PSHSummit: Managing PowerShell in the Enterprise Using Group Policy

PowerShell Summit North America 2015

Do you want to meet other people enthused about PowerShell? Do you wish you had access to experts who could answer all of your PowerShell questions… in person? Yes? The PowerShell Summit is your opportunity hosted in the United States and Europe each year. I highly recommend that you follow #PSHSummit on Twitter and get your registration in early, because it fills up fast. This year there were nearly 40 sessions over three days. The good news is that you can watch them on the YouTube channel.

I have had the honor of presenting at two PowerShell Summit events now. I must say this is the one conference that out-ranks them all when it comes to PowerShell. Imagine people from all over the world, many MVPs, many product group team members, and many people there to learn, all focusing on the many facets of PowerShell. Here I get to meet people I’ve only seen on blogs, Twitter or Facebook in the PowerShell community. They keep it small so that you get plenty of time to mingle, network, and ask questions.

Managing PowerShell in the Enterprise Using Group Policy

This year I presented two sessions. Due to my own user error the first one did not get recorded. However, the second one is now available on YouTube.

I wanted to educate the community on how to make PowerShell usable in the everyday world at scale. For example:

  • How can I enable remoting for all of our desktops so that the helpdesk can leverage PowerShell to make their job easier and close tickets faster?
  • How can I remotely trigger a group policy update on a client?
  • How can I log the PowerShell commands that admins (rogue or otherwise) are running on my servers?
  • ...and much more

Here is the session abstract:

If you're like me you enjoy geeking out on all the bells and whistles of PowerShell. Leveraging that schweetness across thousands of machines is a key goal. Managing PowerShell in the enterprise is a different conversation that does not get enough visibility. So much of the PowerShell content in the community is geared towards features rather than operations. The goal of this session is to get into the nitty gritty of making PowerShell effective in your enterprise-scale environment with Group Policy. What setting are available? What are my options for managing client and server settings of PowerShell? Come find out about mass configuration of execution policy, module logging, Update-Help, WSMAN, and more. These topics sound simple on the surface, but they quickly spiral into some interesting conversations.

In this session I also cover some of the new logging features in KB3000850 and WMF 5.0. You can now set a system-wide PowerShell transcript and turn on script logging to the PowerShell event log. With these enabled you can now track every line of script that gets executed on your servers. Now that is auditing! See the WMF 5.0 release notes on the download page for more information.

The chart below appears in the slides in the video and in the slides attached at the bottom of this post. It summarizes the core PowerShell group policies and where they are available.

I demonstrate all of these in the video, plus other bonus items like Invoke-GPUpdate.

Download my demos scripts and slides via the attachment at the bottom of this post.  Enjoy!

Managing PowerShell in the Enterprise Using Group