Tag Archives: powershell

Start and stop windows services with powershell scripts

With Powershell you can easily start or stop specific windows services depending on current status. An example is starting the VMWare Services only if they are currently stopped. The command

get-service

list all windows service with their status, short – and display name. Create a new File startVMWare.ps1 and paste the following

foreach ($svc in Get-Service){
  if(($svc.displayname.StartsWith("VMware")) -AND ($svc.Status -eq "Stopped")) {
    echo $svc.DisplayName
    Start-Service $svc.name
  }
}

Sign the script as shown in my previous post to run self signed scripts. Run the script in an powershell with administrator rights.

.\startVMWare.ps1

The script starts only stopped VMWare services. To run this script directly you can write a small dos file startVMWare.cmd with the following content

powershell -file <FULL PATH TO YOUR SCRIPT>\startVMWare.ps1

Start the Dos file with right click and admin rights to execute the vmware start powershell script.

Howto run self signed powershell scripts

Windows command line scripts was for a long time the only way for scripting windows. With the Windows PowerShell you have can write scripts more like an program in object oriented way. Starting with Windows 7 it is preinstalled with version 2.0 but can as well installed under Windows XP or Vista. Windows 8 will ship with version 3.0 which adds windows work flow foundation functionality. Windows 7 ships with an IDE for PowerShell called Windows PowerShell ISE”. Scripts stored in files with .ps1 suffix. A sample hello world looks like this:

echo "hello world"

Save the content in a file called hello.ps1. Start the powershell by searching for powershell in the windows 7 search box above the start button and with right click to run as administrator. Change the current folder with cdto the one where you saved your first powershell script. Run your script with

.\hello.ps1

Unfortunately you get a PSSecurityException because powershell script execution is controlled by an security policy. Like Java signed jars you must sign your scripts and set the policy to execute only signed scripts

Set-ExecutionPolicy Restricted

Powershell accepts self signed certificates and can be created by the makecert command. Makecert is part of the windows SDK. Download the installer and run through the wizard steps. At the last screen deselect all parts and check only the tools under first section called Windows Native Code Development. Open a command shell with shift and right click on the folder C:\Program Files\Microsoft SDKs\Windows\v7.1\Bin. Enter the following commands to create a authority:

makecert -n "CN=PowerShell Local Certificate Root" -a sha1 -eku 1.3.6.1.5.5.7.3.3 -r -sv root.pvk root.cer -ss Root -sr localMachine

and the following command to create a self signed certificate

makecert -pe -n "CN=PowerShell User" -ss MY -a sha1 -eku 1.3.6.1.5.5.7.3.3 -iv root.pvk -ic root.cer

The following command in the powershell show your created certificate:

Get-ChildItem cert:\CurrentUser\My -codesign

Now we can sign our first script with the following command

Set-AuthenticodeSignature .\hello.ps1 @(Get-ChildItem cert:\CurrentUser\My -codesigning)[0]

Run now your signed script with

.\hello.ps1

with prints

hello world

Powershell scripts can use profile scripts to store common functions for own scripts, functions,.. Enter the following command to your standard profile file

$profile

Open the file or create it with a text editor and paste the following

function sign ($filename) {
 $cert = @(gci cert:\currentuser\my -codesigning)[0]
 Set-AuthenticodeSignature $filename $cert
 }

Sign the profile file

Set-AuthenticodeSignature $profile @(Get-ChildItem cert:\CurrentUser\My -codesigning)[0]

Write now your own little powershell script like test.ps1. The sign function can now be used like this

sign .\test1.ps1