Category Archives: Powershell Scripting

Powershell Scripting

[Cmdlet] AES256 : File Encrypt & File decrypt

Hi all,

Here are two Cmdlet that you can use to encrypt and decrypt file with AES256.

The encrypt function will first HASH the password with SHA256 to ensure that the password as de correct length (32 bytes)
Then it will generate the IV and open 3 stream (file in, file out & crypto). The 16 bytes of the IV will be written at the beginning of the output file and write the encrypted content starting at the 16th byte.

Here is the Cmdlet with an usage example :

The decrypt function will first HASH the password with SHA256 to ensure that the password has de correct length (32 bytes).
Then it will retreive the IV by reading the 16 first bytes of the input file and open 3 stream (file in, file out & crypto) after that it will read the encrypted content starting at the 16th byte.

Here is the Cmdlet with an usage example :

[Cmdlet] Get-PrinterQueuesMacAddress

Hi all,

This time I’ll share a little script I’ve made to retrieve the MAC addresses of your Printers Queues even if the devices are not in the same subnet. Of course there are some limitations. First of all the printers should support the SNMP protocol. If it is not the case it won’t work obviously ^^

Also you will need a special tool for this to function : NMAP
NMAP is (I think) the most powerfull network discovery and security auditing tool ever made, possibilities are infinite and he is damn fast at doing his job 😉

So first of all, download and install NMAP.

Now that NMAP is installed you will be able to use the Cmdlet !

Here is the code :

And here is an usage example :

You just have to provide a server list and the path where nmap.exe is located !

Enjoy !

Writing PowerShell Scripts : Tips

Hi all,

Here is a list of things that I think are good practices when writing PowerShell Scripts.
This list is not complete and should be extended with more principles.

  • Indent your code
  • Camelcase your variable name (With of without first letter capitalized)
  • Strong type your variable whenever possible
  • Use the “try catch finally” structure combined with $ErrorActionPreference = ‘Stop’
  • Comment your code !!!!
  • Use the correct “comment” template as advised by Microsoft
  • Split long Cmdlet and complex expression into multiple lines
  • Avoid short coding form if your not “live” scripting -> Think to who will come after you !!!
  • Correctly scope your variable
  • Split your code in “functions” When you have all your functions start with the script logic
  • Write Logs and never forget about the PS Transcript functionality !!!!!!
  • Generalize as much as possible your functions, a function must be generic and anything specific must be passed as parameter so you can reuse your function later for something else
  • A function do only one thing
  • Respect the correct Verb – Noun patern for any of your function
  • Do not forget that even if powershell is “powerfull” it is based on .NET so do not fear using .NET… .NET native functions are sometimes faster
  • Do with .NET what can’t be achieved natively with the Powershell Cmdlets
  • Use “Job” whenever possible
  • Use Multithreading capabilities of Powershell & .Net
  • … To be Continued…

    [Cmdlet] Export-CMSoftwareUpdateGroups

    In System Center Configuration Manager 2012 R2 it is not possible to export update groups and even if it is not an everyday task in some circumstance this can be useful… In my case I had to copy all my production updates groups to our acceptance environnement and doing this by hand was not an option at all so I wrote this little Cmdlet :

    The next post will be about importing the data in another Configuration Manager environnement !


    Here is a very simple function to split all Unicode character to their two component format : base character and accent/special attribute to only return the first component.

    Usage example :

    This will return : uaeeuueieL

    Enjoy !

    [Cmdlet] Add-ConfigMgr10RegistryEntriesForLocalSystem

    A few days ago I was trying to run a script with Cmdlet comming from the Config Manager 2012 R2 Powershell module as “Local System” and I noticed that the module could not load correctly under “Local System”. I’ve searched the internet and I found my way to the solution with the help of this Blog post. Here is a small Cmdlet that will add all the required registry entries for the “Local System” account so you can run Configuration Manager Cmdlet under a “Local System” context !

    Enjoy !

    [Cmdlet] Update OVH DynHOST

    Hi all,

    As a gamer, I like to run private servers to play with my friends. Some times ago, there were plenty of free Dynamic DNS services but this is no more the case. Fortunatelly my DNS is registred at OVH and they offer the DynHOST service which is a free Dynamic DNS Service.

    To correctly use this service you have to contact their servers from time to time so they can update the DNS record, therefore, I wrote this little Powershell Cmdlet. I wont explain how to configure and use the OVH DynHost service because it’s already explained here

    And here is an example of how to use it :

    Now just create a Scheduled task that will run this script 😉

    Enjoy !

    [Cmdlet] Remotely enable WinRM


    Here is a little Cmdlet that will remotely enable and start WinRM so you can PSRemote a specific computer.
    The Cmdlet will check the connection to the target computer, then it will start the “Remote Registry” service, modify the registry, Start the WinRM service and try to restore the “Remote Registry” service to its previous configuration.

    [Cmdlet] Get-GroupMemberNames


    Here is a small variation of another Cmdlet I published earlier to retrieve all the security group names for a give user recursively.
    This new Cmdlet will retrieve all user member names for a given group recursively.

    Enjoy !

    [Cmdlet] to generate Log file in the SCCM style


    Just a quick post to share the log function I’m using in all my Powershell scripts. This Cmdlet will generate log file written in the SCCM style so they can be easily exploited with CMTrace.


    Enjoy !