PowerShell comes with a default configuration. To further configure your environment and override that default configuration, you can add modules, use PowerShell profile scripts, and deploy PowerShell settings via Group Policy.
PowerShell and Windows applications come with numerous modules (each containing PowerShell commands). To extend PowerShell’s capabilities, you can find and download additional modules. The PowerShell Gallery is home to thousands of community (and Microsoft) authored modules that could be helpful, as noted in the Modules section earlier.
You can use your browser to view the contents of the gallery at https://packt.link/ghY17. The gallery also includes newer versions of modules shipped with Windows (and Windows PowerShell). For example, the authors of both the
PowerShellGet modules have created updated versions that you can download.
NTFSSecurity module, for example, makes it much easier to automate the ACLs within Windows NTFS. The commands in this module greatly simplify the management of ACLs on files and folders and the configuration of permission inheritance.
To use PowerShell with the PowerShell Gallery, you need the latest version of the
PowerShellGet module. You can also get this update from the PowerShell Gallery.
Profiles are PowerShell scripts that PowerShell runs automatically each time you run either Windows PowerShell or PowerShell 7. The profile files are in a well-known location and have a well-known name (well known to PowerShell, that is).
To cater to a wide variety of usage scenarios, PowerShell defines four separate profile files:
AllUsersAllHosts: PowerShell runs this profile file for every user using any PowerShell host (including Windows Terminal, VS Code, etc.).
AllUsersCurrentHost: Powershell runs this script for all users using this specific PowerShell host.
CurrentUserAllHosts: PowerShell runs this solely for the currently logged-on user for all hosts.
CurrentUserCurrentHost: PowerShell runs this solely for the current logged-on user and only this host. The built-in
$Profilevariable holds the name of this profile file.
Figure 2.14 – Profile file locations
For more details on the PowerShell profile, see https://packt.link/3q3ek.
Group Policy is a feature of Windows Active Directory. Group Policy enables the administrator to dictate specific settings and policies on individual systems. Windows automatically applies these policies each time you restart the system or log on and refresh the policies regularly. Group Policy is a great way to leverage Active Directory to create customized, desktop environments.
The PowerShell-related policies you can set using Group Policy are as follows:
- Execution Policy: Specifies a value different from PowerShell’s default execution policy
- Module Logging: Whether to perform module logging and for which modules
- Script Block Logging: Whether to log script block execution
- Transcription: Whether to create transcripts for all PowerShell sessions
- The default source path for Update-Help: Allows you to create a local repository for help information and to have
Update-Helpuse that location to obtain the updates
See https://packt.link/x4M1W for more information about these Group Policy settings.