IPT1 – FT | MOD5: CREATE AND RUN A POWERSHELL SCRIPT (PART 1)

5.0 | CREATING OUR FIRST SCRIPT

• Create a Script using Notepad

• Create a Script using the Integrated Scripting Environment
• Enable PowerShell Scripts
• Run a PowerShell script

1) Create a Script using Notepad

➢ The following steps are used to create a PowerShell script:
1. Open Start.
2. Search for text editor such as Notepad, and click on the Notepad app.
3. Now, a new window of notepad will open. Type the script on the text file which you want to execute.

Example:

1. Type echo “Hello World”

- The echo command is used to print the variables or strings on the console.
- The echo command has an alias named “Write-Output” in Windows PowerShell Scripting language.
- In PowerShell, you can use “echo” and “Write-Output,” which will provide the same output.
2. Click on the 'File' menu in the menu bar.
3. Select the option 'save as' from the drop-down list.
4. Type the name of a file in the box and click on the 'save' button. For example: HelloWorld.ps1
- A PS1 file is a script, or "cmdlet," used by Windows PowerShell, a Windows shell program built on
Microsoft’s. NET Framework.
- It contains a series of commands written in the PowerShell scripting language.

2) Create a Script using the Integrated Scripting Environment (ISE)

1. Open Start.
2. Search for the Windows PowerShell ISE, right-click on the 'Windows PowerShell ISE' and select the 'Run
as Administrator' option from the drop-down list.
3. Select the 'New' option to create a new empty file.
4. Write a script which you want to execute.
5. Echo "Hello CCS!"
6. Click on the 'File' menu in the menu bar.
7. Select the option 'save as' from the drop-down list.
8. Type the name of a script. And, then click on the Save button.
9.
10.

5.1 | ENABLE POWERSHELL SCRIPTS

There are four different types of execution policy in PowerShell:

1. Restricted
2. RemoteSigned
3. Unrestricted
4. Allsigned
1
1) Restricted
➢ The default execution policy for Windows client computers.
➢ Permits individual commands, but does not allow scripts.
➢ Prevents running of all script files, including formatting and configuration files (.ps1xml), module script files
(.psm1), and PowerShell profiles (.ps1).
Note:

➢ Default on Windows clients (e.g., regular computers).

➢ Only allows running single commands, not full scripts.
➢ Blocks all script files, including configuration and module files.
➢ Good for maximum security if you don’t plan on running scripts

2) RemoteSigned
➢ The default execution policy for Windows server computers.
➢ Scripts can run.
➢ Requires a digital signature from a trusted publisher on scripts and configuration files that are downloaded
from the internet which includes email and instant messaging programs.
➢ Risks running unsigned scripts from sources other than the internet and signed scripts that could be malicious.
➢ Doesn't require digital signatures on scripts that are written on the local computer and not downloaded from
the internet.
➢ Runs scripts that are downloaded from the internet and not signed, if the scripts are unblocked, such as by using
the Unblock-File cmdlet.
Note

➢ Default on Windows servers.

➢ Allows scripts to run, but with one security rule:
➢ If a script is downloaded from the internet, it must have a digital signature from a trusted source. This protects against
running potentially dangerous scripts from emails or downloads.
➢ Scripts created locally (on your own computer) don’t need a signature.
➢ If you want to run an unsigned script from the internet, you can unblock it manually (using Unblock-File).

3) Unrestricted
➢ The default execution policy for non-Windows computers and cannot be changed.
➢ Unsigned scripts can run. There is a risk of running malicious scripts.
➢ Warns the user before running scripts and configuration files that are not from the local intranet zone.
Note:

➢ Default on non-Windows computers, like Linux or macOS, and it can’t be changed there.
➢ Allows all scripts to run, signed or unsigned.
➢ It warns you when running scripts that are not from a trusted network, like your company’s intranet.
➢ This policy is flexible but carries some risk, as malicious scripts could run without any blocks.

4) AllSigned
➢ Scripts can run.
➢ Requires that all scripts and configuration files be signed by a trusted publisher, including scripts that you
write on the local computer.
➢ Prompts you before running scripts from publishers that you haven't yet classified as trusted or untrusted.
➢ Risks running signed, but malicious, scripts.

2
 Note:

➢ Allows scripts to run but with a high-security requirement:

➢ Every script, even ones you write, must be signed by a trusted publisher.
➢ Prompts you to confirm before running scripts from publishers that you haven’t classified as trusted.
➢ While it protects against unsigned scripts, there’s still some risk if a signed script is malicious.

In summary, Restricted is the strictest, RemoteSigned allows more flexibility with security for internet-
downloaded files, Unrestricted is open but risky, and AllSigned is very secure but requires signatures on all scripts.

5.1.1 | ENABLE POWERSHELL SCRIPTS

First, we set the execution policy to Unrestricted to execute the scripts by using the following command.

• Set-ExecutionPolicy Unrestricted

Note:

The command Set-ExecutionPolicy Unrestricted in PowerShell changes the script-running permissions to allow all
scripts to run without restriction. Here's how it works and what it does:

a) What It Does:
1. Setting the execution policy to Unrestricted means PowerShell will allow all scripts to run, whether they are
signed (verified by a trusted publisher) or unsigned.
2. When a script is from a less secure source (like the internet), PowerShell may give you a warning before running
it, but it won’t block the script.
b) How to Use It:
1. Run PowerShell as an Administrator (right-click on PowerShell and select “Run as administrator”).
2. Type the command Set-ExecutionPolicy Unrestricted and press Enter.
3. PowerShell will prompt you to confirm. Type Y (Yes) to apply the policy.
c) Why Use It:
1. This setting is often used temporarily by developers or users who need to test or run scripts without constant
interruptions or restrictions.
2. After testing, it’s a good idea to set the execution policy back to something more secure, like Restricted or
RemoteSigned.
d) Security Note:
1. Allowing all scripts to run, especially unsigned ones, comes with a security risk, as potentially harmful scripts
could be executed without restrictions.

5.3 | RUN POWERSHELL SCRIPTS

1. Type the Windows PowerShell in the start menu and then open it by clicking on a result.
2. Now, execute the script by typing the full path to the script such as:
3. (C:/desktop/TSU/Scripts/HelloWorld.ps1).

3
 IPT1 – FT | MOD5: VARIABLES (PART 2)

5.4 | POWERSHELL VARIABLES

• Variables
➢ are the fundamental part of the Windows PowerShell.
➢ We can store all the types of values in the PowerShell variables. For example, we can store the result of
commands, and the elements which are used in expressions and commands, such as paths, names, settings, and
values.
➢ A variable is a unit of memory in which the data is stored.
➢ In Windows PowerShell, the name of a variable starts with the dollar ($) sign, such as $process, $a.
➢ The name of the variables are not case sensitive, and they include spaces and special characters.
➢ By default, the value of all the variables in a PowerShell is $null.

Examples:

a. $myVariable d. $123
b. $myVariable_1 e. ${help}
c. $name
Note:

➢ A PowerShell variable is a storage unit within your script or command line that holds data you can use and
manipulate. Think of it like a container where you put things so you can easily access them later. Variables in
PowerShell are indicated by a $ sign, followed by the variable name.

5.5 | CREATE A VARIABLE

• We use an assignment operator (=) to assign a specified value to the variable. We can create a variable by assigning
it a value.
• Example 1: 1. $vrb = 201 {The command in this example assigns the integer value 201 to the variable called $vrb.)
• Example 2: 1. $mySubject = "PowerShell" (The command in this example creates a variable named $mySubject
and assign it a string value. In this example, $mySubject is a string object.)

Note:

• Using a Variable: Once created, you can use the variable by calling its name.
• Types of Data: Variables can hold different types of data, including strings, numbers, arrays, and objects.
• Scope: Variables have different scopes: local, script, and global, which determine where they can be accessed.

5.6 | PRINT THE VALUE OF A VARIABLE

• Print the value of a variable To display the value of a variable, type the name of a variable, followed by a dollar
sign '$’.
• Following example is used to print the value of a variable:

4
5.7 | CHANGE THE VALUE OF A VARIABLE

• If you want to change the value of a variable, assign a new value to that variable.

5.8 | DELETE A VARIABLE

• If you want to delete the value of the variable, use the clear-variable cmdlet, or change the value of it to $null.

5.9 | GET-PROCESS

• Get-Process
➢ If you want to get a process like for
example the date today, you can set a
variable;
➢ $Today = (Get-Date).DateTime

5.10 | ASSIGNING MULTIPLE VALUES

• Aside on assigning single values, we can assign multiple values

5.11 | VARIABLE CONVERSION

• You can use a type attribute and cast notation to ensure that a
variable can contain only specific object types or objects that can be
converted to that type.
• If you try to assign a value of another type, PowerShell tries to
convert the value to its type. If the type can't be converted, the
assignment statement fails.

5
5.12 | CONVERT STRING TO INT

• In this case we convert the string variable to an integer. We use the

concatenate += operator to join two strings together

5.13 | CONVERT STRING TO DATETIME OBJECT

• In this case we convert the string into date and time.

• Upon using this command, we have this output

5.14 | VARIABLE NAMES THAT INCLUDE SPECIAL CHARACTERS

• Variable names begin with a dollar ($) sign and can include alphanumeric characters and special characters.
• The variable name length is limited only by available memory.
• The best practice is that variable names include only alphanumeric characters and the underscore (_) character.
• Variable names that include spaces and other special characters, are difficult to use and should be avoided.

5.15 | CODE OF ACTIVITY 2