Create a GPO for PowerShell 5.0 settings

I’ve written the following piece of code to automate the creation of a Group Policy that would configure all the new PowerShell 5 settings – ScriptBlock Logging, Protected EventLog and Transcripts – that Lee Holmes mentioned in the PowerShell ♥ the Blue Team post.

It should be run from a Windows 10 computer joined to the domain where you’ve the Remote Server Administration Tools (RSAT) installed because of the New-SelfsignedCertificate cmdlet and the GroupPolicy module requirement. If you’ve a PKI, you don’t need the self-signed certificate and may prefer using a certificate issued by your PKI. In this case, you start by enrolling the certificate from your PKI and the demo code below will use that one instead.

Last warning, the C:\Transcripts folder should exist on the computer targeted by the GPO and the NTFS security should be adjusted before applying the GPO.
Unfortunately the GPO doesn’t handle that requirement.

Advertisements

2 thoughts on “Create a GPO for PowerShell 5.0 settings

  1. Pingback: Create a GPO for PowerShell 5.0 settings | Tim Bolton - MCITP - MCTS

  2. Pingback: Dew Drop - July 29, 2016 (#2298) - Morning Dew

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s