released PowerGUI 2.1 on our website.  I’ve been looking forward to us getting this release out the door for quite a while because there are some really cool features in the release that I wanted to share with you (some of which I’ve been hinting about on my blog recently), so it was very exciting to see this get released.  Since it happened at Tech·Ed though, my schedule was completely booked and I just couldn’t find a minute to start blogging about the release.  Now that I’m back home and fully recovered from a week packed with all sorts of cool technology, I can catch up and share this release with the rest of you.

Aside from the great performance improvements that were made in the Script Editor, not to mention the Charts and custom HTML support in the administrative console, there’s one particular feature that really grabbed my attention in this release: we now have a documented and supported SDK for the PowerGUI Script Editor!  This is great news because up to this point the only extensions that were possible were in the administrative console where you could create PowerPacks.  Now with 2.1 available anyone can create extensions for the Script Editor that add really cool functionality to it as well!

The screenshots I was blogging about a few weeks ago showed some of the Add-ons that I have been working on, and I just started publishing some of those Add-ons in the Script Editor Add-on category on  These Add-ons are just PowerShell modules so you can see exactly how they work by opening the module files in the Script Editor.  With Add-ons, not only do you get the features that were implemented in the core product, you now get to pick and choose additional features that you want as they become available by installing Add-ons.

What sort of things can you do with Add-ons?  Well, for starters you can sign your script files:


publish scripts online:


or change your embedded PowerShell Console to blue:


If that inspires you, you can also try creating your own Add-on:


And if you want to learn more about how you can create an Add-on, there’s even a tutorial available to help get you started.

There are some other useful Add-ons available right now, and more are in development so check the Script Editor Add-on category often to see what has been recently published.

If there are Add-ons you would like to see developed but you aren’t comfortable creating them yourself, share the ideas on our forums so that others can step up and help you out (or maybe even create the Add-on for you).

The Script Editor SDK that was added to this release is brand new to the PowerGUI product and we would love to hear your feedback on it.  Please speak up and let us know what you think about the SDK, the Add-ons we have made available so far, or anything else related to PowerGUI.  We’re always listening.

Thanks and happy scripting!

Kirk out.

Share this post: