Monday, March 4, 2013

Signing scripts, from now on

During the Lyncconf13, I was lucky enough to win a certificate from digicert in give away competition from the The UC Architects. It didn't take long to decide what to do with the gift. I decided to get a code signing certificate for my online scripts.

Now, you should be able to run the scripts directly by downloading them to your labs, without tampering with the script, it's security settings or your power shell security setting.

A benefit for me, is to see if the script has been tampered with if it does not work on a tested system. I decided to sign all my backup scripts, and I will also sign every new script I post on my blog.

As a side note: I was wondering if signing a lot of certificates was going to take a long time. I turned to power shell  and scripted it. What else "could" I do? It turned out to be quite easy, and done in a few minutes (writing the code, signing took seconds)


param ([Parameter(Mandatory=$true)][string]$folder,[string]$certvalue)

cd $folder

$cert = @(gci cert:\currentuser\my -codesigning)[$certvalue]
foreach ($scripts in (Get-ChildItem)){
Set-AuthenticodeSignature $scripts $cert}

All my backup scripts have been updated, so if you download these scripts now, they will be signed. (If your machine trusts Digicert, you should be in good shape.)

Here are two posts I used as reference:
http://technet.microsoft.com/nb-no/magazine/2008.04.powershell(en-us).aspx
http://tfl09.blogspot.no/2010/06/signing-powershell-scripts.html

Labels: , , , , ,

1 comment:

Pat Richard said...

Glad you entered our contest and won. I have a function for code signing that you might like. New-SignedScript.ps1 http://www.ehloworld.com/1496

March 4, 2013 at 7:25 PM

Post a Comment

Subscribe to: Post Comments (Atom)

Labels

Lync (29) Powershell (22) Microfoft Lync Server 2010 (21) Microsoft (14) Voice (12) Windows (12) Cisco (11) cspshell (10) CUCM (9) Microsoft Lync Server 2010 (9) OCS 2007 (9) Script (9) CCIE (8) OCS 2007 R2 (8) Windows Server 2008 (8) csps (8) Microsoft Lync Server 2013 (7) Backup (6) CUCM 7 (5) CUCM 8 (5) Certifications (5) Internetworkexpert (5) Lab (5) Mediation Server (5) SQL (5) Server (5) enable-csuser (5) Beta (4) Certificate (4) Freeware (4) LineURI (4) MS Exchange (4) Microsoft Office Communicator 2007 R2 (4) Software (4) Unified Messaging (4) Virtual Machine (4) Windows Live (4) set-csuser (4) Address Book (3) Blog tool (3) Browser (3) CAC (3) Call Manager (3) Certificate Authority (3) Chrome (3) Google (3) Graded Labs (3) IPT (3) Iewb-vo-vol1 (3) Install (3) Internet (3) SIP (3) SIP Trunk (3) SQL 2008 (3) UC (3) Upgrading (3) Virtual PC (3) Windows 7 (3) Windows Server 2008 R2 (3) import-csv (3) Active Directory (2) Backup-cspool (2) Bandwidth Management (2) CUCILYNC (2) Edge (2) Exchange 2010 (2) Exchange Roles (2) Front-end server (2) HYPER-V (2) IIS (2) Lync client (2) MTP (2) New-aduser (2) Normalization (2) R2 (2) Remote control (2) SSL (2) Scripts (2) USB (2) User (2) VMWare (2) Virtual Server (2) Voice policies (2) backup-sqldatabase (2) get-adgroup (2) get-adgroupmember (2) get-csaduser (2) get-csuser (2) 074-322 (1) 074-924 (1) 0x80070534 (1) 0xC3EC796C (1) 32bit (1) 350-030 (1) 443 (1) 5062 (1) 64bit (1) A/V authentication (1) ADDS (1) Android (1) Application server (1) Assigned (1) Attendant (1) Brussels (1) CD (1) COMMUNICATIONS MANAGER (1) CUBE (1) CUCIMOC (1) CUPS (1) CWA (1) CentralManagementDatabase (1) Certification (1) Charter Member (1) Cisco ISR (1) Cisco Presence (1) Codesigning (1) Commands (1) Communicator Web Access (1) Conference (1) Count (1) DHCP (1) DHCPUtil (1) DL360 (1) DNS (1) Database (1) Deployment (1) Desktop (1) DialPlan (1) Digicert (1) Digit manipulation (1) Domain (1) Dual-boot (1) ESX (1) EWS (1) Emulateclient (1) Encryption (1) Enterprise Edition (1) Enterprise Voice (1) Error (1) Error 3221684226 (1) Error 40 (1) Error 404 (1) Error 503 (1) Event ID 32018 (1) Exchange (1) Exchange 2007 (1) Export-CsPersistentChatData (1) Export-CsRgsConfiguration (1) Export-CsUserData (1) FTP (1) Fail (1) Failure (1) Filemerge (1) General network (1) Global Knowledge (1) HCL (1) HD (1) HP (1) HTC Touch (1) INVITE (1) Install-CsDatabase (1) Just for fun (1) Limited External Calling (1) Linux (1) Livemeeting (1) Lync 2013 (1) Lync Phone (1) Lync Server 2012 (1) Lync Server SDK 2010 (1) MAPI (1) Microsoft Communications Server R2 Attendant (1) Microsoft® Community Contributor Award (1) NTP (1) Netwise CMG (1) Netwise CMGVoice (1) New-CSVoiceNormalizationRule (1) New-CsNetworkBandwidthPolicyProfile (1) New-CsNetworkRegion (1) New-CsNetworkSite (1) New-CsNetworkSubnet (1) OCS validation (1) Office 2007 (1) Office 2010 (1) Option 43 (1) PSTN GW (1) Planning Tool (1) RC (1) RDP (1) RSAT (1) Resource Kit (1) Resource Kit Tool (1) Reverse Proxy (1) Rundtomrundt (1) SDelete (1) SP1 (1) SP3 (1) Sipaddresstype (1) Sipreroute (1) Standard Edition (1) Success (1) Switchboard (1) Sysadminday (1) Sysinternals (1) System administrator (1) Tablet (1) TeamViewer (1) Test-csphonebootstrap (1) Topology Builder (1) Translation-rule (1) TrueCrypt (1) Twitter (1) UC520 (1) UM (1) Ubuntu (1) Ubuntu 9 (1) Unassigned (1) Unsupported (1) Users (1) Windows Firewall (1) Windows Vista (1) Windows XP (1) aboutme (1) csv (1) export-csv (1) get-aduser (1) get-csanalogdevice (1) get-cscommonareaphone (1) grant-csdialplan (1) grant-voicepolicy (1) mslearning (1) new-csserverapplication (1) notepad (1) passwords (1) send-mailmessage (1) set-aduser (1) syntaxHighlighter (1)