To keep up with the rapid pace at which technology and the IT space moves, MSPs should always be on the lookout for ways to boost operational productivity and efficiency. This blog is dedicated to detailing how to leverage automation through PowerShell, one of the most robust and widely used scripting languages available today. We’ll cover the basics of using PowerShell automation scripts, best practices for automating repetitive tasks and more.
What is PowerShell?
PowerShell is a cross-platform task automation framework developed by Microsoft. It is a scripting language and an interactive command-line that runs on Windows, Linux and macOS, and is designed to simplify system management tasks.
PowerShell is used extensively across various IT domains, such as cybersecurity, system administration, and network configuration, and the benefits of applying it are far-reaching. Automation, simplified scripting, and the ability to manage both Windows and non-Windows systems are just a few examples.
While it has some overlap with other scripting languages like Python and Bash, PowerShell is specifically designed for Windows environments, and therefore offers seamless integration with Windows features and applications.
Let’s talk about how it works, why it matters and most importantly – how to leverage it to your advantage.
How does PowerShell work?
PowerShell is built to use four types of commands that help technicians save time on repetitive or time-consuming tasks.
Supercharge Your Scripting Superpower
Want a cheat sheet with advice and Syncro’s most sought-after scripting secrets? Say no more. Download the FREE guide today.
Cmdlets
Cmdlets, pronounced “command-lets,” are PowerShell’s basic single-function commands. Essentially, they’re specialized .NET classes used for implementing specific functions, and can access information housed in file systems, registries and other data stores. This allows PowerShell to operate more like a programming language versus a simple command-line program.
One thing to note is that cmdlets are not written in PowerShell. They are written in another language, then compiled and made available in PowerShell.
To view the full list of the available commands, run “Get-Command-Type Cmdlet.” Not only do you have access to more than 130 of these commands, but you can also write your own as well. Cmdlets can be used individually, but they’re far more powerful when combined. Use them within scripts first, and then package scripts into more comprehensive modules.
PowerShell functions
PowerShell functions are a sequence of instructions that are formed and achievable simply by invoking them. Its input is parameters, but the output can either appear on the user’s screen or be piped to another function or cmdlet input.
There are two functions: basic and advanced. Obviously, the basic function is the simplest form of the function used in PowerShell. There are no built-in features of inherited features, only a set of curly brackets containing the function’s body.
Conversely, advanced functions have properties of a basic function as well as additional features. These functions carry built-in features which give it more functionality.
Executable commands
Executable commands are utilized to run executable files, which have the .exe extension and are essential components of Windows software. Below, we break down the three main commands used to run .exe files, including their core benefits and potential downsides.
- The “Invoke-Expression” command is widely considered the most popular method due to its simplicity and versatility.
Core benefits
-
- Flexibility: Executes a wide range of expressions, including complex scripts and commands
- Compatibility: Works well in various scripting and automation contexts
- Dynamic execution: Dynamically executes commands and scripts stored in variables or constructed at runtime, providing additional flexibility for automation tasks
- Ease of use: Straightforward to use, allowing users to quickly run executable files without needing extensive knowledge of the command structure
Potential downsides
- Security risks: Can execute arbitrary code, making it susceptible to injection attacks if input is not properly sanitized
- Performance overhead: Evaluates and executes the expression at runtime, which can introduce additional processing overhead, particularly for complex scripts
- Limited error handling: Lacks robust capabilities compared to other methods like “Start-Process,” making it harder to manage and log errors efficiently and effectively
2. The “start-process” cmdlet starts more than one process on your device but gives the same result as the first command.
Core benefits
- Enhanced control: Offers more control over the process by allowing you to specify parameters such as the working directory, window style, output redirection and credentials
- Asynchronous execution: Can run processes asynchronously, enabling other tasks to continue while the process runs in the background
- Error handling: Provides better error handling and logging options compared to simpler methods like Invoke-Expression or Direct Call.
Potential downsides:
- Complexity: Requires more parameters and understanding compared to simpler commands like the ones mentioned above
- Performance overhead: Can lead to higher resource consumption and potential performance issues due to starting multiple processes simultaneously
3. Typing “.\” before the file’s name in PowerShell is essentially the syntax for executing a file in the current directory. For example, typing “.\file.exe” runs “file.exe” located in the current directory.
Core benefits
- Simplicity: Straightforward method to execute files without needing to specify the full path
- Consistency: Works similarly across different scripting and command-line environments, ensuring a familiar process for IT professionals
- Efficiency: Reduces typing effort and potential errors by not requiring the full path
Potential downsides
- Security: Can potentially run malicious scripts if the current directory contains harmful files, especially if used without proper caution
- Limited Scope: Only works for files in the current directory, requiring navigation or additional steps to run files located elsewhere
Overall, while the `.\` syntax is efficient and easy to use, it’s worth noting that all all three of the above methods effectively run the .exe file.
If you do choose to go this route, ensuring the security and correctness of the current directory’s contents before execution is essential.
PowerShell scripts
PowerShell scripts are written with cmdlets, which are then used to create automation for different tasks. There are three types of commands in a PowerShell script.
- The “get” command is used first to retrieve data from a file system.
- The “set” command is used to edit the Windows component information, including assigning properties to different components.
- The “remove” command is used to delete operations completely.
PowerShell scripts differ from PowerShell functions in that while the former are files containing a series of cmdlets and commands to automate tasks, the latter are reusable blocks of code defined within scripts or modules, and encapsulate specific tasks that can be called multiple times within scripts.
TL;DR: Functions provide modularity and reusability, while scripts are broader and execute a sequence of operations.
What can you do with PowerShell automation scripts?
There are tons of ways you can get creative and dream up use cases for these scripts, e.g., find and remove unauthorized apps with a script that helps auto-scan client devices; strip bloatware to simultaneously limit attack service while improving machine performance; monitor CPU usage to reduce performance issues, downtimes and security vulnerabilities.
See below for more examples:
Customize IT ticket routing
Customize IT ticket routing by dynamically assigning tickets based on predefined criteria such as client, request type, or priority. For example, a script can monitor a ticketing system, extract relevant ticket details and apply logic to route the ticket accordingly.
Syncro’s Ticket Automations capabilities are used to create rules and conditions for tickets, then perform a specific action for those tickets that meet the criteria. For instance, if a ticket isn’t routed in X hours, send an alert in Slack.
Define browser security rules
PowerShell automation scripting plays a crucial role in establishing robust browser security rules, which can significantly enhance overall security posture. Using PowerShell, adminis can implement and enforce various browser security settings across multiple systems efficiently and consistently.
For instance, specific scripts can be employed to disable the browser’s password-saving feature, preventing users from storing sensitive passwords locally, which is vital for reducing the risk of credential theft in the event of a security breach.
A practical example includes a PowerShell script from an unofficial Syncro GitHub repository that hardens Chrome and Edge browsers. This script not only disables the password-saving functionality but also automates additional security measures such as blocking dangerous downloads and non-allowlisted extensions, disabling payment autofil, denying Bluetooth and so on.
Detect and deactivate malware
Everyone remembers the infamous WannaCry ransomware attack on 2017 that infected over 200,000 Windows machines running server message block (SMB) v1 – despite Microsoft making it clear since 2016 that you shouldn’t be using. Ane therein lies the problem: Just because a protocol is insecure doesn’t mean a new client has it disabled. So, what to do? (Hint: Scripts.)
The Security – Disable SMB v1 Protocol script from the Syncro community library disables SMB v1 and then reboots the computer. But if you’re still unsure if it’s enabled on the machine and you want to add a check, you can easily just edit the script post-import.
Of course, this is just one example of how you can leverage scripts from within the Syncro library. You can follow a similar strategy for shutting off other protocols to harden your clients’ systems and even combine them into one script specific to “hardening.”
Schedule recurring maintenance
If you work as an MSP or IT professional long enough, you’ll undoubtedly find yourself with an ever-growing list of maintenance tasks you regularly perform to keep things running efficiently.
We advise scheduling these tasks to run automatically for two key reasons: reducing the risk of human error and increasing productivity – if your techs don’t have to worry about routine maintenance tasks, they can focus on more strategic and challenging work that actually does require human attention.
How do you create PowerShell automation scripts?
If you don’t want or have time to write your own script, there are plenty of existing ones out there you can leverage to achieve the same results. For instance, Syncro has powerful cross-platform scripting capabilities, plus a robust community script library and inventory of one-line PowerShell commands to help you enhance your workflow.
Get started with Syncro today
Looking for opportunities to automate your day is only half the challenges for IT folks. Understanding how to leverage automation to fit your wants and needs is the other half. Remember: automation is only a tool and therefore only as effective as the person who wields it.
Luckily, with the right workflows and tooling, you can automate many MSP processes and free your team up to focus on more strategic work.
Start your free trial of Syncro today and explore how our platform gives MSPs everything they need to work effectively – script library, resources, admin tools and more.