Now, you should be able to run the scripts directly by downloading them to your labs, without tampering with the script, it's security settings or your power shell security setting.
A benefit for me, is to see if the script has been tampered with if it does not work on a tested system. I decided to sign all my backup scripts, and I will also sign every new script I post on my blog.
As a side note: I was wondering if signing a lot of certificates was going to take a long time. I turned to power shell and scripted it. What else "could" I do? It turned out to be quite easy, and done in a few minutes (writing the code, signing took seconds)
param ([Parameter(Mandatory=$true)][string]$folder,[string]$certvalue)
cd $folder
$cert = @(gci cert:\currentuser\my -codesigning)[$certvalue]
foreach ($scripts in (Get-ChildItem)){
Set-AuthenticodeSignature $scripts $cert}
All my backup scripts have been updated, so if you download these scripts now, they will be signed. (If your machine trusts Digicert, you should be in good shape.)
Here are two posts I used as reference:
http://technet.microsoft.com/nb-no/magazine/2008.04.powershell(en-us).aspx
http://tfl09.blogspot.no/2010/06/signing-powershell-scripts.html
Glad you entered our contest and won. I have a function for code signing that you might like. New-SignedScript.ps1 http://www.ehloworld.com/1496
ReplyDelete