| Server IP : www.kowitt.ac.th / Your IP : 216.73.216.118 Web Server : Microsoft-IIS/7.5 System : Windows NT SERVER02 6.1 build 7601 (Windows Server 2008 R2 Standard Edition Service Pack 1) i586 User : IUSR ( 0) PHP Version : 5.6.31 Disable Function : NONE MySQL : ON | cURL : ON | WGET : OFF | Perl : OFF | Python : OFF | Sudo : OFF | Pkexec : OFF Directory : C:/Windows/System32/WindowsPowerShell/v1.0/en-US/ |
Upload File : |
<?xml version="1.0" encoding="utf-8" ?>
<helpItems schema="maml">
<!-- v 1.1.0.9 -->
<command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
<command:details>
<command:name>
ConvertFrom-SecureString
</command:name>
<maml:description>
<maml:para>Converts a secure string into an encrypted standard string.</maml:para>
</maml:description>
<maml:copyright>
<maml:para></maml:para>
</maml:copyright>
<command:verb>ConvertFrom</command:verb>
<command:noun>SecureString</command:noun>
<dev:version></dev:version>
</command:details>
<maml:description>
<maml:para>The ConvertFrom-SecureString cmdlet converts a secure string (System.Security.SecureString) into an encrypted standard string (System.String). Unlike a secure string, an encrypted standard string can be saved in a file for later use. The encrypted standard string can be converted back to its secure string format by using the ConvertTo-SecureString cmdlet. If an encryption key is specified by using the Key or SecureKey parameters, the Rijndael encryption algorithm is used. The specified key must have a length of 128, 192, or 256 bits because those are the key lengths supported by the Rijndael encryption algorithm. If no key is specified, the Windows Data Protection API (DPAPI) is used to encrypt the standard string representation.</maml:para>
</maml:description>
<!-- Cmdlet syntax section-->
<command:syntax>
<command:syntaxItem>
<maml:name>ConvertFrom-SecureString</maml:name>
<command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named">
<maml:name>Key</maml:name>
<maml:description>
<maml:para>Specifies the encryption key as a byte array.</maml:para>
</maml:description>
<command:parameterValue required="true" variableLength="true">Byte[]</command:parameterValue>
</command:parameter>
<command:parameter required="true" variableLength="false" globbing="false" pipelineInput="true (ByValue)" position="1">
<maml:name>SecureString</maml:name>
<maml:description>
<maml:para>Specifies the secure string to convert to an encrypted standard string.</maml:para>
</maml:description>
<command:parameterValue required="true" variableLength="false">SecureString</command:parameterValue>
</command:parameter>
</command:syntaxItem>
<command:syntaxItem>
<maml:name>ConvertFrom-SecureString</maml:name>
<command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="2">
<maml:name>SecureKey</maml:name>
<maml:description>
<maml:para>Specifies the encryption key as a secure string. The secure string value is converted to a byte array before being used as the key.</maml:para>
</maml:description>
<command:parameterValue required="true" variableLength="false">SecureString</command:parameterValue>
</command:parameter>
<command:parameter required="true" variableLength="false" globbing="false" pipelineInput="true (ByValue)" position="1">
<maml:name>SecureString</maml:name>
<maml:description>
<maml:para>Specifies the secure string to convert to an encrypted standard string.</maml:para>
</maml:description>
<command:parameterValue required="true" variableLength="false">SecureString</command:parameterValue>
</command:parameter>
</command:syntaxItem>
</command:syntax>
<!-- Cmdlet parameter section -->
<command:parameters>
<command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named">
<maml:name>Key</maml:name>
<maml:description>
<maml:para>Specifies the encryption key as a byte array.</maml:para>
</maml:description>
<command:parameterValue required="true" variableLength="true">Byte[]</command:parameterValue>
<dev:type>
<maml:name>Byte[]</maml:name>
<maml:uri/>
</dev:type>
<dev:defaultValue></dev:defaultValue>
</command:parameter>
<command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="2">
<maml:name>SecureKey</maml:name>
<maml:description>
<maml:para>Specifies the encryption key as a secure string. The secure string value is converted to a byte array before being used as the key.</maml:para>
</maml:description>
<command:parameterValue required="true" variableLength="false">SecureString</command:parameterValue>
<dev:type>
<maml:name>SecureString</maml:name>
<maml:uri/>
</dev:type>
<dev:defaultValue></dev:defaultValue>
</command:parameter>
<command:parameter required="true" variableLength="false" globbing="false" pipelineInput="true (ByValue)" position="1">
<maml:name>SecureString</maml:name>
<maml:description>
<maml:para>Specifies the secure string to convert to an encrypted standard string.</maml:para>
</maml:description>
<command:parameterValue required="true" variableLength="false">SecureString</command:parameterValue>
<dev:type>
<maml:name>SecureString</maml:name>
<maml:uri/>
</dev:type>
<dev:defaultValue></dev:defaultValue>
</command:parameter>
</command:parameters>
<!-- Input - Output section-->
<command:inputTypes>
<command:inputType>
<dev:type>
<maml:name>System.Security.SecureString</maml:name>
<maml:uri/>
<maml:description />
</dev:type>
<maml:description>
<maml:para>
<!-- description -->
You can pipe a SecureString object to ConvertFrom-SecureString.
</maml:para>
</maml:description>
</command:inputType>
</command:inputTypes>
<command:returnValues>
<command:returnValue>
<dev:type>
<maml:name>System.String</maml:name>
<maml:uri />
<maml:description />
</dev:type>
<maml:description>
<maml:para>
<!-- description -->
ConvertFrom-SecureString returns a standard string object.
</maml:para>
</maml:description>
</command:returnValue>
</command:returnValues>
<!-- Error section-->
<command:terminatingErrors />
<command:nonTerminatingErrors />
<!-- Notes section -->
<maml:alertSet>
<maml:title></maml:title>
<maml:alert>
<maml:para>
To create a secure string from characters that are typed at the command prompt, use the AsSecureString parameter of the Read-Host cmdlet.
When you use the Key or SecureKey parameters to specify a key, the key length must be correct. For example, a key of 128 bits can be specified as a byte array of 16 digits. Similarly, 192-bit and 256-bit keys correspond to byte arrays of 24 and 32 digits, respectively.
</maml:para>
</maml:alert>
<maml:alert>
<maml:para></maml:para>
</maml:alert>
</maml:alertSet>
<!-- Example section -->
<command:examples>
<command:example>
<maml:title>
-------------------------- EXAMPLE 1 --------------------------
</maml:title>
<maml:introduction>
<maml:para>C:\PS></maml:para>
</maml:introduction>
<dev:code>
$securestring = read-host -assecurestring </dev:code>
<dev:remarks>
<maml:para>Description</maml:para>
<maml:para>-----------</maml:para>
<maml:para>This command creates a secure string from characters that you type at the command prompt. After entering the command, type the string you want to store as a secure string. An asterisk (*) will be displayed to represent each character that you type.</maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
</dev:remarks>
<command:commandLines>
<command:commandLine>
<command:commandText></command:commandText>
</command:commandLine>
</command:commandLines>
</command:example>
<command:example>
<maml:title>
-------------------------- EXAMPLE 2 --------------------------
</maml:title>
<maml:introduction>
<maml:para>C:\PS></maml:para>
</maml:introduction>
<dev:code>
$standardstring = convertfrom-securestring $securestring </dev:code>
<dev:remarks>
<maml:para>Description</maml:para>
<maml:para>-----------</maml:para>
<maml:para>This command converts the secure string in the $securestring variable to an encrypted standard string. The resulting encrypted standard string is stored in the $standardstring variable.</maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
</dev:remarks>
<command:commandLines>
<command:commandLine>
<command:commandText></command:commandText>
</command:commandLine>
</command:commandLines>
</command:example>
<command:example>
<maml:title>
-------------------------- EXAMPLE 3 --------------------------
</maml:title>
<maml:introduction>
<maml:para>C:\PS></maml:para>
</maml:introduction>
<dev:code>
$key = (3,4,2,3,56,34,254,222,1,1,2,23,42,54,33,233,1,34,2,7,6,5,35,43)
C:\PS> $standardstring = convertfrom-securestring $securestring -key $key </dev:code>
<dev:remarks>
<maml:para>Description</maml:para>
<maml:para>-----------</maml:para>
<maml:para>These commands use the Rijndael algorithm to convert the secure string stored in the $securestring variable to an encrypted standard string with a 192-bit key. The resulting encrypted standard string is stored in the $standardstring variable.
The first command stores a key in the $key variable. The key is an array of 24 digits, all of which are less than 256.
Because each digit represents a byte (8 bits), the key has 24 digits for a total of 192 bits (8 x 24). This is a valid key length for the Rijndael algorithm. Each individual value is less than 256, which is the maximum value that can be stored in an unsigned byte.
The second command uses the key in the $key variable to convert the secure string to an encrypted standard string.
</maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
</dev:remarks>
<command:commandLines>
<command:commandLine>
<command:commandText></command:commandText>
</command:commandLine>
</command:commandLines>
</command:example>
</command:examples>
<!-- Link section -->
<maml:relatedLinks>
<maml:navigationLink>
<maml:linkText>Online version:</maml:linkText>
<maml:uri>http://go.microsoft.com/fwlink/?LinkID=113287</maml:uri>
</maml:navigationLink>
<maml:navigationLink>
<maml:linkText>ConvertTo-SecureString</maml:linkText>
<maml:uri/>
</maml:navigationLink>
<maml:navigationLink>
<maml:linkText>Read-Host</maml:linkText>
<maml:uri/>
</maml:navigationLink>
</maml:relatedLinks>
</command:command>
<!-- v 1.1.0.9 -->
<command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
<command:details>
<command:name>
ConvertTo-SecureString
</command:name>
<maml:description>
<maml:para>Converts encrypted standard strings to secure strings. It can also convert plain text to secure strings. It is used with ConvertFrom-SecureString and Read-Host.</maml:para>
</maml:description>
<maml:copyright>
<maml:para></maml:para>
</maml:copyright>
<command:verb>ConvertTo</command:verb>
<command:noun>SecureString</command:noun>
<dev:version></dev:version>
</command:details>
<maml:description>
<maml:para>The ConvertTo-SecureString cmdlet converts encrypted standard strings into secure strings. It can also convert plain text to secure strings. It is used with ConvertFrom-SecureString and Read-Host. The secure string created by the cmdlet can be used with cmdlets or functions that require a parameter of type SecureString. The secure string can be converted back to an encrypted, standard string using the ConvertFrom-SecureString cmdlet. This enables it to be stored in a file for later use.
If the standard string being converted was encrypted with ConvertFrom-SecureString using a specified key, that same key must be provided as the value of the Key or SecureKey parameter of the ConvertTo-SecureString cmdlet.</maml:para>
</maml:description>
<!-- Cmdlet syntax section-->
<command:syntax>
<command:syntaxItem>
<maml:name>ConvertTo-SecureString</maml:name>
<command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named">
<maml:name>Key</maml:name>
<maml:description>
<maml:para>Specifies the encryption key to use when converting a secure string into an encrypted standard string. Valid key lengths are 16, 24, and 32 bytes.</maml:para>
</maml:description>
<command:parameterValue required="true" variableLength="true">Byte[]</command:parameterValue>
</command:parameter>
<command:parameter required="true" variableLength="false" globbing="false" pipelineInput="true (ByValue)" position="1">
<maml:name>String</maml:name>
<maml:description>
<maml:para>Specifies the string to convert to a secure string.</maml:para>
</maml:description>
<command:parameterValue required="true" variableLength="false">string</command:parameterValue>
</command:parameter>
</command:syntaxItem>
<command:syntaxItem>
<maml:name>ConvertTo-SecureString</maml:name>
<command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="2">
<maml:name>AsPlainText</maml:name>
<maml:description>
<maml:para>Specifies a plain text string to convert to a secure string. The secure string cmdlets help protect confidential text. The text is encrypted for privacy and is deleted from computer memory after it is used. If you use this parameter to provide plain text as input, the system cannot protect that input in this manner. To use this parameter, you must also specify the Force parameter.</maml:para>
</maml:description>
</command:parameter>
<command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="3">
<maml:name>Force</maml:name>
<maml:description>
<maml:para>Confirms that you understand the implications of using the AsPlainText parameter and still want to use it.</maml:para>
</maml:description>
</command:parameter>
<command:parameter required="true" variableLength="false" globbing="false" pipelineInput="true (ByValue)" position="1">
<maml:name>String</maml:name>
<maml:description>
<maml:para>Specifies the string to convert to a secure string.</maml:para>
</maml:description>
<command:parameterValue required="true" variableLength="false">string</command:parameterValue>
</command:parameter>
</command:syntaxItem>
<command:syntaxItem>
<maml:name>ConvertTo-SecureString</maml:name>
<command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="2">
<maml:name>SecureKey</maml:name>
<maml:description>
<maml:para>Specifies the encryption key to use when converting a secure string into an encrypted standard string. The key must be provided in the format of a secure string. The secure string is converted to a byte array before being used as the key. Valid key lengths are 16, 24, and 32 bytes.</maml:para>
</maml:description>
<command:parameterValue required="true" variableLength="false">SecureString</command:parameterValue>
</command:parameter>
<command:parameter required="true" variableLength="false" globbing="false" pipelineInput="true (ByValue)" position="1">
<maml:name>String</maml:name>
<maml:description>
<maml:para>Specifies the string to convert to a secure string.</maml:para>
</maml:description>
<command:parameterValue required="true" variableLength="false">string</command:parameterValue>
</command:parameter>
</command:syntaxItem>
</command:syntax>
<!-- Cmdlet parameter section -->
<command:parameters>
<command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="2">
<maml:name>AsPlainText</maml:name>
<maml:description>
<maml:para>Specifies a plain text string to convert to a secure string. The secure string cmdlets help protect confidential text. The text is encrypted for privacy and is deleted from computer memory after it is used. If you use this parameter to provide plain text as input, the system cannot protect that input in this manner. To use this parameter, you must also specify the Force parameter.</maml:para>
</maml:description>
<command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue>
<dev:type>
<maml:name>SwitchParameter</maml:name>
<maml:uri/>
</dev:type>
<dev:defaultValue></dev:defaultValue>
</command:parameter>
<command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="3">
<maml:name>Force</maml:name>
<maml:description>
<maml:para>Confirms that you understand the implications of using the AsPlainText parameter and still want to use it.</maml:para>
</maml:description>
<command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue>
<dev:type>
<maml:name>SwitchParameter</maml:name>
<maml:uri/>
</dev:type>
<dev:defaultValue></dev:defaultValue>
</command:parameter>
<command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named">
<maml:name>Key</maml:name>
<maml:description>
<maml:para>Specifies the encryption key to use when converting a secure string into an encrypted standard string. Valid key lengths are 16, 24, and 32 bytes.</maml:para>
</maml:description>
<command:parameterValue required="true" variableLength="true">Byte[]</command:parameterValue>
<dev:type>
<maml:name>Byte[]</maml:name>
<maml:uri/>
</dev:type>
<dev:defaultValue></dev:defaultValue>
</command:parameter>
<command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="2">
<maml:name>SecureKey</maml:name>
<maml:description>
<maml:para>Specifies the encryption key to use when converting a secure string into an encrypted standard string. The key must be provided in the format of a secure string. The secure string is converted to a byte array before being used as the key. Valid key lengths are 16, 24, and 32 bytes.</maml:para>
</maml:description>
<command:parameterValue required="true" variableLength="false">SecureString</command:parameterValue>
<dev:type>
<maml:name>SecureString</maml:name>
<maml:uri/>
</dev:type>
<dev:defaultValue></dev:defaultValue>
</command:parameter>
<command:parameter required="true" variableLength="false" globbing="false" pipelineInput="true (ByValue)" position="1">
<maml:name>String</maml:name>
<maml:description>
<maml:para>Specifies the string to convert to a secure string.</maml:para>
</maml:description>
<command:parameterValue required="true" variableLength="false">string</command:parameterValue>
<dev:type>
<maml:name>string</maml:name>
<maml:uri/>
</dev:type>
<dev:defaultValue></dev:defaultValue>
</command:parameter>
</command:parameters>
<!-- Input - Output section-->
<command:inputTypes>
<command:inputType>
<dev:type>
<maml:name>System.String</maml:name>
<maml:uri/>
<maml:description />
</dev:type>
<maml:description>
<maml:para>
<!-- description -->
You can pipe a standard encrypted string to ConvertTo-SecureString.
</maml:para>
</maml:description>
</command:inputType>
</command:inputTypes>
<command:returnValues>
<command:returnValue>
<dev:type>
<maml:name>System.Security.SecureString</maml:name>
<maml:uri />
<maml:description />
</dev:type>
<maml:description>
<maml:para>
<!-- description -->
ConvertTo-SecureString returns a SecureString object.
</maml:para>
</maml:description>
</command:returnValue>
</command:returnValues>
<!-- Error section-->
<command:terminatingErrors />
<command:nonTerminatingErrors />
<!-- Notes section -->
<maml:alertSet>
<maml:title></maml:title>
<maml:alert>
<maml:para>
</maml:para>
</maml:alert>
<maml:alert>
<maml:para></maml:para>
</maml:alert>
</maml:alertSet>
<!-- Example section -->
<command:examples>
<command:example>
<maml:title>
-------------------------- EXAMPLE 1 --------------------------
</maml:title>
<maml:introduction>
<maml:para>C:\PS></maml:para>
</maml:introduction>
<dev:code>
$secure = read-host -assecurestring
C:\PS> $secure
System.Security.SecureString
C:\PS> $encrypted = convertfrom-securestring -securestring $secure
C:\PS> $encrypted
01000000d08c9ddf0115d1118c7a00c04fc297eb010000001a114d45b8dd3f4aa11ad7c0abdae9800000000002000000000003660000a8000000100000005df63cea84bfb7d70bd6842e7
efa79820000000004800000a000000010000000f10cd0f4a99a8d5814d94e0687d7430b100000008bf11f1960158405b2779613e9352c6d14000000e6b7bf46a9d485ff211b9b2a2df3bd
6eb67aae41
C:\PS> $secure2 = convertto-securestring -string $encrypted
C:\PS> $secure2
System.Security.SecureString </dev:code>
<dev:remarks>
<maml:para>Description</maml:para>
<maml:para>-----------</maml:para>
<maml:para>This example shows how to create a secure string from user input, convert the secure string to an encrypted standard string, and then convert the encrypted standard string back to a secure string.
The first command uses the AsSecureString parameter of the Read-Host cmdlet to create a secure string. After you enter the command, any characters that you type are converted into a secure string and then saved in the $secure variable.
The second command displays the contents of the $secure variable. Because the $secure variable contains a secure string, Windows PowerShell displays only the System.Security.SecureString type.
The third command uses the ConvertFrom-SecureString cmdlet to convert the secure string in the $secure variable into an encrypted standard string. It saves the result in the $encrypted variable. The fourth command displays the encrypted string in the value of the $encrypted variable.
The fifth command uses the ConvertTo-SecureString cmdlet to convert the encrypted standard string in the $encrypted variable back into a secure string. It saves the result in the $secure2 variable. The sixth command displays the value of the $secure2 variable. The SecureString type indicates that the command was successful.</maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
</dev:remarks>
<command:commandLines>
<command:commandLine>
<command:commandText></command:commandText>
</command:commandLine>
</command:commandLines>
</command:example>
<command:example>
<maml:title>
-------------------------- EXAMPLE 2 --------------------------
</maml:title>
<maml:introduction>
<maml:para>C:\PS></maml:para>
</maml:introduction>
<dev:code>
$secure = read-host -assecurestring
C:\PS> $encrypted = convertfrom-securestring -secureString $secure -key (1..16)
C:\PS> $encrypted | set-content encrypted.txt
C:\PS> $secure2 = get-content encrypted.txt | convertto-securestring -key (1..16) </dev:code>
<dev:remarks>
<maml:para>Description</maml:para>
<maml:para>-----------</maml:para>
<maml:para>This example shows how to create a secure string from an encrypted standard string that is saved in a file.
The first command uses the AsSecureString parameter of the Read-Host cmdlet to create a secure string. After you enter the command, any characters that you type are converted into a secure string and then saved in the $secure variable.
The second command uses the ConvertFrom-SecureString cmdlet to convert the secure string in the $secure variable into an encrypted standard string by using the specified key. The contents are saved in the $encrypted variable.
The third command uses a pipeline operator (|) to send the value of the $encrypted variable to the Set-Content cmdlet, which saves the value in the Encrypted.txt file.
The fourth command uses the Get-Content cmdlet to get the encrypted standard string in the Encrypted.txt file. The command uses a pipeline operator to send the encrypted string to the ConvertTo-SecureString cmdlet, which converts it to a secure string by using the specified key. The results are saved in the $secure2 variable.</maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
</dev:remarks>
<command:commandLines>
<command:commandLine>
<command:commandText></command:commandText>
</command:commandLine>
</command:commandLines>
</command:example>
<command:example>
<maml:title>
-------------------------- EXAMPLE 3 --------------------------
</maml:title>
<maml:introduction>
<maml:para>C:\PS></maml:para>
</maml:introduction>
<dev:code>
$secure_string_pwd = convertto-securestring "P@ssW0rD!" -asplaintext -force </dev:code>
<dev:remarks>
<maml:para>Description</maml:para>
<maml:para>-----------</maml:para>
<maml:para>This command converts the plain text string "P@ssW0rD!" into a secure string and stores the result in the $secure_string_pwd variable. To use the AsPlainText parameter, the Force parameter must also be included in the command.</maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
</dev:remarks>
<command:commandLines>
<command:commandLine>
<command:commandText></command:commandText>
</command:commandLine>
</command:commandLines>
</command:example>
</command:examples>
<!-- Link section -->
<maml:relatedLinks>
<maml:navigationLink>
<maml:linkText>Online version:</maml:linkText>
<maml:uri>http://go.microsoft.com/fwlink/?LinkID=113291</maml:uri>
</maml:navigationLink>
<maml:navigationLink>
<maml:linkText>ConvertFrom-SecureString</maml:linkText>
<maml:uri/>
</maml:navigationLink>
<maml:navigationLink>
<maml:linkText>Read-Host</maml:linkText>
<maml:uri/>
</maml:navigationLink>
</maml:relatedLinks>
</command:command>
<!-- v 1.1.0.9 -->
<command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
<command:details>
<command:name>
Get-Acl
</command:name>
<maml:description>
<maml:para>Gets the security descriptor for a resource, such as a file or registry key.</maml:para>
</maml:description>
<maml:copyright>
<maml:para></maml:para>
</maml:copyright>
<command:verb>Get</command:verb>
<command:noun>Acl</command:noun>
<dev:version></dev:version>
</command:details>
<maml:description>
<maml:para>The Get-Acl cmdlet gets objects that represent the security descriptor of a file or resource. The security descriptor contains the access control lists (ACLs) of the resource. The ACL specifies the permissions that users and user groups have to access the resource.</maml:para>
</maml:description>
<!-- Cmdlet syntax section-->
<command:syntax>
<command:syntaxItem>
<maml:name>Get-Acl</maml:name>
<command:parameter required="false" variableLength="true" globbing="false" pipelineInput="true (ByValue, ByPropertyName)" position="1">
<maml:name>Path</maml:name>
<maml:description>
<maml:para>Specifies the path to a resource. Get-Acl gets the security descriptor of the resource indicated by the path. Wildcards are permitted. If you omit the Path parameter, Get-Acl gets the security descriptor of the current directory.
The parameter name ("Path") is optional.</maml:para>
</maml:description>
<command:parameterValue required="true" variableLength="true">string[]</command:parameterValue>
</command:parameter>
<command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named">
<maml:name>Audit</maml:name>
<maml:description>
<maml:para>Gets the audit data for the security descriptor from the system access control list (SACL).</maml:para>
</maml:description>
</command:parameter>
<command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named">
<maml:name>Exclude</maml:name>
<maml:description>
<maml:para>Omits the specified items. The value of this parameter qualifies the Path parameter. Enter a path element or pattern, such as "*.txt". Wildcards are permitted.</maml:para>
</maml:description>
<command:parameterValue required="true" variableLength="true">string[]</command:parameterValue>
</command:parameter>
<command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named">
<maml:name>Filter</maml:name>
<maml:description>
<maml:para>Specifies a filter in the provider's format or language. The value of this parameter qualifies the Path parameter. The syntax of the filter, including the use of wildcards, depends on the provider. Filters are more efficient than other parameters, because the provider applies them when retrieving the objects, rather than having Windows PowerShell filter the objects after they are retrieved.</maml:para>
</maml:description>
<command:parameterValue required="true" variableLength="false">string</command:parameterValue>
</command:parameter>
<command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named">
<maml:name>Include</maml:name>
<maml:description>
<maml:para>Retrieves only the specified items. The value of this parameter qualifies the Path parameter. Enter a path element or pattern, such as "*.txt". Wildcards are permitted.</maml:para>
</maml:description>
<command:parameterValue required="true" variableLength="true">string[]</command:parameterValue>
</command:parameter>
<command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named">
<maml:name>UseTransaction</maml:name>
<maml:description>
<maml:para>Includes the command in the active transaction. This parameter is valid only when a transaction is in progress. For more information, see about_Transactions.</maml:para>
</maml:description>
</command:parameter>
</command:syntaxItem>
</command:syntax>
<!-- Cmdlet parameter section -->
<command:parameters>
<command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named">
<maml:name>Audit</maml:name>
<maml:description>
<maml:para>Gets the audit data for the security descriptor from the system access control list (SACL).</maml:para>
</maml:description>
<command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue>
<dev:type>
<maml:name>SwitchParameter</maml:name>
<maml:uri/>
</dev:type>
<dev:defaultValue></dev:defaultValue>
</command:parameter>
<command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named">
<maml:name>Exclude</maml:name>
<maml:description>
<maml:para>Omits the specified items. The value of this parameter qualifies the Path parameter. Enter a path element or pattern, such as "*.txt". Wildcards are permitted.</maml:para>
</maml:description>
<command:parameterValue required="true" variableLength="true">string[]</command:parameterValue>
<dev:type>
<maml:name>string[]</maml:name>
<maml:uri/>
</dev:type>
<dev:defaultValue></dev:defaultValue>
</command:parameter>
<command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named">
<maml:name>Filter</maml:name>
<maml:description>
<maml:para>Specifies a filter in the provider's format or language. The value of this parameter qualifies the Path parameter. The syntax of the filter, including the use of wildcards, depends on the provider. Filters are more efficient than other parameters, because the provider applies them when retrieving the objects, rather than having Windows PowerShell filter the objects after they are retrieved.</maml:para>
</maml:description>
<command:parameterValue required="true" variableLength="false">string</command:parameterValue>
<dev:type>
<maml:name>string</maml:name>
<maml:uri/>
</dev:type>
<dev:defaultValue></dev:defaultValue>
</command:parameter>
<command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named">
<maml:name>Include</maml:name>
<maml:description>
<maml:para>Retrieves only the specified items. The value of this parameter qualifies the Path parameter. Enter a path element or pattern, such as "*.txt". Wildcards are permitted.</maml:para>
</maml:description>
<command:parameterValue required="true" variableLength="true">string[]</command:parameterValue>
<dev:type>
<maml:name>string[]</maml:name>
<maml:uri/>
</dev:type>
<dev:defaultValue></dev:defaultValue>
</command:parameter>
<command:parameter required="false" variableLength="true" globbing="false" pipelineInput="true (ByValue, ByPropertyName)" position="1">
<maml:name>Path</maml:name>
<maml:description>
<maml:para>Specifies the path to a resource. Get-Acl gets the security descriptor of the resource indicated by the path. Wildcards are permitted. If you omit the Path parameter, Get-Acl gets the security descriptor of the current directory.
The parameter name ("Path") is optional.</maml:para>
</maml:description>
<command:parameterValue required="true" variableLength="true">string[]</command:parameterValue>
<dev:type>
<maml:name>string[]</maml:name>
<maml:uri/>
</dev:type>
<dev:defaultValue></dev:defaultValue>
</command:parameter>
<command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named">
<maml:name>UseTransaction</maml:name>
<maml:description>
<maml:para>Includes the command in the active transaction. This parameter is valid only when a transaction is in progress. For more information, see about_Transactions.</maml:para>
</maml:description>
<command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue>
<dev:type>
<maml:name>SwitchParameter</maml:name>
<maml:uri />
</dev:type>
<dev:defaultValue />
</command:parameter>
</command:parameters>
<!-- Input - Output section-->
<command:inputTypes>
<command:inputType>
<dev:type>
<maml:name>System.String</maml:name>
<maml:uri/>
<maml:description />
</dev:type>
<maml:description>
<maml:para>
<!-- description -->
You can pipe a string that contains a path to Get-Acl.
</maml:para>
</maml:description>
</command:inputType>
</command:inputTypes>
<command:returnValues>
<command:returnValue>
<dev:type>
<maml:name>System.Security.AccessControl</maml:name>
<maml:uri />
<maml:description />
</dev:type>
<maml:description>
<maml:para>
<!-- description -->
Get-Acl returns an object that represents the ACLs that it gets. The object type depends upon the ACL type.
</maml:para>
</maml:description>
</command:returnValue>
</command:returnValues>
<!-- Error section-->
<command:terminatingErrors />
<command:nonTerminatingErrors />
<!-- Notes section -->
<maml:alertSet>
<maml:title></maml:title>
<maml:alert>
<maml:para>
By default, Get-Acl displays the Windows PowerShell path to the resource (<provider>::<resource-path>), the owner of the resource, and "Access", a list (array) of the access control entries in the discretionary access control list (DACL) for the resource. The DACL list is controlled by the resource owner.
When you format the result as a list, ("get-acl | format-list"), in addition to the path, owner, and access list, Windows PowerShell displays the following fields:
-- Group: The security group of the owner.
-- Audit: A list (array) of entries in the system access control list (SACL). The SACL specifies the types of access attempts for which Windows generates audit records.
-- Sddl: The security descriptor of the resource displayed in a single text string in Security Descriptor Definition Language format. Windows PowerShell uses the GetSddlForm method of security descriptors to retrieve this data.
Because Get-Acl is supported by the file system and registry providers, you can use Get-Acl to view the ACL of file system objects, such as files and directories, and registry objects, such as registry keys and entries.
</maml:para>
</maml:alert>
<maml:alert>
<maml:para></maml:para>
</maml:alert>
</maml:alertSet>
<!-- Example section -->
<command:examples>
<command:example>
<maml:title>
-------------------------- EXAMPLE 1 --------------------------
</maml:title>
<maml:introduction>
<maml:para>C:\PS></maml:para>
</maml:introduction>
<dev:code>
get-acl C:\windows </dev:code>
<dev:remarks>
<maml:para>Description</maml:para>
<maml:para>-----------</maml:para>
<maml:para>This command gets the security descriptor of the C:Windows directory.</maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
</dev:remarks>
<command:commandLines>
<command:commandLine>
<command:commandText></command:commandText>
</command:commandLine>
</command:commandLines>
</command:example>
<command:example>
<maml:title>
-------------------------- EXAMPLE 2 --------------------------
</maml:title>
<maml:introduction>
<maml:para>C:\PS></maml:para>
</maml:introduction>
<dev:code>
get-acl C:\Windows\k*.log | format-list -property PSPath, Sddl </dev:code>
<dev:remarks>
<maml:para>Description</maml:para>
<maml:para>-----------</maml:para>
<maml:para>This command gets the Windows PowerShell path and SDDL for all of the .log files in the C:\Windows directory whose names begin with "k."
The command uses Get-Acl to get objects representing the security descriptors of each log file. It uses a pipeline operator (|) to send the results to the Format-List cmdlet. The command uses the Property parameter of Format-List to display only the PsPath and SDDL properties of each security descriptor object.
Lists are often used in Windows PowerShell, because long values appear truncated in tables.
The SDDL values are valuable to system administrators, because they are simple text strings that contain all of the information in the security descriptor. As such, they are easy to pass and store, and they can be parsed when needed.</maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
</dev:remarks>
<command:commandLines>
<command:commandLine>
<command:commandText></command:commandText>
</command:commandLine>
</command:commandLines>
</command:example>
<command:example>
<maml:title>
-------------------------- EXAMPLE 3 --------------------------
</maml:title>
<maml:introduction>
<maml:para>C:\PS></maml:para>
</maml:introduction>
<dev:code>
get-ACL c:/windows/k*.log -Audit | foreach-object { $_.Audit.Count } </dev:code>
<dev:remarks>
<maml:para>Description</maml:para>
<maml:para>-----------</maml:para>
<maml:para>This command gets the security descriptors of the .log files in the C:\Windows directory whose names begin with "k." It uses the Audit parameter to retrieve the audit records from the SACL in the security descriptor. Then it uses the For-EachObject parameter to count the number of audit records associated with each file. The result is a list of numbers representing the number of audit records for each log file.</maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
</dev:remarks>
<command:commandLines>
<command:commandLine>
<command:commandText></command:commandText>
</command:commandLine>
</command:commandLines>
</command:example>
<command:example>
<maml:title>
-------------------------- EXAMPLE 4 --------------------------
</maml:title>
<maml:introduction>
<maml:para>C:\PS></maml:para>
</maml:introduction>
<dev:code>
get-acl -path hklm:\system\currentcontrolset\control | format-list </dev:code>
<dev:remarks>
<maml:para>Description</maml:para>
<maml:para>-----------</maml:para>
<maml:para>This command uses Get-Acl to get the security descriptor of the Control subkey (HKLM\SYSTEM\CurrentControlSet\Control) of the registry.
The Path parameter specifies the Control subkey. The pipeline operator (|) passes the security descriptor that Get-Acl retrieves to the Format-List command, which formats the properties of the security descriptor as a list so that they are easy to read.</maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
</dev:remarks>
<command:commandLines>
<command:commandLine>
<command:commandText></command:commandText>
</command:commandLine>
</command:commandLines>
</command:example>
</command:examples>
<!-- Link section -->
<maml:relatedLinks>
<maml:navigationLink>
<maml:linkText>Online version:</maml:linkText>
<maml:uri>http://go.microsoft.com/fwlink/?LinkID=113305</maml:uri>
</maml:navigationLink>
<maml:navigationLink>
<maml:linkText>Set-Acl</maml:linkText>
<maml:uri/>
</maml:navigationLink>
</maml:relatedLinks>
</command:command>
<!-- v 1.1.0.9 -->
<command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
<command:details>
<command:name>
Get-AuthenticodeSignature
</command:name>
<maml:description>
<maml:para>Gets information about the Authenticode signature in a file.</maml:para>
</maml:description>
<maml:copyright>
<maml:para></maml:para>
</maml:copyright>
<command:verb>Get</command:verb>
<command:noun>AuthenticodeSignature</command:noun>
<dev:version></dev:version>
</command:details>
<maml:description>
<maml:para>The Get-AuthenticodeSignature cmdlet gets information about the Authenticode signature in a file. If the file is not signed, the information is retrieved, but the fields are blank.</maml:para>
</maml:description>
<!-- Cmdlet syntax section-->
<command:syntax>
<command:syntaxItem>
<maml:name>Get-AuthenticodeSignature</maml:name>
<command:parameter required="true" variableLength="true" globbing="false" pipelineInput="true (ByValue, ByPropertyName)" position="1">
<maml:name>FilePath</maml:name>
<maml:description>
<maml:para>Specifies the path to the file being examined. Wildcards are permitted, but they must lead to a single file. The parameter name ("FilePath") is optional.</maml:para>
</maml:description>
<command:parameterValue required="true" variableLength="true">string[]</command:parameterValue>
</command:parameter>
</command:syntaxItem>
</command:syntax>
<!-- Cmdlet parameter section -->
<command:parameters>
<command:parameter required="true" variableLength="true" globbing="false" pipelineInput="true (ByValue, ByPropertyName)" position="1">
<maml:name>FilePath</maml:name>
<maml:description>
<maml:para>Specifies the path to the file being examined. Wildcards are permitted, but they must lead to a single file. The parameter name ("FilePath") is optional.</maml:para>
</maml:description>
<command:parameterValue required="true" variableLength="true">string[]</command:parameterValue>
<dev:type>
<maml:name>string[]</maml:name>
<maml:uri/>
</dev:type>
<dev:defaultValue></dev:defaultValue>
</command:parameter>
</command:parameters>
<!-- Input - Output section-->
<command:inputTypes>
<command:inputType>
<dev:type>
<maml:name>System.String</maml:name>
<maml:uri/>
<maml:description />
</dev:type>
<maml:description>
<maml:para>
<!-- description -->
You can pipe a string that contains a file path to Get-AuthenticodeSignature.
</maml:para>
</maml:description>
</command:inputType>
</command:inputTypes>
<command:returnValues>
<command:returnValue>
<dev:type>
<maml:name>System.Management.Automation.Signature</maml:name>
<maml:uri />
<maml:description />
</dev:type>
<maml:description>
<maml:para>
<!-- description -->
Get-AuthenticodeSignature returns a signature object for each signature that it gets.
</maml:para>
</maml:description>
</command:returnValue>
</command:returnValues>
<!-- Error section-->
<command:terminatingErrors />
<command:nonTerminatingErrors />
<!-- Notes section -->
<maml:alertSet>
<maml:title></maml:title>
<maml:alert>
<maml:para>
For information about Authenticode signatures in Windows PowerShell, see about_Signing.
</maml:para>
</maml:alert>
<maml:alert>
<maml:para></maml:para>
</maml:alert>
</maml:alertSet>
<!-- Example section -->
<command:examples>
<command:example>
<maml:title>
-------------------------- EXAMPLE 1 --------------------------
</maml:title>
<maml:introduction>
<maml:para>C:\PS></maml:para>
</maml:introduction>
<dev:code>
get-AuthenticodeSignature -filepath C:\Test\NewScript.ps1 </dev:code>
<dev:remarks>
<maml:para>Description</maml:para>
<maml:para>-----------</maml:para>
<maml:para>This command gets information about the Authenticode signature in the NewScript.ps1 file. It uses the FilePath parameter to specify the file.</maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
</dev:remarks>
<command:commandLines>
<command:commandLine>
<command:commandText></command:commandText>
</command:commandLine>
</command:commandLines>
</command:example>
<command:example>
<maml:title>
-------------------------- EXAMPLE 2 --------------------------
</maml:title>
<maml:introduction>
<maml:para>C:\PS></maml:para>
</maml:introduction>
<dev:code>
get-authenticodesignature test.ps1, test1.ps1, sign-file.ps1, makexml.ps1 </dev:code>
<dev:remarks>
<maml:para>Description</maml:para>
<maml:para>-----------</maml:para>
<maml:para>This command gets information about the Authenticode signature in the four files listed at the command line. In this command, the name of the FilePath parameter, which is optional, is omitted.</maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
</dev:remarks>
<command:commandLines>
<command:commandLine>
<command:commandText></command:commandText>
</command:commandLine>
</command:commandLines>
</command:example>
<command:example>
<maml:title>
-------------------------- EXAMPLE 3 --------------------------
</maml:title>
<maml:introduction>
<maml:para>C:\PS></maml:para>
</maml:introduction>
<dev:code>
get-childitem $pshome\*.* | foreach-object {Get-AuthenticodeSignature $_} | where {$_.status -eq "Valid"} </dev:code>
<dev:remarks>
<maml:para>Description</maml:para>
<maml:para>-----------</maml:para>
<maml:para>This command lists all of the files in the $pshome directory that have a valid Authenticode signature. The $pshome automatic variable contains the path to the Windows PowerShell installation directory.
The command uses the Get-ChildItem cmdlet to get the files in the $pshome directory. It uses a pattern of *.* to exclude directories (although it also excludes files without a dot in the filename).
The command uses a pipeline operator (|) to send the files in $pshome to the Foreach-Object cmdlet, where Get-AuthenticodeSignature is called for each file.
The results of the Get-AuthenticodeSignature command are sent to a Where-Object command that selects only the signature objects with a status of "Valid".</maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
</dev:remarks>
<command:commandLines>
<command:commandLine>
<command:commandText></command:commandText>
</command:commandLine>
</command:commandLines>
</command:example>
</command:examples>
<!-- Link section -->
<maml:relatedLinks>
<maml:navigationLink>
<maml:linkText>Online version:</maml:linkText>
<maml:uri>http://go.microsoft.com/fwlink/?LinkID=113307</maml:uri>
</maml:navigationLink>
<maml:navigationLink>
<maml:linkText>about_Signing</maml:linkText>
<maml:uri/>
</maml:navigationLink>
<maml:navigationLink>
<maml:linkText>about_Execution_Policies</maml:linkText>
<maml:uri/>
</maml:navigationLink>
<maml:navigationLink>
<maml:linkText>Set-AuthenticodeSignature</maml:linkText>
<maml:uri/>
</maml:navigationLink>
<maml:navigationLink>
<maml:linkText>Get-ExecutionPolicy</maml:linkText>
<maml:uri/>
</maml:navigationLink>
<maml:navigationLink>
<maml:linkText>Set-ExecutionPolicy</maml:linkText>
<maml:uri/>
</maml:navigationLink>
</maml:relatedLinks>
</command:command>
<!-- v 1.1.0.9 -->
<command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
<command:details>
<command:name>
Get-Credential
</command:name>
<maml:description>
<maml:para>Gets a credential object based on a user name and password.</maml:para>
</maml:description>
<maml:copyright>
<maml:para></maml:para>
</maml:copyright>
<command:verb>Get</command:verb>
<command:noun>Credential</command:noun>
<dev:version></dev:version>
</command:details>
<maml:description>
<maml:para>The Get-Credential cmdlet creates a credential object for a specified user name and password. You can use the credential object in security operations.
The cmdlet prompts the user for a password or user name and password. Users are prompted through a dialog box or at the command line, depending on the system registry setting.</maml:para>
</maml:description>
<!-- Cmdlet syntax section-->
<command:syntax>
<command:syntaxItem>
<maml:name>Get-Credential</maml:name>
<command:parameter required="true" variableLength="false" globbing="false" pipelineInput="false" position="1">
<maml:name>Credential</maml:name>
<maml:description>
<maml:para>Specifies a user name for the credential, such as "User01" or "Domain01\User01". The parameter name ("Credential") is optional.
When you submit the command, you will be prompted for a password.
If you enter a user name without a domain, Get-Credential inserts a backslash before the name.
If you omit this parameter, you will be prompted for a user name and a password.</maml:para>
</maml:description>
<command:parameterValue required="true" variableLength="false">PSCredential</command:parameterValue>
</command:parameter>
</command:syntaxItem>
</command:syntax>
<!-- Cmdlet parameter section -->
<command:parameters>
<command:parameter required="true" variableLength="false" globbing="false" pipelineInput="false" position="1">
<maml:name>Credential</maml:name>
<maml:description>
<maml:para>Specifies a user name for the credential, such as "User01" or "Domain01\User01". The parameter name ("Credential") is optional.
When you submit the command, you will be prompted for a password.
If you enter a user name without a domain, Get-Credential inserts a backslash before the name.
If you omit this parameter, you will be prompted for a user name and a password.</maml:para>
</maml:description>
<command:parameterValue required="true" variableLength="false">PSCredential</command:parameterValue>
<dev:type>
<maml:name>PSCredential</maml:name>
<maml:uri/>
</dev:type>
<dev:defaultValue>None</dev:defaultValue>
</command:parameter>
</command:parameters>
<!-- Input - Output section-->
<command:inputTypes>
<command:inputType>
<dev:type>
<maml:name>None</maml:name>
<maml:uri/>
<maml:description />
</dev:type>
<maml:description>
<maml:para>
<!-- description -->
You cannot pipe input to this cmdlet.
</maml:para>
</maml:description>
</command:inputType>
</command:inputTypes>
<command:returnValues>
<command:returnValue>
<dev:type>
<maml:name>System.Management.Automation.PSCredential</maml:name>
<maml:uri />
<maml:description />
</dev:type>
<maml:description>
<maml:para>
<!-- description -->
Get-Credential returns a credential object.
</maml:para>
</maml:description>
</command:returnValue>
</command:returnValues>
<!-- Error section-->
<command:terminatingErrors />
<command:nonTerminatingErrors />
<!-- Notes section -->
<maml:alertSet>
<maml:title></maml:title>
<maml:alert>
<maml:para>
You can use the PSCredential object that Get-Credential creates in cmdlets that request user authentication, such as those with a Credential parameter.
The Credential parameter is not supported by the providers that are installed with Windows PowerShell. However, you can use the Credential parameter with Get-WmiObject, because it calls the Microsoft .NET Framework directly.
</maml:para>
</maml:alert>
<maml:alert>
<maml:para></maml:para>
</maml:alert>
</maml:alertSet>
<!-- Example section -->
<command:examples>
<command:example>
<maml:title>
-------------------------- EXAMPLE 1 --------------------------
</maml:title>
<maml:introduction>
<maml:para>C:\PS></maml:para>
</maml:introduction>
<dev:code>
$c = Get-Credential </dev:code>
<dev:remarks>
<maml:para>Description</maml:para>
<maml:para>-----------</maml:para>
<maml:para>This command gets a credential object and saves it in the $c variable.
When you enter the command, a dialog box appears requesting a user name and password. When you enter the requested information, the cmdlet creates a PSCredential object representing the credentials of the user and saves it in the $c variable.
You can use the object as input to cmdlets that request user authentication, such as those with a Credential parameter. However, the providers that are installed with Windows PowerShell do not support the Credential parameter.</maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
</dev:remarks>
<command:commandLines>
<command:commandLine>
<command:commandText></command:commandText>
</command:commandLine>
</command:commandLines>
</command:example>
<command:example>
<maml:title>
-------------------------- EXAMPLE 2 --------------------------
</maml:title>
<maml:introduction>
<maml:para>C:\PS></maml:para>
</maml:introduction>
<dev:code>
$c = Get-Credential
C:\PS>Get-WmiObject Win32_DiskDrive -ComputerName Server01 -Credential $c </dev:code>
<dev:remarks>
<maml:para>Description</maml:para>
<maml:para>-----------</maml:para>
<maml:para>These commands use a credential object from Get-Credential to authenticate a user on a remote computer so they can use Windows Management Instrumentation (WMI) to manage the computer.
The first command gets a credential object and saves it in the $c variable. The second command uses the credential object in a Get-WmiObject command. This command gets information about the disk drives on the Server01 computer.</maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
</dev:remarks>
<command:commandLines>
<command:commandLine>
<command:commandText></command:commandText>
</command:commandLine>
</command:commandLines>
</command:example>
<command:example>
<maml:title>
-------------------------- EXAMPLE 3 --------------------------
</maml:title>
<maml:introduction>
<maml:para>C:\PS></maml:para>
</maml:introduction>
<dev:code>
C:\PS>Get-WmiObject Win32_BIOS -ComputerName Server01 '
-Credential (get-credential Domain01\User01) </dev:code>
<dev:remarks>
<maml:para>Description</maml:para>
<maml:para>-----------</maml:para>
<maml:para>This command shows how to include a Get-Credential command in a Get-WmiObject command.
This command uses the Get-WmiObject cmdlet to get information about the BIOS on the Server01 computer. It uses the Credential parameter to authenticate the user, Domain01\User01, and a Get-Credential command as the value of the Credential parameter.</maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
</dev:remarks>
<command:commandLines>
<command:commandLine>
<command:commandText></command:commandText>
</command:commandLine>
</command:commandLines>
</command:example>
<command:example>
<maml:title>
-------------------------- EXAMPLE 4 --------------------------
</maml:title>
<maml:introduction>
<maml:para>C:\PS></maml:para>
</maml:introduction>
<dev:code>
$c = Get-Credential -credential User01
C:\PS>$c.Username
\User01 </dev:code>
<dev:remarks>
<maml:para>Description</maml:para>
<maml:para>-----------</maml:para>
<maml:para>This example creates a credential that includes a user name without a domain name. It demonstrates that Get-Credential inserts a backslash before the user name.
The first command gets a credential with the user name User01 and stores it in the $c variable.
The second command displays the value of the Username property of the resulting credential object.</maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
</dev:remarks>
<command:commandLines>
<command:commandLine>
<command:commandText></command:commandText>
</command:commandLine>
</command:commandLines>
</command:example>
<command:example>
<maml:title>
-------------------------- EXAMPLE 5 --------------------------
</maml:title>
<maml:introduction>
<maml:para>C:\PS></maml:para>
</maml:introduction>
<dev:code>
$credential = $host.ui.PromptForCredential("Need credentials", "Please enter your user name and password.", "", "NetBiosUserName") </dev:code>
<dev:remarks>
<maml:para>Description</maml:para>
<maml:para>-----------</maml:para>
<maml:para>This command uses the PromptForCredential method to prompt the user for their user name and password. The command saves the resulting credentials in the $credential variable.
PromptForCredential is an alternative to using Get-Credential. When you use PromptForCredential, you can specify the caption, messages, and user name that appear in the message box.</maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
</dev:remarks>
<command:commandLines>
<command:commandLine>
<command:commandText></command:commandText>
</command:commandLine>
</command:commandLines>
</command:example>
<command:example>
<maml:title>
-------------------------- EXAMPLE 6 --------------------------
</maml:title>
<maml:introduction>
<maml:para>C:\PS></maml:para>
</maml:introduction>
<dev:code>
Set-ItemProperty 'HKLM:\SOFTWARE\Microsoft\PowerShell\1\ShellIds' ConsolePrompting $true </dev:code>
<dev:remarks>
<maml:para>Description</maml:para>
<maml:para>-----------</maml:para>
<maml:para>When requiring a user name and password, as a default, a dialog box appears to prompt the user. To be prompted at the command line, modify the registry by running this command in Windows PowerShell Run as administrator.
Use the same command with "ConsolePrompting $false" to be prompted with a dialog box.
</maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
</dev:remarks>
<command:commandLines>
<command:commandLine>
<command:commandText></command:commandText>
</command:commandLine>
</command:commandLines>
</command:example>
</command:examples>
<!-- Link section -->
<maml:relatedLinks>
<maml:navigationLink>
<maml:linkText>Online version:</maml:linkText>
<maml:uri>http://go.microsoft.com/fwlink/?LinkID=113311</maml:uri>
</maml:navigationLink>
</maml:relatedLinks>
</command:command>
<!-- v 1.1.0.9 -->
<command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
<command:details>
<command:name>
Get-ExecutionPolicy
</command:name>
<maml:description>
<maml:para>Gets the execution policies for the current session.</maml:para>
</maml:description>
<maml:copyright>
<maml:para></maml:para>
</maml:copyright>
<command:verb>Get</command:verb>
<command:noun>ExecutionPolicy</command:noun>
<dev:version></dev:version>
</command:details>
<maml:description>
<maml:para>The Get-ExecutionPolicy cmdlet gets the execution policies for the current session.
The execution policy is determined by execution policies that you set by using Set-ExecutionPolicy and the Group Policy settings for the Windows PowerShell execution policy. The default value is "Restricted."
Without parameters, Get-ExecutionPolicy gets the execution policy that is effective in the session. You can use the List parameter to get all execution policies that affect the session or the Scope parameter to get the execution policy for a particular scope.
For more information, see about_Execution_Policies.</maml:para>
</maml:description>
<!-- Cmdlet syntax section-->
<command:syntax>
<command:syntaxItem>
<maml:name>Get-ExecutionPolicy</maml:name>
<command:parameter required="false" variableLength="false" globbing="false" pipelineInput="true (ByPropertyName)" position="1">
<maml:name>Scope</maml:name>
<maml:description>
<maml:para>Gets the execution policy in the specified scope. By default, Get-ExecutionPolicy gets the effective execution policy for the current session.
Valid values are:
-- MachinePolicy: The execution policy set by a Group Policy for all users of the computer.
-- UserPolicy: The execution policy set by a Group Policy for the current user of the computer.
-- Process: The execution policy that is set for the current Windows PowerShell process.
-- CurrentUser: The execution policy that is set for the current user.
-- LocalMachine: The execution policy that is set for all users of the computer.</maml:para>
</maml:description>
<command:parameterValueGroup>
<command:parameterValue required="false" variableLength="false" >Process</command:parameterValue>
<command:parameterValue required="false" variableLength="false" >CurrentUser</command:parameterValue>
<command:parameterValue required="false" variableLength="false" >LocalMachine</command:parameterValue>
<command:parameterValue required="false" variableLength="false" >UserPolicy</command:parameterValue>
<command:parameterValue required="false" variableLength="false" >MachinePolicy</command:parameterValue>
</command:parameterValueGroup>
</command:parameter>
<command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named">
<maml:name>List</maml:name>
<maml:description>
<maml:para>Gets all execution policy values for the session listed in precedence order. By default, Get-ExecutionPolicy gets only the effective execution policy.
</maml:para>
</maml:description>
</command:parameter>
</command:syntaxItem>
</command:syntax>
<!-- Cmdlet parameter section -->
<command:parameters>
<command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named">
<maml:name>List</maml:name>
<maml:description>
<maml:para>Gets all execution policy values for the session listed in precedence order. By default, Get-ExecutionPolicy gets only the effective execution policy.
</maml:para>
</maml:description>
<command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue>
<dev:type>
<maml:name>SwitchParameter</maml:name>
<maml:uri/>
</dev:type>
<dev:defaultValue>False</dev:defaultValue>
</command:parameter>
<command:parameter required="false" variableLength="false" globbing="false" pipelineInput="true (ByPropertyName)" position="1">
<maml:name>Scope</maml:name>
<maml:description>
<maml:para>Gets the execution policy in the specified scope. By default, Get-ExecutionPolicy gets the effective execution policy for the current session.
Valid values are:
-- MachinePolicy: The execution policy set by a Group Policy for all users of the computer.
-- UserPolicy: The execution policy set by a Group Policy for the current user of the computer.
-- Process: The execution policy that is set for the current Windows PowerShell process.
-- CurrentUser: The execution policy that is set for the current user.
-- LocalMachine: The execution policy that is set for all users of the computer.</maml:para>
</maml:description>
<command:parameterValue required="true" variableLength="false">ExecutionPolicyScope</command:parameterValue>
<dev:type>
<maml:name>ExecutionPolicyScope</maml:name>
<maml:uri/>
</dev:type>
<dev:defaultValue>Effective execution policy</dev:defaultValue>
</command:parameter>
</command:parameters>
<!-- Input - Output section-->
<command:inputTypes>
<command:inputType>
<dev:type>
<maml:name>None</maml:name>
<maml:uri/>
<maml:description />
</dev:type>
<maml:description>
<maml:para>
<!-- description -->
You cannot pipe input to this cmdlet.
</maml:para>
</maml:description>
</command:inputType>
</command:inputTypes>
<command:returnValues>
<command:returnValue>
<dev:type>
<maml:name>Microsoft.PowerShell.ExecutionPolicy</maml:name>
<maml:uri />
<maml:description />
</dev:type>
<maml:description>
<maml:para>
<!-- description -->
Get-ExecutionPolicy returns an object for each execution policy that it gets.
</maml:para>
</maml:description>
</command:returnValue>
</command:returnValues>
<!-- Error section-->
<command:terminatingErrors />
<command:nonTerminatingErrors />
<!-- Notes section -->
<maml:alertSet>
<maml:title></maml:title>
<maml:alert>
<maml:para>
You cannot use Get-ExecutionPolicy to get particular execution policies set for a particular scope or to get the execution policy set by a Group Policy. Get-ExecutionPolicy only gets the effective execution policy that results from applying all precedence rules.
The execution policy is part of the security strategy of Windows PowerShell. It determines whether you can load configuration files (including your Windows PowerShell profile) and run scripts, and it determines which scripts, if any, must be digitally signed before they will run.
The effective execution policy is determined by the policies that you set by using Set-ExecutionPolicy and the "Turn on Script Execution" group policies for computers and users. The precedence order is Computer Group Policy > User Group Policy > Process (session) execution policy > User execution policy > Computer execution policy.
For more information about Windows PowerShell execution policy, including definitions of the Windows PowerShell policies, see about_Execution_Policies.
</maml:para>
</maml:alert>
<maml:alert>
<maml:para></maml:para>
</maml:alert>
</maml:alertSet>
<!-- Example section -->
<command:examples>
<command:example>
<maml:title>
-------------------------- EXAMPLE 1 --------------------------
</maml:title>
<maml:introduction>
<maml:para>C:\PS></maml:para>
</maml:introduction>
<dev:code>
get-executionpolicy
Restricted </dev:code>
<dev:remarks>
<maml:para>Description</maml:para>
<maml:para>-----------</maml:para>
<maml:para>This command gets the current execution policy for the shell.</maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
</dev:remarks>
<command:commandLines>
<command:commandLine>
<command:commandText></command:commandText>
</command:commandLine>
</command:commandLines>
</command:example>
<command:example>
<maml:title>
-------------------------- EXAMPLE 2 --------------------------
</maml:title>
<maml:introduction>
<maml:para>C:\PS></maml:para>
</maml:introduction>
<dev:code>
set-executionpolicy RemoteSigned; get-executionPolicy
RemoteSigned </dev:code>
<dev:remarks>
<maml:para>Description</maml:para>
<maml:para>-----------</maml:para>
<maml:para>These commands set a new user preference for the shell execution policy and then display the effective execution policy. The commands are separated by a semicolon (;). In this example, because there is no Group Policy setting, the user preference is the effective policy for the shell.</maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
</dev:remarks>
<command:commandLines>
<command:commandLine>
<command:commandText></command:commandText>
</command:commandLine>
</command:commandLines>
</command:example>
<command:example>
<maml:title>
-------------------------- EXAMPLE 3 --------------------------
</maml:title>
<maml:introduction>
<maml:para>C:\PS></maml:para>
</maml:introduction>
<dev:code>
get-executionpolicy -list
Scope ExecutionPolicy
----- ---------------
MachinePolicy Undefined
UserPolicy Undefined
Process Undefined
CurrentUser AllSigned
LocalMachine RemoteSigned
C:\PS> get-executionpolicy
AllSigned </dev:code>
<dev:remarks>
<maml:para>Description</maml:para>
<maml:para>-----------</maml:para>
<maml:para>These commands get all execution policies in the current session and the effective execution policy.
The first command gets all execution policies that affect the current session. The policies are listed in precedence order.
The second command gets only the effective execution policy, which is the one set in the CurrentUser scope.</maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
</dev:remarks>
<command:commandLines>
<command:commandLine>
<command:commandText></command:commandText>
</command:commandLine>
</command:commandLines>
</command:example>
</command:examples>
<!-- Link section -->
<maml:relatedLinks>
<maml:navigationLink>
<maml:linkText>Online version:</maml:linkText>
<maml:uri>http://go.microsoft.com/fwlink/?LinkID=113315</maml:uri>
</maml:navigationLink>
<maml:navigationLink>
<maml:linkText>Set-ExecutionPolicy</maml:linkText>
<maml:uri/>
</maml:navigationLink>
<maml:navigationLink>
<maml:linkText>Get-AuthenticodeSignature</maml:linkText>
<maml:uri/>
</maml:navigationLink>
<maml:navigationLink>
<maml:linkText>Set-AuthenticodeSignature</maml:linkText>
<maml:uri/>
</maml:navigationLink>
<maml:navigationLink>
<maml:linkText>about_Execution_Policies</maml:linkText>
<maml:uri/>
</maml:navigationLink>
<maml:navigationLink>
<maml:linkText>about_Signing</maml:linkText>
<maml:uri/>
</maml:navigationLink>
</maml:relatedLinks>
</command:command>
<!-- v 1.1.0.9 -->
<command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
<command:details>
<command:name>
Get-PfxCertificate
</command:name>
<maml:description>
<maml:para>Gets information about .pfx certificate files on the computer.</maml:para>
</maml:description>
<maml:copyright>
<maml:para></maml:para>
</maml:copyright>
<command:verb>Get</command:verb>
<command:noun>PfxCertificate</command:noun>
<dev:version></dev:version>
</command:details>
<maml:description>
<maml:para>The Get-PfxCertificate cmdlet gets an object representing each specified .pfx certificate file. A .pfx file includes both the certificate and a private key.</maml:para>
</maml:description>
<!-- Cmdlet syntax section-->
<command:syntax>
<command:syntaxItem>
<maml:name>Get-PfxCertificate</maml:name>
<command:parameter required="true" variableLength="true" globbing="false" pipelineInput="true (ByValue, ByPropertyName)" position="1">
<maml:name>FilePath</maml:name>
<maml:description>
<maml:para>The full path to the .pfx file of the secured file. The parameter name ("FilePath") is optional.</maml:para>
</maml:description>
<command:parameterValue required="true" variableLength="true">string[]</command:parameterValue>
</command:parameter>
</command:syntaxItem>
</command:syntax>
<!-- Cmdlet parameter section -->
<command:parameters>
<command:parameter required="true" variableLength="true" globbing="false" pipelineInput="true (ByValue, ByPropertyName)" position="1">
<maml:name>FilePath</maml:name>
<maml:description>
<maml:para>The full path to the .pfx file of the secured file. The parameter name ("FilePath") is optional.</maml:para>
</maml:description>
<command:parameterValue required="true" variableLength="true">string[]</command:parameterValue>
<dev:type>
<maml:name>string[]</maml:name>
<maml:uri/>
</dev:type>
<dev:defaultValue></dev:defaultValue>
</command:parameter>
</command:parameters>
<!-- Input - Output section-->
<command:inputTypes>
<command:inputType>
<dev:type>
<maml:name>System.String</maml:name>
<maml:uri/>
<maml:description />
</dev:type>
<maml:description>
<maml:para>
<!-- description -->
You can pipe a string that contains a file path to Get-PfxCertificate.
</maml:para>
</maml:description>
</command:inputType>
</command:inputTypes>
<command:returnValues>
<command:returnValue>
<dev:type>
<maml:name>System.Security.Cryptography.X509Certificates</maml:name>
<maml:uri />
<maml:description />
</dev:type>
<maml:description>
<maml:para>
<!-- description -->
Get-PfxCertificate returns an object for each certificate that it gets.
</maml:para>
</maml:description>
</command:returnValue>
</command:returnValues>
<!-- Error section-->
<command:terminatingErrors />
<command:nonTerminatingErrors />
<!-- Notes section -->
<maml:alertSet>
<maml:title></maml:title>
<maml:alert>
<maml:para>
When using the Invoke-Command cmdlet to run a Get-PfxCertificate command remotely, and the .pfx certificate file is not password protected, the value of the Authentication parameter of Invoke-Command must be "CredSSP".
</maml:para>
</maml:alert>
<maml:alert>
<maml:para></maml:para>
</maml:alert>
</maml:alertSet>
<!-- Example section -->
<command:examples>
<command:example>
<maml:title>
-------------------------- EXAMPLE 1 --------------------------
</maml:title>
<maml:introduction>
<maml:para>C:\PS></maml:para>
</maml:introduction>
<dev:code>
get-pfxcertificate -filepath C:\windows\system32\Test.pfx
Password: ******
Signer Certificate: Matt Berg (Self Certificate)
Time Certificate:
Time Stamp:
Path: C:\windows\system32\zap.pfx </dev:code>
<dev:remarks>
<maml:para>Description</maml:para>
<maml:para>-----------</maml:para>
<maml:para>This command gets information about the Test.pfx certificate on the system.</maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
</dev:remarks>
<command:commandLines>
<command:commandLine>
<command:commandText></command:commandText>
</command:commandLine>
</command:commandLines>
</command:example>
<command:example>
<maml:title>
-------------------------- EXAMPLE 2 --------------------------
</maml:title>
<maml:introduction>
<maml:para>C:\PS></maml:para>
</maml:introduction>
<dev:code>
invoke-command -computername Server01 -scriptblock {get-pfxcertificate -filepath C:\Text\TestNoPassword.pfx} -authentication CredSSP </dev:code>
<dev:remarks>
<maml:para>Description</maml:para>
<maml:para>-----------</maml:para>
<maml:para>This command gets a .pfx certificate file from the Server01 remote computer. It uses the Invoke-Command to run a Get-PfxCertificate command remotely.
When the .pfx certificate file is not password-protected, the value of the Authentication parameter of Invoke-Command must be "CredSSP".</maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
</dev:remarks>
<command:commandLines>
<command:commandLine>
<command:commandText></command:commandText>
</command:commandLine>
</command:commandLines>
</command:example>
</command:examples>
<!-- Link section -->
<maml:relatedLinks>
<maml:navigationLink>
<maml:linkText>Online version:</maml:linkText>
<maml:uri>http://go.microsoft.com/fwlink/?LinkID=113323</maml:uri>
</maml:navigationLink>
<maml:navigationLink>
<maml:linkText>Get-AuthenticodeSignature</maml:linkText>
<maml:uri/>
</maml:navigationLink>
<maml:navigationLink>
<maml:linkText>Set-AuthenticodeSignature</maml:linkText>
<maml:uri/>
</maml:navigationLink>
<maml:navigationLink>
<maml:linkText>about_Signing</maml:linkText>
<maml:uri/>
</maml:navigationLink>
</maml:relatedLinks>
</command:command>
<!-- v 1.1.0.9 -->
<command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
<command:details>
<command:name>
Set-Acl
</command:name>
<maml:description>
<maml:para>Changes the security descriptor of a specified resource, such as a file or a registry key.</maml:para>
</maml:description>
<maml:copyright>
<maml:para></maml:para>
</maml:copyright>
<command:verb>Set</command:verb>
<command:noun>Acl</command:noun>
<dev:version></dev:version>
</command:details>
<maml:description>
<maml:para>The Set-Acl cmdlet changes the security descriptor of a specified resource, such as a file or a registry key, to match the values in a security descriptor that you supply.
To use Set-Acl, use the Path parameter to identify the resource whose security descriptor you want to change, and use the AclObject parameter to supply a security descriptor that has the values you want to apply. Set-Acl uses the value of the AclObject parameter as a model and changes the values in the resource's security descriptor to match the values in the AclObject parameter.</maml:para>
</maml:description>
<!-- Cmdlet syntax section-->
<command:syntax>
<command:syntaxItem>
<maml:name>Set-Acl</maml:name>
<command:parameter required="true" variableLength="true" globbing="false" pipelineInput="true (ByPropertyName)" position="1">
<maml:name>Path</maml:name>
<maml:description>
<maml:para>Identifies the resource whose security descriptor you want to change. Enter the path to a resource, such as a path to a file or registry key. Wildcards are permitted.
If you pass a security object to Set-Acl (either by using the AclObject parameter or by passing an object from Get-Acl to Set-Acl), and you omit the Path parameter (name and value), Set-Acl uses the path that is included in the security object.</maml:para>
</maml:description>
<command:parameterValue required="true" variableLength="true">string[]</command:parameterValue>
</command:parameter>
<command:parameter required="true" variableLength="false" globbing="false" pipelineInput="true (ByValue)" position="2">
<maml:name>AclObject</maml:name>
<maml:description>
<maml:para>Specifies an ACL with the desired property values. Set-Acl changes the ACL of resource specified by the Path parameter to match the values in the specified security object.
You can save the output of a Get-Acl command in a variable and then use the AclObject parameter to pass the variable, or type a Get-Acl command.</maml:para>
</maml:description>
<command:parameterValue required="true" variableLength="false">ObjectSecurity</command:parameterValue>
</command:parameter>
<command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named">
<maml:name>Exclude</maml:name>
<maml:description>
<maml:para>Omits the specified items. The value of this parameter qualifies the Path parameter. Enter a path element or pattern, such as "*.txt". Wildcards are permitted.</maml:para>
</maml:description>
<command:parameterValue required="true" variableLength="true">string[]</command:parameterValue>
</command:parameter>
<command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named">
<maml:name>Filter</maml:name>
<maml:description>
<maml:para>Specifies a filter in the provider's format or language. The value of this parameter qualifies the Path parameter. The syntax of the filter, including the use of wildcards, depends on the provider. Filters are more efficient than other parameters, because the provider applies them when retrieving the objects, rather than having Windows PowerShell filter the objects after they are retrieved.</maml:para>
</maml:description>
<command:parameterValue required="true" variableLength="false">string</command:parameterValue>
</command:parameter>
<command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named">
<maml:name>Include</maml:name>
<maml:description>
<maml:para>Changes only the specified items. The value of this parameter qualifies the Path parameter. Enter a path element or pattern, such as "*.txt". Wildcards are permitted.</maml:para>
</maml:description>
<command:parameterValue required="true" variableLength="true">string[]</command:parameterValue>
</command:parameter>
<command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named">
<maml:name>PassThru</maml:name>
<maml:description>
<maml:para>Returns an object representing the security descriptor. By default, this cmdlet does not generate any output.</maml:para>
</maml:description>
</command:parameter>
<command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named">
<maml:name>Confirm</maml:name>
<maml:description>
<maml:para>Prompts you for confirmation before executing the command.</maml:para>
</maml:description>
</command:parameter>
<command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named">
<maml:name>WhatIf</maml:name>
<maml:description>
<maml:para>Describes what would happen if you executed the command without actually executing the command.</maml:para>
</maml:description>
</command:parameter>
<command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named">
<maml:name>UseTransaction</maml:name>
<maml:description>
<maml:para>Includes the command in the active transaction. This parameter is valid only when a transaction is in progress. For more information, see about_Transactions.</maml:para>
</maml:description>
</command:parameter>
</command:syntaxItem>
</command:syntax>
<!-- Cmdlet parameter section -->
<command:parameters>
<command:parameter required="true" variableLength="false" globbing="false" pipelineInput="true (ByValue)" position="2">
<maml:name>AclObject</maml:name>
<maml:description>
<maml:para>Specifies an ACL with the desired property values. Set-Acl changes the ACL of resource specified by the Path parameter to match the values in the specified security object.
You can save the output of a Get-Acl command in a variable and then use the AclObject parameter to pass the variable, or type a Get-Acl command.</maml:para>
</maml:description>
<command:parameterValue required="true" variableLength="false">ObjectSecurity</command:parameterValue>
<dev:type>
<maml:name>ObjectSecurity</maml:name>
<maml:uri/>
</dev:type>
<dev:defaultValue></dev:defaultValue>
</command:parameter>
<command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named">
<maml:name>Exclude</maml:name>
<maml:description>
<maml:para>Omits the specified items. The value of this parameter qualifies the Path parameter. Enter a path element or pattern, such as "*.txt". Wildcards are permitted.</maml:para>
</maml:description>
<command:parameterValue required="true" variableLength="true">string[]</command:parameterValue>
<dev:type>
<maml:name>string[]</maml:name>
<maml:uri/>
</dev:type>
<dev:defaultValue></dev:defaultValue>
</command:parameter>
<command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named">
<maml:name>Filter</maml:name>
<maml:description>
<maml:para>Specifies a filter in the provider's format or language. The value of this parameter qualifies the Path parameter. The syntax of the filter, including the use of wildcards, depends on the provider. Filters are more efficient than other parameters, because the provider applies them when retrieving the objects, rather than having Windows PowerShell filter the objects after they are retrieved.</maml:para>
</maml:description>
<command:parameterValue required="true" variableLength="false">string</command:parameterValue>
<dev:type>
<maml:name>string</maml:name>
<maml:uri/>
</dev:type>
<dev:defaultValue></dev:defaultValue>
</command:parameter>
<command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named">
<maml:name>Include</maml:name>
<maml:description>
<maml:para>Changes only the specified items. The value of this parameter qualifies the Path parameter. Enter a path element or pattern, such as "*.txt". Wildcards are permitted.</maml:para>
</maml:description>
<command:parameterValue required="true" variableLength="true">string[]</command:parameterValue>
<dev:type>
<maml:name>string[]</maml:name>
<maml:uri/>
</dev:type>
<dev:defaultValue></dev:defaultValue>
</command:parameter>
<command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named">
<maml:name>PassThru</maml:name>
<maml:description>
<maml:para>Returns an object representing the security descriptor. By default, this cmdlet does not generate any output.</maml:para>
</maml:description>
<command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue>
<dev:type>
<maml:name>SwitchParameter</maml:name>
<maml:uri/>
</dev:type>
<dev:defaultValue></dev:defaultValue>
</command:parameter>
<command:parameter required="true" variableLength="true" globbing="false" pipelineInput="true (ByPropertyName)" position="1">
<maml:name>Path</maml:name>
<maml:description>
<maml:para>Identifies the resource whose security descriptor you want to change. Enter the path to a resource, such as a path to a file or registry key. Wildcards are permitted.
If you pass a security object to Set-Acl (either by using the AclObject parameter or by passing an object from Get-Acl to Set-Acl), and you omit the Path parameter (name and value), Set-Acl uses the path that is included in the security object.</maml:para>
</maml:description>
<command:parameterValue required="true" variableLength="true">string[]</command:parameterValue>
<dev:type>
<maml:name>string[]</maml:name>
<maml:uri/>
</dev:type>
<dev:defaultValue></dev:defaultValue>
</command:parameter>
<command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named">
<maml:name>Confirm</maml:name>
<maml:description>
<maml:para>Prompts you for confirmation before executing the command.</maml:para>
</maml:description>
<command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue>
<dev:type>
<maml:name>SwitchParameter</maml:name>
<maml:uri />
</dev:type>
<dev:defaultValue />
</command:parameter>
<command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named">
<maml:name>WhatIf</maml:name>
<maml:description>
<maml:para>Describes what would happen if you executed the command without actually executing the command.</maml:para>
</maml:description>
<command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue>
<dev:type>
<maml:name>SwitchParameter</maml:name>
<maml:uri />
</dev:type>
<dev:defaultValue />
</command:parameter>
<command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named">
<maml:name>UseTransaction</maml:name>
<maml:description>
<maml:para>Includes the command in the active transaction. This parameter is valid only when a transaction is in progress. For more information, see about_Transactions.</maml:para>
</maml:description>
<command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue>
<dev:type>
<maml:name>SwitchParameter</maml:name>
<maml:uri />
</dev:type>
<dev:defaultValue />
</command:parameter>
</command:parameters>
<!-- Input - Output section-->
<command:inputTypes>
<command:inputType>
<dev:type>
<maml:name>System.Security.AccessControl.ObjectSecurity</maml:name>
<maml:uri/>
<maml:description />
</dev:type>
<maml:description>
<maml:para>
<!-- description -->
You can pipe a security descriptor to Set-Acl.
</maml:para>
</maml:description>
</command:inputType>
</command:inputTypes>
<command:returnValues>
<command:returnValue>
<dev:type>
<maml:name>None or security object</maml:name>
<maml:uri />
<maml:description />
</dev:type>
<maml:description>
<maml:para>
<!-- description -->
By default, Set-Acl does not generate any output. However, if you use the -Passthru parameter, it generates a security object. The type of the security object depends on the type of the resource.
</maml:para>
</maml:description>
</command:returnValue>
</command:returnValues>
<!-- Error section-->
<command:terminatingErrors />
<command:nonTerminatingErrors />
<!-- Notes section -->
<maml:alertSet>
<maml:title></maml:title>
<maml:alert>
<maml:para>
The Set-Acl cmdlet is supported by the Windows PowerShell file system and registry providers. As such, you can use it to change the security descriptors of files, directories, and registry keys.
When specifying multiple values for a parameter, use commas to separate the values. For example, "<parameter-name> <value1>, <value2>".
</maml:para>
</maml:alert>
<maml:alert>
<maml:para></maml:para>
</maml:alert>
</maml:alertSet>
<!-- Example section -->
<command:examples>
<command:example>
<maml:title>
-------------------------- EXAMPLE 1 --------------------------
</maml:title>
<maml:introduction>
<maml:para>C:\PS></maml:para>
</maml:introduction>
<dev:code>
$DogACL = get-acl c:\dog.txt
C:\PS>set-acl -path C:\cat.txt -AclObject $DogACL </dev:code>
<dev:remarks>
<maml:para>Description</maml:para>
<maml:para>-----------</maml:para>
<maml:para>These commands copy the values from the security descriptor of the Dog.txt file to the security descriptor of the Cat.txt file. When the commands complete, the security descriptors of the Dog.txt and Cat.txt files are identical.
The first command uses the Get-Acl cmdlet to get the security descriptor of the Dog.txt file. The assignment operator (=) stores the security descriptor in the value of the $DogACL variable.
The second command uses Set-Acl to change the values in the ACL of Cat.txt to the values in $DogACL.
The value of the Path parameter is the path to the Cat.txt file. The value of the AclObject parameter is the model ACL, in this case, the ACL of Dog.txt as saved in the $DogACL variable.</maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
</dev:remarks>
<command:commandLines>
<command:commandLine>
<command:commandText></command:commandText>
</command:commandLine>
</command:commandLines>
</command:example>
<command:example>
<maml:title>
-------------------------- EXAMPLE 2 --------------------------
</maml:title>
<maml:introduction>
<maml:para>C:\PS></maml:para>
</maml:introduction>
<dev:code>
get-acl c:\dog.txt | set-acl -path C:\cat.txt </dev:code>
<dev:remarks>
<maml:para>Description</maml:para>
<maml:para>-----------</maml:para>
<maml:para>This command is almost the same as the command in the previous example, except that it uses a pipeline operator to send the security descriptor retrieved in a Get-Acl command to a Set-Acl command.
The first command uses the Get-Acl cmdlet to get the security descriptor of the Dog.txt file. The pipeline operator (|) passes an object that represents the Dog.txt security descriptor to the Set-Acl command.
The second command uses Set-Acl to apply the security descriptor of Dog.txt to Cat.txt. When the command completes, the ACLs of the Dog.txt and Cat.txt files are identical.</maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
</dev:remarks>
<command:commandLines>
<command:commandLine>
<command:commandText></command:commandText>
</command:commandLine>
</command:commandLines>
</command:example>
<command:example>
<maml:title>
-------------------------- EXAMPLE 3 --------------------------
</maml:title>
<maml:introduction>
<maml:para>C:\PS></maml:para>
</maml:introduction>
<dev:code>
$newACL = get-acl file0.txt
C:\PS>get-childitem c:\temp -recurse -include *.txt -force | set-acl -aclobject $newacl </dev:code>
<dev:remarks>
<maml:para>Description</maml:para>
<maml:para>-----------</maml:para>
<maml:para>These commands apply the security descriptors in the File0.txt file to all text files in the C:\Temp directory and all of its subdirectories.
The first command gets the security descriptor of the File0.txt file in the current directory and uses the assignment operator (=) to store it in the $newACL variable.
The first command in the pipeline uses the Get-ChildItem cmdlet to get all of the text files in the C:\Temp directory. The Recurse parameter extends the command to all subdirectories of C:\temp. The Include parameter limits the files retrieved to those with the ".txt" file name extension. The Force parameter gets hidden files, which would otherwise be excluded. (You cannot use "c:\temp\*.txt", because the Recurse parameter works on directories, not on files.)
The pipeline operator (|) sends the objects representing the retrieved files to Set-Acl command, which applies the security descriptor in the AclObject parameter to all of the files in the pipeline.
In practice, it is best to use the Whatif parameter with all Set-Acl commands that can affect more than one resource. In this case, the second command in the pipeline would be "set-acl -aclobject $newacl -whatif". This command lists the files that would be affected by the command. After reviewing the result, you can run the command again without the Whatif parameter.</maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
</dev:remarks>
<command:commandLines>
<command:commandLine>
<command:commandText></command:commandText>
</command:commandLine>
</command:commandLines>
</command:example>
</command:examples>
<!-- Link section -->
<maml:relatedLinks>
<maml:navigationLink>
<maml:linkText>Online version:</maml:linkText>
<maml:uri>http://go.microsoft.com/fwlink/?LinkID=113389</maml:uri>
</maml:navigationLink>
<maml:navigationLink>
<maml:linkText>Get-Acl</maml:linkText>
<maml:uri/>
</maml:navigationLink>
</maml:relatedLinks>
</command:command>
<!-- v 1.1.0.9 -->
<command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
<command:details>
<command:name>
Set-AuthenticodeSignature
</command:name>
<maml:description>
<maml:para>Adds an Authenticode signature to a Windows PowerShell script or other file.</maml:para>
</maml:description>
<maml:copyright>
<maml:para></maml:para>
</maml:copyright>
<command:verb>Set</command:verb>
<command:noun>AuthenticodeSignature</command:noun>
<dev:version></dev:version>
</command:details>
<maml:description>
<maml:para>The Set-AuthenticodeSignature cmdlet adds an Authenticode signature to any file that supports Subject Interface Package (SIP).
In a Windows PowerShell script file, the signature takes the form of a block of text that indicates the end of the instructions that are executed in the script. If there is a signature in the file when this cmdlet runs, that signature is removed.</maml:para>
</maml:description>
<!-- Cmdlet syntax section-->
<command:syntax>
<command:syntaxItem>
<maml:name>Set-AuthenticodeSignature</maml:name>
<command:parameter required="true" variableLength="true" globbing="false" pipelineInput="true (ByValue, ByPropertyName)" position="1">
<maml:name>FilePath</maml:name>
<maml:description>
<maml:para>Specifies the path to a file that is being signed.</maml:para>
</maml:description>
<command:parameterValue required="true" variableLength="true">string[]</command:parameterValue>
</command:parameter>
<command:parameter required="true" variableLength="false" globbing="false" pipelineInput="false" position="2">
<maml:name>Certificate</maml:name>
<maml:description>
<maml:para>Specifies the certificate that will be used to sign the script or file. Enter a variable that stores an object representing the certificate or an expression that gets the certificate.
To find a certificate, use Get-PfxCertificate or use the Get-ChildItem cmdlet in the Certificate (Cert:) drive. If the certificate is not valid or does not have code-signing authority, the command fails.</maml:para>
</maml:description>
<command:parameterValue required="true" variableLength="false">X509Certificate2</command:parameterValue>
</command:parameter>
<command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named">
<maml:name>Force</maml:name>
<maml:description>
<maml:para>Allows the cmdlet to append a signature to a read-only file. Even using the Force parameter, the cmdlet cannot override security restrictions.</maml:para>
</maml:description>
</command:parameter>
<command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named">
<maml:name>HashAlgorithm</maml:name>
<maml:description>
<maml:para>Specifies the hashing algorithm that Windows uses to compute the digital signature for the file. The default is SHA1, which is the Windows default hashing algorithm.
Files that are signed with a different hashing algorithm might not be recognized on other systems.</maml:para>
</maml:description>
<command:parameterValue required="true" variableLength="false">string</command:parameterValue>
</command:parameter>
<command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named">
<maml:name>IncludeChain</maml:name>
<maml:description>
<maml:para>Determines which certificates in the certificate trust chain are included in the digital signature. "NotRoot" is the default.
Valid values are:
-- Signer: Includes only the signer's certificate.
-- NotRoot: Includes all of the certificates in the certificate chain, except for the root authority.
--All: Includes all the certificates in the certificate chain.</maml:para>
</maml:description>
<command:parameterValue required="true" variableLength="false">string</command:parameterValue>
</command:parameter>
<command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named">
<maml:name>TimestampServer</maml:name>
<maml:description>
<maml:para>Uses the specified time stamp server to add a time stamp to the signature. Type the URL of the time stamp server as a string.
The time stamp represents the exact time that the certificate was added to the file. A time stamp prevents the script from failing if the certificate expires because users and programs can verify that the certificate was valid at the time of signing.</maml:para>
</maml:description>
<command:parameterValue required="true" variableLength="false">string</command:parameterValue>
</command:parameter>
<command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named">
<maml:name>Confirm</maml:name>
<maml:description>
<maml:para>Prompts you for confirmation before executing the command.</maml:para>
</maml:description>
</command:parameter>
<command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named">
<maml:name>WhatIf</maml:name>
<maml:description>
<maml:para>Describes what would happen if you executed the command without actually executing the command.</maml:para>
</maml:description>
</command:parameter>
</command:syntaxItem>
</command:syntax>
<!-- Cmdlet parameter section -->
<command:parameters>
<command:parameter required="true" variableLength="false" globbing="false" pipelineInput="false" position="2">
<maml:name>Certificate</maml:name>
<maml:description>
<maml:para>Specifies the certificate that will be used to sign the script or file. Enter a variable that stores an object representing the certificate or an expression that gets the certificate.
To find a certificate, use Get-PfxCertificate or use the Get-ChildItem cmdlet in the Certificate (Cert:) drive. If the certificate is not valid or does not have code-signing authority, the command fails.</maml:para>
</maml:description>
<command:parameterValue required="true" variableLength="false">X509Certificate2</command:parameterValue>
<dev:type>
<maml:name>X509Certificate2</maml:name>
<maml:uri/>
</dev:type>
<dev:defaultValue></dev:defaultValue>
</command:parameter>
<command:parameter required="true" variableLength="true" globbing="false" pipelineInput="true (ByValue, ByPropertyName)" position="1">
<maml:name>FilePath</maml:name>
<maml:description>
<maml:para>Specifies the path to a file that is being signed.</maml:para>
</maml:description>
<command:parameterValue required="true" variableLength="true">string[]</command:parameterValue>
<dev:type>
<maml:name>string[]</maml:name>
<maml:uri/>
</dev:type>
<dev:defaultValue></dev:defaultValue>
</command:parameter>
<command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named">
<maml:name>Force</maml:name>
<maml:description>
<maml:para>Allows the cmdlet to append a signature to a read-only file. Even using the Force parameter, the cmdlet cannot override security restrictions.</maml:para>
</maml:description>
<command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue>
<dev:type>
<maml:name>SwitchParameter</maml:name>
<maml:uri/>
</dev:type>
<dev:defaultValue></dev:defaultValue>
</command:parameter>
<command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named">
<maml:name>HashAlgorithm</maml:name>
<maml:description>
<maml:para>Specifies the hashing algorithm that Windows uses to compute the digital signature for the file. The default is SHA1, which is the Windows default hashing algorithm.
Files that are signed with a different hashing algorithm might not be recognized on other systems.</maml:para>
</maml:description>
<command:parameterValue required="true" variableLength="false">string</command:parameterValue>
<dev:type>
<maml:name>string</maml:name>
<maml:uri/>
</dev:type>
<dev:defaultValue>SHA1</dev:defaultValue>
</command:parameter>
<command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named">
<maml:name>IncludeChain</maml:name>
<maml:description>
<maml:para>Determines which certificates in the certificate trust chain are included in the digital signature. "NotRoot" is the default.
Valid values are:
-- Signer: Includes only the signer's certificate.
-- NotRoot: Includes all of the certificates in the certificate chain, except for the root authority.
--All: Includes all the certificates in the certificate chain.</maml:para>
</maml:description>
<command:parameterValue required="true" variableLength="false">string</command:parameterValue>
<dev:type>
<maml:name>string</maml:name>
<maml:uri/>
</dev:type>
<dev:defaultValue></dev:defaultValue>
</command:parameter>
<command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named">
<maml:name>TimestampServer</maml:name>
<maml:description>
<maml:para>Uses the specified time stamp server to add a time stamp to the signature. Type the URL of the time stamp server as a string.
The time stamp represents the exact time that the certificate was added to the file. A time stamp prevents the script from failing if the certificate expires because users and programs can verify that the certificate was valid at the time of signing.</maml:para>
</maml:description>
<command:parameterValue required="true" variableLength="false">string</command:parameterValue>
<dev:type>
<maml:name>string</maml:name>
<maml:uri/>
</dev:type>
<dev:defaultValue></dev:defaultValue>
</command:parameter>
<command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named">
<maml:name>Confirm</maml:name>
<maml:description>
<maml:para>Prompts you for confirmation before executing the command.</maml:para>
</maml:description>
<command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue>
<dev:type>
<maml:name>SwitchParameter</maml:name>
<maml:uri />
</dev:type>
<dev:defaultValue />
</command:parameter>
<command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named">
<maml:name>WhatIf</maml:name>
<maml:description>
<maml:para>Describes what would happen if you executed the command without actually executing the command.</maml:para>
</maml:description>
<command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue>
<dev:type>
<maml:name>SwitchParameter</maml:name>
<maml:uri />
</dev:type>
<dev:defaultValue />
</command:parameter>
</command:parameters>
<!-- Input - Output section-->
<command:inputTypes>
<command:inputType>
<dev:type>
<maml:name>System.String</maml:name>
<maml:uri/>
<maml:description />
</dev:type>
<maml:description>
<maml:para>
<!-- description -->
You can pipe a string that contains the file path to Set-AuthenticodeSignature.
</maml:para>
</maml:description>
</command:inputType>
</command:inputTypes>
<command:returnValues>
<command:returnValue>
<dev:type>
<maml:name>System.Management.Automation.Signature</maml:name>
<maml:uri />
<maml:description />
</dev:type>
<maml:description>
<maml:para>
<!-- description -->
</maml:para>
</maml:description>
</command:returnValue>
</command:returnValues>
<!-- Error section-->
<command:terminatingErrors />
<command:nonTerminatingErrors />
<!-- Notes section -->
<maml:alertSet>
<maml:title></maml:title>
<maml:alert>
<maml:para>
</maml:para>
</maml:alert>
<maml:alert>
<maml:para></maml:para>
</maml:alert>
</maml:alertSet>
<!-- Example section -->
<command:examples>
<command:example>
<maml:title>
-------------------------- EXAMPLE 1 --------------------------
</maml:title>
<maml:introduction>
<maml:para>C:\PS></maml:para>
</maml:introduction>
<dev:code>
$cert=Get-ChildItem -Path cert:\CurrentUser\my -CodeSigningCert
C:\PS>Set-AuthenticodeSignature -FilePath PsTestInternet2.ps1 -certificate $cert </dev:code>
<dev:remarks>
<maml:para>Description</maml:para>
<maml:para>-----------</maml:para>
<maml:para>These commands retrieve a code-signing certificate from the Windows PowerShell certificate provider and use it to sign a Windows PowerShell script.
The first command uses the Get-ChildItem cmdlet and the Windows PowerShell certificate provider to get the certificates in the Cert:\CurrentUser\My subdirectory of the certificate store. (The Cert: drive is the drive exposed by the certificate provider.) The CodeSigningCert parameter, which is supported only by the certificate provider, limits the certificates retrieved to those with code-signing authority. The command stores the result in the $cert variable.
The second command uses the Set-AuthenticodeSignature cmdlet to sign the PSTestInternet2.ps1 script. It uses the FilePath parameter to specify the name of the script and the Certificate parameter to specify that the certificate is stored in the $cert variable.</maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
</dev:remarks>
<command:commandLines>
<command:commandLine>
<command:commandText></command:commandText>
</command:commandLine>
</command:commandLines>
</command:example>
<command:example>
<maml:title>
-------------------------- EXAMPLE 2 --------------------------
</maml:title>
<maml:introduction>
<maml:para>C:\PS></maml:para>
</maml:introduction>
<dev:code>
$cert = Get-PfxCertificate C:\Test\Mysign.pfx
C:\PS>Set-AuthenticodeSignature -Filepath ServerProps.ps1 -Cert $cert </dev:code>
<dev:remarks>
<maml:para>Description</maml:para>
<maml:para>-----------</maml:para>
<maml:para>These commands use the Get-PfxCertificate cmdlet to find a code signing certificate. Then, they use it to sign a Windows PowerShell script.
The first command uses the Get-PfxCertificate cmdlet to find the C:\Test\MySign.pfx certificate and store it in the $cert variable.
The second command uses Set-AuthenticodeSignature to sign the script. The FilePath parameter of Set-AuthenticodeSignature specifies the path to the script file being signed and the Cert parameter passes the $cert variable containing the certificate to Set-AuthenticodeSignature.
If the certificate file is password protected, Windows PowerShell prompts you for the password.</maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
</dev:remarks>
<command:commandLines>
<command:commandLine>
<command:commandText></command:commandText>
</command:commandLine>
</command:commandLines>
</command:example>
<command:example>
<maml:title>
-------------------------- EXAMPLE 3 --------------------------
</maml:title>
<maml:introduction>
<maml:para>C:\PS></maml:para>
</maml:introduction>
<dev:code>
Set-AuthenticodeSignature -filepath c:\scripts\Remodel.ps1 -certificate $cert -IncludeChain All -TimeStampServer "http://timestamp.fabrikam.com/scripts/timstamper.dll" </dev:code>
<dev:remarks>
<maml:para>Description</maml:para>
<maml:para>-----------</maml:para>
<maml:para>This command adds a digital signature that includes the root authority in the trust chain, and it is signed by a third-party timestamp server.
The command uses the FilePath parameter to specify the script being signed and the Certificate parameter to specify the certificate that is saved in the $cert variable. It uses the IncludeChain parameter to include all of the signatures in the trust chain (including the root authority). It also uses the TimeStampServer parameter to add a timestamp to the signature. This prevents the script from failing when the certificate expires.</maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
</dev:remarks>
<command:commandLines>
<command:commandLine>
<command:commandText></command:commandText>
</command:commandLine>
</command:commandLines>
</command:example>
</command:examples>
<!-- Link section -->
<maml:relatedLinks>
<maml:navigationLink>
<maml:linkText>Online version:</maml:linkText>
<maml:uri>http://go.microsoft.com/fwlink/?LinkID=113391</maml:uri>
</maml:navigationLink>
<maml:navigationLink>
<maml:linkText>about_Signing</maml:linkText>
<maml:uri/>
</maml:navigationLink>
<maml:navigationLink>
<maml:linkText>about_Execution_Policies</maml:linkText>
<maml:uri/>
</maml:navigationLink>
<maml:navigationLink>
<maml:linkText>Get-AuthenticodeSignature</maml:linkText>
<maml:uri/>
</maml:navigationLink>
<maml:navigationLink>
<maml:linkText>Get-PfxCertificate</maml:linkText>
<maml:uri/>
</maml:navigationLink>
<maml:navigationLink>
<maml:linkText>Get-ExecutionPolicy</maml:linkText>
<maml:uri/>
</maml:navigationLink>
<maml:navigationLink>
<maml:linkText>Set-ExecutionPolicy</maml:linkText>
<maml:uri/>
</maml:navigationLink>
</maml:relatedLinks>
</command:command>
<!-- v 1.1.0.9 -->
<command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10">
<command:details>
<command:name>
Set-ExecutionPolicy
</command:name>
<maml:description>
<maml:para>Changes the user preference for the Windows PowerShell execution policy.</maml:para>
</maml:description>
<maml:copyright>
<maml:para></maml:para>
</maml:copyright>
<command:verb>Set</command:verb>
<command:noun>ExecutionPolicy</command:noun>
<dev:version></dev:version>
</command:details>
<maml:description>
<maml:para>The Set-ExecutionPolicy changes the user preference for the Windows PowerShell execution policy.
To run this command on Windows Vista, Windows Server 2008, and later versions of Windows, you must start Windows PowerShell with the "Run as administrator" option, even if you are a member of the Administrators group on the computer.
The execution policy is part of the security strategy of Windows PowerShell. It determines whether you can load configuration files (including your Windows PowerShell profile) and run scripts, and it determines which scripts, if any, must be digitally signed before they will run.
For more information, see about_Execution_Policies.</maml:para>
</maml:description>
<!-- Cmdlet syntax section-->
<command:syntax>
<command:syntaxItem>
<maml:name>Set-ExecutionPolicy</maml:name>
<command:parameter required="true" variableLength="false" globbing="false" pipelineInput="true (ByValue)" position="1">
<maml:name>ExecutionPolicy</maml:name>
<maml:description>
<maml:para>Specifies a new execution policy for the shell. The parameter name ("Name") is optional.
Valid values are:
-- Restricted: Does not load configuration files or run scripts. "Restricted" is the default.
-- AllSigned: Requires that all scripts and configuration files be signed by a trusted publisher, including scripts that you write on the local computer.
-- RemoteSigned: Requires that all scripts and configuration files downloaded from the Internet be signed by a trusted publisher.
-- Unrestricted: Loads all configuration files and runs all scripts. If you run an unsigned script that was downloaded from the Internet, you are prompted for permission before it runs.
-- Bypass: Nothing is blocked and there are no warnings or prompts.
-- Undefined: Removes the currently assigned execution policy from the current scope. This parameter will not remove an execution policy that is set in a Group Policy scope.
</maml:para>
</maml:description>
<command:parameterValueGroup>
<command:parameterValue required="false" variableLength="false" >Unrestricted</command:parameterValue>
<command:parameterValue required="false" variableLength="false" >RemoteSigned</command:parameterValue>
<command:parameterValue required="false" variableLength="false" >AllSigned</command:parameterValue>
<command:parameterValue required="false" variableLength="false" >Restricted</command:parameterValue>
<command:parameterValue required="false" variableLength="false" >Default</command:parameterValue>
<command:parameterValue required="false" variableLength="false" >Bypass</command:parameterValue>
<command:parameterValue required="false" variableLength="false" >Undefined</command:parameterValue>
</command:parameterValueGroup>
</command:parameter>
<command:parameter required="false" variableLength="false" globbing="false" pipelineInput="true (ByPropertyName)" position="2">
<maml:name>Scope</maml:name>
<maml:description>
<maml:para>Specifies the scope of the execution policy. The default is LocalMachine.
Valid values are:
-- Process: The execution policy affects only the current Windows PowerShell process.
-- CurrentUser: The execution policy affects only the current user.
-- LocalMachine: The execution policy affects all users of the computer.
To remove an execution policy from a particular scope, set the execution policy for that scope to Undefined.</maml:para>
</maml:description>
<command:parameterValueGroup>
<command:parameterValue required="false" variableLength="false" >Process</command:parameterValue>
<command:parameterValue required="false" variableLength="false" >CurrentUser</command:parameterValue>
<command:parameterValue required="false" variableLength="false" >LocalMachine</command:parameterValue>
<command:parameterValue required="false" variableLength="false" >UserPolicy</command:parameterValue>
<command:parameterValue required="false" variableLength="false" >MachinePolicy</command:parameterValue>
</command:parameterValueGroup>
</command:parameter>
<command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named">
<maml:name>Force</maml:name>
<maml:description>
<maml:para>Suppresses all prompts. By default, Set-ExecutionPolicy displays a warning whenever you change the execution policy.</maml:para>
</maml:description>
</command:parameter>
<command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named">
<maml:name>Confirm</maml:name>
<maml:description>
<maml:para>Prompts you for confirmation before executing the command.</maml:para>
</maml:description>
</command:parameter>
<command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named">
<maml:name>WhatIf</maml:name>
<maml:description>
<maml:para>Describes what would happen if you executed the command without actually executing the command.</maml:para>
</maml:description>
</command:parameter>
</command:syntaxItem>
</command:syntax>
<!-- Cmdlet parameter section -->
<command:parameters>
<command:parameter required="true" variableLength="false" globbing="false" pipelineInput="true (ByValue)" position="1">
<maml:name>ExecutionPolicy</maml:name>
<maml:description>
<maml:para>Specifies a new execution policy for the shell. The parameter name ("Name") is optional.
Valid values are:
-- Restricted: Does not load configuration files or run scripts. "Restricted" is the default.
-- AllSigned: Requires that all scripts and configuration files be signed by a trusted publisher, including scripts that you write on the local computer.
-- RemoteSigned: Requires that all scripts and configuration files downloaded from the Internet be signed by a trusted publisher.
-- Unrestricted: Loads all configuration files and runs all scripts. If you run an unsigned script that was downloaded from the Internet, you are prompted for permission before it runs.
-- Bypass: Nothing is blocked and there are no warnings or prompts.
-- Undefined: Removes the currently assigned execution policy from the current scope. This parameter will not remove an execution policy that is set in a Group Policy scope.
</maml:para>
</maml:description>
<command:parameterValue required="true" variableLength="false">ExecutionPolicy</command:parameterValue>
<dev:type>
<maml:name>ExecutionPolicy</maml:name>
<maml:uri/>
</dev:type>
<dev:defaultValue></dev:defaultValue>
</command:parameter>
<command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named">
<maml:name>Force</maml:name>
<maml:description>
<maml:para>Suppresses all prompts. By default, Set-ExecutionPolicy displays a warning whenever you change the execution policy.</maml:para>
</maml:description>
<command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue>
<dev:type>
<maml:name>SwitchParameter</maml:name>
<maml:uri/>
</dev:type>
<dev:defaultValue></dev:defaultValue>
</command:parameter>
<command:parameter required="false" variableLength="false" globbing="false" pipelineInput="true (ByPropertyName)" position="2">
<maml:name>Scope</maml:name>
<maml:description>
<maml:para>Specifies the scope of the execution policy. The default is LocalMachine.
Valid values are:
-- Process: The execution policy affects only the current Windows PowerShell process.
-- CurrentUser: The execution policy affects only the current user.
-- LocalMachine: The execution policy affects all users of the computer.
To remove an execution policy from a particular scope, set the execution policy for that scope to Undefined.</maml:para>
</maml:description>
<command:parameterValue required="true" variableLength="false">ExecutionPolicyScope</command:parameterValue>
<dev:type>
<maml:name>ExecutionPolicyScope</maml:name>
<maml:uri/>
</dev:type>
<dev:defaultValue>LocalMachine</dev:defaultValue>
</command:parameter>
<command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named">
<maml:name>Confirm</maml:name>
<maml:description>
<maml:para>Prompts you for confirmation before executing the command.</maml:para>
</maml:description>
<command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue>
<dev:type>
<maml:name>SwitchParameter</maml:name>
<maml:uri />
</dev:type>
<dev:defaultValue />
</command:parameter>
<command:parameter required="false" variableLength="true" globbing="false" pipelineInput="false" position="named">
<maml:name>WhatIf</maml:name>
<maml:description>
<maml:para>Describes what would happen if you executed the command without actually executing the command.</maml:para>
</maml:description>
<command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue>
<dev:type>
<maml:name>SwitchParameter</maml:name>
<maml:uri />
</dev:type>
<dev:defaultValue />
</command:parameter>
</command:parameters>
<!-- Input - Output section-->
<command:inputTypes>
<command:inputType>
<dev:type>
<maml:name>Microsoft.PowerShell.ExecutionPolicy, System.String</maml:name>
<maml:uri/>
<maml:description />
</dev:type>
<maml:description>
<maml:para>
<!-- description -->
You can pipe an execution policy object or a string that contains the name of an execution policy to Set-ExecutionPolicy.
</maml:para>
</maml:description>
</command:inputType>
</command:inputTypes>
<command:returnValues>
<command:returnValue>
<dev:type>
<maml:name>None</maml:name>
<maml:uri />
<maml:description />
</dev:type>
<maml:description>
<maml:para>
<!-- description -->
This cmdlet does not return any output.
</maml:para>
</maml:description>
</command:returnValue>
</command:returnValues>
<!-- Error section-->
<command:terminatingErrors />
<command:nonTerminatingErrors />
<!-- Notes section -->
<maml:alertSet>
<maml:title></maml:title>
<maml:alert>
<maml:para>
When you use Set-ExecutionPolicy, the new user preference is written to the registry and remains unchanged until you change it.
However, if the "Turn on Script Execution" Group Policy is enabled for the computer or user, the user preference is written to the registry, but it is not effective, and Windows PowerShell displays a message explaining the conflict. You cannot use Set-ExecutionPolicy to override a Group Policy, even if the user preference is more restrictive than the policy.
</maml:para>
</maml:alert>
<maml:alert>
<maml:para></maml:para>
</maml:alert>
</maml:alertSet>
<!-- Example section -->
<command:examples>
<command:example>
<maml:title>
-------------------------- EXAMPLE 1 --------------------------
</maml:title>
<maml:introduction>
<maml:para>C:\PS></maml:para>
</maml:introduction>
<dev:code>
set-executionpolicy remotesigned </dev:code>
<dev:remarks>
<maml:para>Description</maml:para>
<maml:para>-----------</maml:para>
<maml:para>This command sets the user preference for the shell execution policy to RemoteSigned.</maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
</dev:remarks>
<command:commandLines>
<command:commandLine>
<command:commandText></command:commandText>
</command:commandLine>
</command:commandLines>
</command:example>
<command:example>
<maml:title>
-------------------------- EXAMPLE 2 --------------------------
</maml:title>
<maml:introduction>
<maml:para>C:\PS></maml:para>
</maml:introduction>
<dev:code>
Set-ExecutionPolicy Restricted
Set-ExecutionPolicy : Windows PowerShell updated your local preference successfully, but the setting is overridden by the group policy applied to your system. Due to the override, your shell will retain its current effective execution policy of "AllSigned". Contact your group policy administrator for more information.
At line:1 char:20
+ set-executionpolicy <<<< restricted </dev:code>
<dev:remarks>
<maml:para>Description</maml:para>
<maml:para>-----------</maml:para>
<maml:para>This command attempts to set the execution policy for the shell to "Restricted." The "Restricted" setting is written to the registry, but because it conflicts with a Group Policy, it is not effective, even though it is more restrictive than the policy.</maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
</dev:remarks>
<command:commandLines>
<command:commandLine>
<command:commandText></command:commandText>
</command:commandLine>
</command:commandLines>
</command:example>
<command:example>
<maml:title>
-------------------------- EXAMPLE 3 --------------------------
</maml:title>
<maml:introduction>
<maml:para>C:\PS></maml:para>
</maml:introduction>
<dev:code>
invoke-command -computername Server01 -scriptblock {get-executionpolicy} | set-executionpolicy -force </dev:code>
<dev:remarks>
<maml:para>Description</maml:para>
<maml:para>-----------</maml:para>
<maml:para>This command gets the execution policy from a remote computer and applies that execution policy to the local computer.
The command uses the Invoke-Command cmdlet to send the command to the remote computer. Because you can pipe an ExecutionPolicy (Microsoft.PowerShell.ExecutionPolicy) object to Set-ExecutionPolicy, the Set-ExecutionPolicy command does not need an ExecutionPolicy parameter.
The command does have a Force parameter, which suppresses the user prompt. </maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
</dev:remarks>
<command:commandLines>
<command:commandLine>
<command:commandText></command:commandText>
</command:commandLine>
</command:commandLines>
</command:example>
<command:example>
<maml:title>
-------------------------- EXAMPLE 4 --------------------------
</maml:title>
<maml:introduction>
<maml:para>C:\PS></maml:para>
</maml:introduction>
<dev:code>
set-executionpolicy -scope CurrentUser -executionPolicy AllSigned -force
C:\PS> get-executionpolicy -list
Scope ExecutionPolicy
----- ---------------
MachinePolicy Undefined
UserPolicy Undefined
Process Undefined
CurrentUser AllSigned
LocalMachine RemoteSigned
C:\PS> get-executionpolicy
AllSigned </dev:code>
<dev:remarks>
<maml:para>Description</maml:para>
<maml:para>-----------</maml:para>
<maml:para>This example shows how to set an execution policy for a particular scope.
The first command uses the Set-ExecutionPolicy cmdlet to set an execution policy of AllSigned for the current user. It uses the Force parameter to suppress the user prompts.
The second command uses the List parameter of Get-ExecutionPolicy to get the execution policies set in each scope. The results show that the execution policy that is set for the current user differs from the execution policy set for all users of the computer.
The third command uses the Get-ExecutionPolicy cmdlet without parameters to get the effective execution policy for the current user on the local computer. The result confirms that the execution policy that is set for the current user takes precedence over the one set for all users.</maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
</dev:remarks>
<command:commandLines>
<command:commandLine>
<command:commandText></command:commandText>
</command:commandLine>
</command:commandLines>
</command:example>
<command:example>
<maml:title>
-------------------------- EXAMPLE 5 --------------------------
</maml:title>
<maml:introduction>
<maml:para>C:\PS></maml:para>
</maml:introduction>
<dev:code>
set-executionpolicy -scope CurrentUser -executionPolicy Undefined </dev:code>
<dev:remarks>
<maml:para>Description</maml:para>
<maml:para>-----------</maml:para>
<maml:para>This command uses an execution policy value of Undefined to effectively remove the execution policy that is set for the current user scope. As a result, the execution policy that is set in Group Policy or in the LocalMachine (all users) scope is effective.
If you set the execution policy in all scopes to Undefined and the Group Policy is not set, the default execution policy, Restricted, is effective for all users of the computer.</maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
<maml:para></maml:para>
</dev:remarks>
<command:commandLines>
<command:commandLine>
<command:commandText></command:commandText>
</command:commandLine>
</command:commandLines>
</command:example>
</command:examples>
<!-- Link section -->
<maml:relatedLinks>
<maml:navigationLink>
<maml:linkText>Online version:</maml:linkText>
<maml:uri>http://go.microsoft.com/fwlink/?LinkID=113394</maml:uri>
</maml:navigationLink>
<maml:navigationLink>
<maml:linkText>Get-ExecutionPolicy</maml:linkText>
<maml:uri/>
</maml:navigationLink>
<maml:navigationLink>
<maml:linkText>Set-AuthenticodeSignature</maml:linkText>
<maml:uri/>
</maml:navigationLink>
<maml:navigationLink>
<maml:linkText>Get-AuthenticodeSignature</maml:linkText>
<maml:uri/>
</maml:navigationLink>
<maml:navigationLink>
<maml:linkText>about_Execution_Policies</maml:linkText>
<maml:uri/>
</maml:navigationLink>
<maml:navigationLink>
<maml:linkText>about_Signing</maml:linkText>
<maml:uri/>
</maml:navigationLink>
</maml:relatedLinks>
</command:command>
<!-- v 1.1.0.9 -->
<providerHelp>
<Name>
Certificate
</Name>
<Drives>
<Para>Cert:</Para>
</Drives>
<Synopsis>
Provides access to X.509 certificate stores and certificates from within Windows PowerShell.
</Synopsis>
<DetailedDescription>
<para>The Windows PowerShell security strategy supports the use of Authenticode signatures to sign scripts using X.509-encoded digital public key certificates. The signing features of Windows PowerShell are not intended to be complete, but they enable users to sign scripts and enable Windows PowerShell to recognize signed and unsigned scripts and to determine whether the scripts originate on the Internet.
The Windows PowerShell Certificate provider lets you navigate the certificate namespace and view the certificate stores and certificates. It also lets you copy, move, and delete certificates and certificate stores, and it lets you open the Certificates snap-in for the Microsoft Management Console (MMC).
The Certificate provider exposes the certificate namespace as the Cert: drive in Windows PowerShell. The Cert: drive has the following three levels:
-- Store locations (Microsoft.PowerShell.Commands.X509StoreLocation), which are high-level containers that group the certificates for the current user and for all users. Each system has a CurrentUser and LocalMachine (all users) store location.
-- Certificates stores (System.Security.Cryptography.X509Certificates.X509Store), which are physical stores in which certificates are saved and managed.
-- X.509 certificates (System.Security.Cryptography.X509Certificates.X509Certificate2), each of which represent an X.509 certificate on the computer. Certificates are identified by their thumbprints.
The Windows PowerShell Certificate provider supports the Set-Location, Get-Location, Get-Item, Get-ChildItem, and Invoke-Item cmdlets.
In addition, the Windows PowerShell Security snap-in (Microsoft.PowerShell.Security), which includes the Certificate provider, also includes snap-ins to get and set Authenticode signatures and to get certificates. For a list of cmdlets in the Security snap-in, type "get-command -module *security".</para>
</DetailedDescription>
<Capabilities>
<para></para>
</Capabilities>
<Filters>
<para></para>
</Filters>
<Notes>
</Notes>
<Tasks>
<Task>
<Title>
Navigating the Cert: Drive
</Title>
<Description>
<para></para>
</Description>
<Examples>
<Example>
<Title>
-------------------------- EXAMPLE 1 --------------------------
</Title>
<Introduction>
<para>This command uses the Set-Location cmdlet to change the current location to the Cert: drive.</para>
</Introduction>
<Code>
set-location cert:
</Code>
<Remarks>
<para></para>
</Remarks>
</Example>
<Example>
<Title>
-------------------------- EXAMPLE 2 --------------------------
</Title>
<Introduction>
<para>This command uses the Set-Location command to change the current location to the Root certificate store in the LocalMachine store location. Use a backslash (\) or a forward slash (/) to indicate a level of the Cert: drive.</para>
</Introduction>
<Code>
set-location -path LocalMachine\Root
</Code>
<Remarks>
<para>If you are not in the Cert: drive, begin the path with the drive name.</para>
</Remarks>
</Example>
</Examples>
</Task>
<Task>
<Title>
Displaying the Contents of the Cert: Drive
</Title>
<Description>
<para></para>
</Description>
<Examples>
<Example>
<Title>
-------------------------- EXAMPLE 1 --------------------------
</Title>
<Introduction>
<para>This command uses the Get-ChildItem cmdlet to display the certificate stores in the CurrentUser certificate store location.</para>
</Introduction>
<Code>
get-childitem -path cert:\CurrentUser
</Code>
<Remarks>
<para>If you are in the Cert: drive, you can omit the drive name.</para>
</Remarks>
</Example>
<Example>
<Title>
-------------------------- EXAMPLE 2 --------------------------
</Title>
<Introduction>
<para>This command uses the Get-ChildItem cmdlet to display the certificates in the My certificate store.</para>
</Introduction>
<Code>
get-childitem -path cert:\CurrentUser\My
</Code>
<Remarks>
<para>If you are in the Cert: drive, you can omit the drive name.</para>
</Remarks>
</Example>
<Example>
<Title>
-------------------------- EXAMPLE 3 --------------------------
</Title>
<Introduction>
<para>This command uses the Get-Item cmdlet to get the "My" certificate store and the Property parameter of Format-List with a wildcard character (*) to display all of the properties of the store.</para>
</Introduction>
<Code>
get-item -path cert:\CurrentUser\My | format-list *
</Code>
<Remarks>
<para></para>
</Remarks>
</Example>
<Example>
<Title>
-------------------------- EXAMPLE 4 --------------------------
</Title>
<Introduction>
<para>This command gets a certificate and displays all of its properties. It uses the Get-ChildItem cmdlet to get the certificate and the Property parameter of Format-List with a wildcard character (*) to display all of the properties of the certificate.
The certificate is identified by its thumbprint.</para>
</Introduction>
<Code>
get-childitem -path cert:\CurrentUser\my\6B8223358119BB08840DEE50FD8AF9EA776CE66B | format-list -property *
</Code>
<Remarks>
<para></para>
</Remarks>
</Example>
<Example>
<Title>
-------------------------- EXAMPLE 5 --------------------------
</Title>
<Introduction>
<para>This command uses the Get-ChildItem cmdlet to get all of the certificates on the computer and its CodeSigningCert dynamic parameter to get only the certificates that have code-signing authority.</para>
</Introduction>
<Code>
get-childitem -path * -codesigningcert -recurse
</Code>
<Remarks>
<para></para>
</Remarks>
</Example>
</Examples>
</Task>
<Task>
<Title>
Opening the Certificates MMC Snap-in
</Title>
<Description>
<para></para>
</Description>
<Examples>
<Example>
<Title>
-------------------------- EXAMPLE 1 --------------------------
</Title>
<Introduction>
<para>This command opens the Certificates MMC snap-in to manage the specified certificate.</para>
</Introduction>
<Code>
invoke item cert:\CurrentUser\my\6B8223358119BB08840DEE50FD8AF9EA776CE66B
</Code>
<Remarks>
<para></para>
</Remarks>
</Example>
</Examples>
</Task>
</Tasks>
<DynamicParameters>
<DynamicParameter>
<Name>CodeSigningCert</Name>
<CmdletSupported>Get-Item, Get-ChildItem</CmdletSupported>
<Type>
<Name>System.Management.Automation.SwitchParameter</Name>
</Type>
<Description>Gets only those certificates with code-signing authority.</Description>
<PossibleValues>
<PossibleValue>
<Value></Value>
<Description>
<para></para>
</Description>
</PossibleValue>
</PossibleValues>
</DynamicParameter>
</DynamicParameters>
<RelatedLinks>
<navigationLink>
<linkText>about_Providers</linkText>
<uri/>
</navigationLink>
<navigationLink>
<linkText>about_Signing</linkText>
<uri/>
</navigationLink>
<navigationLink>
<linkText>Get-AuthenticodeSignature</linkText>
<uri/>
</navigationLink>
<navigationLink>
<linkText>Set-AuthenticodeSignature</linkText>
<uri/>
</navigationLink>
<navigationLink>
<linkText>Get-PfxCertificate</linkText>
<uri/>
</navigationLink>
</RelatedLinks>
</providerHelp>
</helpItems>