Share this post:This blog post is part of an ongoing series by Adam Gordon. Adam will show you how to use each PowerShell command each week. This week, Adam covers New-PSRoleCapabilityFile.
When to use New-PSRoleCapabilityFile?
The New-PSRoleCapabilityFile cmdlet creates a file that defines a set of user capabilities that can be exposed through session configuration files. This includes determining which scripts, functions, and cmdlets are available to users. A capability file is a text file that can be read by humans and contains a hash table listing the values and properties of session configurations. The file can be used by more sessions than one configuration and has a name extension of.psrc.
All the parameters of New-PSRoleCapabilityFile are optional except for the Path parameter, which specifies the file path for the file. The cmdlet will not run if you don’t include a parameter. However, the key in the session configuration file will be commented out, unless otherwise noted in the parameter description.
First, place the role capability file into a RoleCapabilities folder in a valid PowerShell Module folder. Next, refer to the file by name in the RoleDefinitions section of a PowerShell session configuration (.pssc).
This cmdlet was introduced with Windows PowerShell 5.0.
What version of PowerShell do I use?
Get the PowerShell Version for your machine
$PSVersionTable
This command displays the PowerShell version information for your machine.
How to use New-PSRoleCapabilityFile?
Make a blank role capability file
New-PSRoleCapabilityFile -Path “.\AdamITPTV.psrc”
This example creates a new role ability file that uses the default values (blank). These configuration settings can be modified later in a text editor.
Create a role capability folder that allows users to restart services or any VDI computer.
$roleParameters = @Path = “.\VDIMaintenance.psrc”Author = “Adam”CompanyName = “ITPROTV”Description = “This role enables users to restart any service and restart any VDI computer.”ModulesToImport = “Microsoft.PowerShell.Core”VisibleCmdlets = “Restart-Service”, @ Name = “Restart-Computer” Parameters = @ Name = “ComputerName”; ValidatePattern = “VDI\d+” New-PSRoleCapabilityFile @roleParameters
This example creates a sample file for role capability that allows users to restart computers and services that match a particular name pattern. Name filtering can be defined by setting the parameter -ValidatePattern to the regular expression VDId+.
Learn the command last week: New-PSSessionOption.
Do you need PowerShell training? ITProTV offers PowerShell online IT training courses.