Wilson Mar bio photo

Wilson Mar

Hello. Hire me!

Email me Calendar Skype call 310 320-7878

LinkedIn Twitter Gitter Google+ Youtube

Github Stackoverflow Pinterest

Love Child or Demon Spawn?


This article describes the use of PowerShell scripting on Mac and Linux.

“PowerShell” refers to both the command-line shell and scripting language designed system administration.

PowerShell is an object-centered “management engine” that can be hosted in an application program.

  • CMD in Windows
  • PowerShell ISE (from Microsoft)
  • PowerGUI
  • SAPIEN Technologies PowerShell Studio
  • Idera PowerShell Pro

ISE = “Integrated Scripting Environment” is a GUI that provides popup tab completion and other assists.

PowerShell promises more consistency than the various commands added over time by various parties.

  • It reads Excel files natively as well as JSON, XML, and even ASCII.
  • Microsoft Deployment Toolkit
  • Microsoft System Center
  • IBM, etc.

Open source on Linux and MacOS

From the PowerShell and DSC Team YouTube channel:

This 51-minute series of demos was published Aug 18, 2016, the same day PowerShell is open-sourced for all OSs at

This article notes Desired State Configuration for Linux and the promise of SSH support arrived in 2014 (several months before Microsoft open sourced .NET and brought .NET Core to Linux). But “you had to author your scripts on the Windows platform, you had to configure things on the Windows platform and then deliver the desired configuration to a Linux box and have it be configured; now you can do all of that on Linux.”

Install PowerShell on MacOS

QUESTION: Is there a brew powershell?

  1. Click to download the latest release for “OSX 10.11” at:

    Alternately, get back versions at

    Date File MB Size Space Cmds
    Sep 13, 2016 powershell-6.0.0-alpha.10.pkg 28.2 MB ? MB 345
    Aug 10, 2016 powershell-6.0.0-alpha.9.pkg 37.1 MB 119.7 MB
    Jul 26, 2016 powershell-6.0.0-alpha.7.pkg 25.0 MB
    Jul 8, 2016 powershell-0.6.0.pkg 24.2 MB
  2. Open the .pkg file in the Downloads folder:
  3. Click Continue, etc.

    NOTE: For Windows: Microsoft Windows Management Framework 5.0

    In and Out

  4. Open a Terminal shell window to launch PowerShell:


    The response is “PS” in front of the file path prompt:

    Copyright (C) 2016 Microsoft Corporation. All rights reserved.
    PS /Users/...>
  5. Check the version of PowerShell being used by calling a pre-defined variable:



    Name                           Value
    ----                           -----
    PSVersion                      6.0.0-alpha
    PSEdition                      Core
    PSCompatibleVersions           {1.0, 2.0, 3.0, 4.0...}
    GitCommitId                    v6.0.0-alpha.10
    WSManStackVersion              3.0
    PSRemotingProtocolVersion      2.3

    QUESTION: What’s the CLRVersion?

    Versions of PowerShell:

    • 6.0 for Mac/Linux in Windows 10 Anniversay Edition
    • 5.0 in 2015 for Visual Studio Code text editor
    • 4.0 in 2014 with Windows 10 and .NET Framework 4.0 and Windows Management Framework 3.0
    • 3.0 in 2012 with Windows 8/Server 2012
    • 2.0 appeared in 2009
    • 1.0 appeared in 2006
    • Monad Manifesto published by Jeff Stover.

    PROTIP: Know the PowerShell commands known not to work on Linux/macOS.

  6. To leave PowerShell, it’s the same as in Bash scripts:


    When you reuturn, get info:

    get-help stop-service


One text editor built for PowerShell is Microsoft’s Visual Studio Code.

  1. After installing VSCode

  2. Install the PowerShell Editor Services extension by pressing Ctrl+P, then type “ext install PowerShell” for a list of add-ins.

    Ctrl+P is the universal search that also does “fuzzy search” of text in files open.

  3. Click “install” of the extension named “PowerShell”. The icon turns to “installing”.

  4. Open a directory containing PowerShell scripts and open the File menu and select “Open Folder …”. Select the folder containing your scripts.
    The scripts show up in the Explore tab of the Side Bar.

    PROTIP: One advantage using VS Code is its Side Bar enabling you to switch quickly among different files.

    Press Ctrl+B to hide and unhide the Side Bar.

  5. Press Ctrl+\ to open a new editor window.

    Up to three editor panes can be open at once.

    Press Ctrl+1, 2, or 3 to switch among the files.

  6. To edit user settings, press Ctrl+Shift+P, then type “user” and press enter.

  7. Click on “powershell.scriptAnalysis.enable”.

  8. Press Ctrl+Shift+&LT;period> to change value from true to false or back again.

Keith Hill notes debugging support provided by the PowerShell Editor Services extension currently runs only on Windows.

Install .NET Core

PowerShell is written on top of .NET. .NET’s previous dependencies on Windows components have been removed in .NET Core.

PowerShell errors occur if .NET Core is not installed, so:

  1. Go to web page https://www.microsoft.com/net/core#macos

  2. The web page asks for OpenSSL to be installed.

    brew update
    brew install openssl
    ln -s /usr/local/opt/openssl/lib/libcrypto.1.0.0.dylib /usr/local/lib/
    ln -s /usr/local/opt/openssl/lib/libssl.1.0.0.dylib /usr/local/lib/
  3. Click the link to download the 50.3MB


  4. Run the installer (for 106.3MB of space).

  5. Before installing anything or running through the update app, hit Command+i or pull down the File menu and choose “Show Files”:

    • ./shared - Microsoft .NET Core 1.0.1 - Runtime
    • ./host - Microsoft .NET Core 1.0.1 - Host FX Resolver
    • ./dotnet
    • ./sdk - Microsoft .NET Core 1.0.1 - SDK

    These are folders within folder /usr/local/share under “Macintosh HD”.

  6. Edit your Bash shell search PATH to include /usr/local/share/dotnet

    atom ~/.bash_profile

    An example:

  7. Open a new Terminal shell window to run:


    The response:

    Microsoft .NET Core Shared Framework Host
      Version  : 1.0.1
      Build    : cee57bf6c981237d80aa1631cfe83cb9ba329f12
    Usage: dotnet [common-options] [[options] path-to-application]
    Common Options:
      --help                           Display .NET Core Shared Framework Host help.
      --version                        Display .NET Core Shared Framework Host version.
      --fx-version            Version of the installed Shared Framework to use to run the application.
      --additionalprobingpath    Path containing probing policy and assemblies to probe for.
    Path to Application:
      The path to a .NET Core managed application, dll or exe file to execute.
    If you are debugging the Shared Framework Host, set 'COREHOST_TRACE' to '1' in your environment.
    To get started on developing applications for .NET Core, install .NET SDK from:
  8. In a PowerShell invoke this to ensure that it can be done:

    $response = Invoke-WebRequest -Uri "www.microsoft.com" 

Execute script file

I like using script files rather than typing because it allows me to focus on the latest in what is usually a long string of commands necessary in today’s complex world.

To call scripts, an example:

   & ".\basics.ps1"

PROTIP: Make sure that when a file with .ps1 extension is clicked from Folder, the script is not launched to run, but that the script appears in a text editor.

A sample command to invoke the script including an execution policy :

Powershell -executionpolicy remotesigned 
-command { import-module ‘C:\Users\pm\Documents\WindowsPowerShell\Modules\MyTwitter’
 ;Send-Tweet -Message ‘Message_ Twitter2’}

Notice it’s “powershell” and not “powershell.exe” because Mac and Linux don’t recognize .exe.

When a script is signed, its location is locked to a specific full directory path, even when it’s in the current folder.

“remotesigned” is important because if this script has not been digitally signed, one needs to set PS execution policy to “RemoteSigned” (or “Unrestricted”) after reopening PowerShell as an Administrator to run:

By default PowerShell prevents the execution of PowerShell scripts on Windows systems.

Set-ExecutionPolicy RemoteSigned

Get a list of current security settings:

Get-ExecutionPolicy -List | Format-Table -AutoSize

See https://blog.netspi.com/15-ways-to-bypass-the-powershell-execution-policy/


## Verify a signed script can be used #

  1. Set

    Set-ExecutionPolicy AllSigned

Install a signing cert on Mac

To add the CA root certificate (either PEM or DER format) into the OSX global keychain:

  1. Use Finder to navigate to your /System -> Library -> Keychains -> X509Anchors to your own Library -> Keychains.

  2. In a Terminal shell window, run command:

    certtool i mycertificate.crt k=X509Anchors

    Add a “d” at the end for DER format.

  3. Copy your Library -> Keychains -> X509Anchors back to /System -> Library -> Keychains.

    Use sudo.

Automatic logging

Increasingly, hackers are using PowerShell to create havoc.

So it’s a good idea to automatically logging using the start-transcript and stop-transcript commands.

BLAH: The sample script at https://github.com/wilsonmar/git-utilities/ps-auto-log.ps1, causes errors during execution of scripts.

Inside the file:

Windows PowerShell transcript start
Start time: 20161209084850
Username: \root
RunAs User: \root
Machine: macs-MacBook-Pro-4 (Microsoft Windows NT
Host Application: 
Process ID: 40107
PSVersion: 6.0.0-alpha
PSEdition: Core
PSCompatibleVersions: 1.0, 2.0, 3.0, 4.0, 5.0, 5.1.10032.0, 6.0.0
GitCommitId: v6.0.0-alpha.13
WSManStackVersion: 3.0
PSRemotingProtocolVersion: 2.3
Transcript started, output file is ~/Documents/PowerShell/Transcript\2016-12-09T08-48-45-local.txt

PROTIP: This can use up a lot of space quickly, so some management of its use is necessary.

Version Logic: If Then Else

I haven’t found a way to have a Bash script that can also be run as a PowerShell script.

PROTIP: Switching from Bash to PowerShell means a one-time migration and there is no turning back unless you want to maintain parallel scripts.

This is largely because of differences in if/then/else coding. The same if/then/else syntax in PowerShell scripts for Mac and PC is needed for the same script file to be used.

On Bash:

   if [ "$IsWindows" = True ]; then
       echo "Do Windows"

The question is whether a single PowerShell script can really run on both Mac and Windows. Do a parallel run.

For different actions in PowerShell according to type of operating system:

If ($IsWindows -eq True) { echo "IsWindows"}
   echo "Windows"
   # use "C:/Users/%USERNAME%/.ssh/id_rsa.pub"
ElseIf ($IsOSX -eq True) {"IsOSX"}
   echo "OSX"
   # use "~/.ssh/id_rsa.pub"
Else {"Something else"}

NOTE: Because braces define actions, there is no “end if” (“fi”) in PowerShell.

Comparison Operators

-eq / -ne / -ge

-Like / -NotLike wildcard string - $name -Like “*sh”

-Match / -NotMatch regular expression - $name -Match “sh$”

-Contains / -NotContains a value in array - $name -contains “jo”

-In / -NotIn Is a value in an array - “joe” -in $name

Logical operators



-Xor = Logical exclusive or.

Tilde and Providers

PROTIP: Use $home instead of the tilde (~) in PowerShell because tilde does not always represent the the user’s home folder as in Linux. This is because PS has different “providers” that include HKLM and HKCU top-levels in the Windows Registry. Get a list of providers and disk space:


The response:

Name           Used (GB)     Free (GB) Provider      Root                      
----           ---------     --------- --------      ----                      
/                 386.19         78.43 FileSystem    /                         
Alias                                  Alias                                   
Cert                                   Certificate   \                         
Env                                    Environment                             
Function                               Function                                
Variable                               Variable                 

PowerShell calls files “items” as a term that groups files with registry keys and variables.

returns the Mode and LastWriteTime of the user.

Instead of “mkdir” to create folders, use


To list files in a folder, it’s the same as in Bash:

ls -al

PowerShell cmdlets (command-lets) enables computers to be managed from the command line, much like Bash shell scripts on Linux machines. How many are there?



Handling secrets

PROTIP: Files containing secrets, such as passwords and certificates are NOT stored in GitHub nor script files, but in a separate location, and backed up among other local files.

The secrets are retrieved into the script at run-time.

See my tutorial on GitHub Data Security

Hash tables

BTW, keys in a hash table must be unique.

Hash tables are used throughout PowerShell.

An example of a REST API call:

$headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]"
$headers.Add("X-DATE", '9/29/2016')
$headers.Add("X-SIGNATURE", '234j123l4kl23j41l23k4j')
$headers.Add("X-API-KEY", 'testuser')
$response = Invoke-RestMethod 'http://example.com/api/people/1' -Headers $headers

Sort a hash tables using the GetEnumertor():

   $source.GetEnumerator() | Sort name | select -first 5


Get-Service m* | where {$_.status -eq ‘running’}
Get-Service m* | where status -eq ‘running’

The “$_” represents the current object in v2 can handle more complexity than v3 syntax:

Alias not parameters

Many Bash commands work in PowerShell (ls, cat, echo) because Aliases make many commands in Bash scripts work:

get-alias echo

The response is “Write-Output”, which is what is executed.

BLAH: Many parameters to aliases are not recognized. For example, this common command results in an error:

ls -al

Instead, use:

dir -File | format-table

NOTE: dir is an alias to Get-ChildItem.


Write-Host $env:computername -foreground Green

”–passthru” means do not go through Pipeline.

You can reset a default alias.

Environment Variables

PROTIP: Environment variables defined in Bash scripts can be read by PowerShell scripts and visa-versa.

Lists of environment variables:

   dir env:\
   Get-ChildItem Env:

The command “dir” is an alias of Get-ChildItem.

For the value of a single environment variable:

Get-ChildItem Env:USER


Instead of “rm -rf” in Bash: https://blogs.technet.microsoft.com/heyscriptingguy/2012/02/22/the-best-way-to-use-powershell-to-delete-folders/

   Remove-Item -path c:\* -Filter *text* -WhatIf

“-WhatIf” specifies a dry-run.

Combine files

Ro add the content of several files into a single text file:

   Get-Content "directory path"\*.txt -Force | Set-Content "directory path"\results.txt


PS has some smarter parameters, such as filtering for files only and running recursively into sub-folders:

dir c:\work*.ps1 -file -recurse

All PowerShell cmdlets follow a standardized verb-noun naming convention that makes it easy to look up, find, and use cmdlets. For a list of all the verbs:


REMEMBER: Capitalization counts within PowerShell.

get-command -verb export
get-command -noun ACL


Only 25% of cmdlets are shipped with paths.


PROTIP: Don’t use “+” for string concatenation.

.NET Framework members

Initially built on Microsoft’s .NET Framework, PowerShell can refer to a static .NET member in square brackets with two colons to specify Pi:


It’s wonderful that PowerShell doesn’t require an echo to display the value of objects.

To delete a file in the .NET I/O directory object:


The issue with using .NET objects is that they may execute in a different folder context than PowerShell.

TODO: $prompt

Other pre-defined variables

  1. To count the number of cmdlets:


    To get the current folder:

    $MyFileName = "data.txt"
    $filebase = $PSScriptRoot + "\" + $MyFileName

    Alternatively, use (since v2):

    (Resolve-Path .\).Path

    This returns a PathInfo object.

    $scriptDir = Split-Path -Path $MyInvocation.MyCommand.Definition -Parent


Based on http://ss64.com/ps/syntax-dateformats.html

   Get-Date -Format "yyyy-MM-dd HH:mm"
$time = (Get-Date).AddDays(-30) -Format "yyyy-MM-dd HH:mm" $dirName = [io.path]::GetDirectoryName($path) $filename = [io.path]::GetFileNameWithoutExtension($path) $ext = [io.path]::GetExtension($path) $newPath = "$dirName\$filename $(get-date -f yyyy-MM-dd)$ext"

Zip files using functions

# http://www.adminarsenal.com/admin-arsenal-blog/powershell-zip-up-files-using-.net-and-add-type/
$SourceFolder    = "C:\temp\Zip This Folder"
$DestinationFile = "C:\temp\NewZip.zip"
$Compression     = "Optimal"  # Optimal, Fastest, NoCompression
Zip-Directory -DestinationFileName $DestinationFile `
    -SourceDirectory $SourceFolder `
    -CompressionLevel $Compression ` #Optional parameter
    -IncludeParentDir #Optional parameter
function Zip-Directory {
      [Parameter(Mandatory=$False)][string]$CompressionLevel = "Optimal",
    Add-Type -AssemblyName System.IO.Compression.FileSystem
    $CompressionLevel    = [System.IO.Compression.CompressionLevel]::$CompressionLevel  
    [System.IO.Compression.ZipFile]::CreateFromDirectory($SourceDirectory, $DestinationFileName, $CompressionLevel, $IncludeParentDir)


Instead of just parsing text (as *Nix shells do), PowerShell works with objects in a pipeline.


To list all variables defined and their values:

Get-Variable | Out-String

PROTIP: With PowerShell, it’s best to use out-file instead of “>” redirect character:

dir -file -hidden | out-file -filepath rootfiles.txt

Error handling:

Use preference variables for stream redirection:

1> Success 2> Error 3> Warning 4> Verbose 5> Debug

NOTE: Can Only merge to the success stream.

$Error is the automatic array that stores the last 256 exceptions (objects in error) - the default $MaximumErrorCount.

Error action preferences:

0 = Silently Continue
1 = Stop
2 = Continue
3 = Inquire
4 = Ignore [parameter value only]

Module to call REST API

This suggests:

   $J = Invoke-WebRequest `
   -Uri http://search.twitter.com/search.json?q=PowerShell `
    | ConvertFrom-Json

PROTIP: To press the trailing back-tick that breaks up a command into several lines, press the key at the upper left corner of the keyboard with your left hand while you press shift key using your right hand.

A space character is required before the tick.

PROTIP: Break up long text into a string block (which Microsoft calls here-string):

$string = @"
item1 = value1 
item2 = value2
$hashtable = ConvertFrom-StringData -StringData $string

The output is:

Name                           Value                                           
----                           -----                                           
item2                          value2                                          
item1                          value1   

From https://apps.twitter.com/ define a new app. In Permissions tab, select Read-only. Click Update Settings. In Key and Access Tokens tab, click “Create my access tokens”. Copy the Consumer Key (API key) and paste in ~/.passwords as TWITTER_TOKEN.

It takes many lines to mess with OAuth, so I make use of Adam’s library for Twitter’s v1.1 API described at:

  1. https://gallery.technet.microsoft.com/scriptcenter/Tweet-and-send-Twitter-DMs-8c2d6f0a
    called “Tweet and send Twitter DMs with Powershell”.

    Adam’s “MyTwitter.psm1” I’ve download had 229 lines on 8/31/2014.

    PROTIP: The “.psm1” extension means it’s a PowerShell module.

    I used a text editor to edit the file to paste in variables for the 4 credentials from Twitter.

       [string]$ApiKey    = $SECRETS.TWITTER_APIKEY,
       [string]$ApiSecret = $SECRETS.TWITTER_APISECRET,
       [string]$AccessToken = $SECRETS.TWITTER_ACCESSTOKEN,
       [string]$AccessTokenSecret = $SECRETS.TWITTER_APISECRET

    I then saved the module in the same GitHub folder as my script, and added a command to pull the module into the script:

    Import-module "../MyTwitter.psm1"

    Alternately, Copy-install the module to your $env:PSModulePath

    See http://www.powershellgallery.com/gettingstarted

    PowerShellGet from the Windows PowerShell Framework 5.0

    The alternative is to put the module in the PSModulePath, which enables tab completion to complete the names of commands from modules that are not loaded.

    The module has these functions:

    • Get-OAuthAuthorization
    • Send-Tweet
    • Send-TwitterDm

  2. Paste in your PowerShell script:

    Send-Tweet -Message '@adbertram Thanks for the Powershell Twitter module'

    BTW, PowerShell cmdlets in https://github.com/Iristyle/Posh-GitHub is only for use on Windows.

Trevor Sullivan (@pcgeek86) made a 20:40 video Mar 17, 2016

A PowerShell Module for manipulating PowerShell Profiles by Thomas Malkewitz


curl is an alias for Invoke-WebRequest in PowerShell.

   Invoke-RestMethod `
   -Method Post `
   -Uri "$resource\new" `
   -Body (ConvertTo-Json $body) `
   -Header @{"X-ApiKey"=$apiKey}


## JSON from REST API #

To extract out a key from the JSON file:

   $x.Stuffs | where { $_.Name -eq "Darts" } 


Profile scripts

Jeff Hicks notes these profile scripts execute automatically at start:

To view all profiles:

$profile | select *

Folder Script file Script name
C:\Windows\ System32\ WindowsPowerShell\ v1.0\ profile.ps1 AllUsersAllHosts
Microsoft.PowerShell.profile.ps1 AllUsersCurrentHost
Microsoft.PowerShellSE.profile.ps1 AllUsersCurrentHost (ISE)
C:\Users\<user>\Documents\ WindowsPowerShell\ or /Users/<user>/ .config/powershell/ Microsoft.PowerShell.profile.ps1 CurrentUsersAllHosts*
profile.ps1 CurrentUserCurrentHost
Microsoft.PowerShellSE.profile.ps1 CurrentUserCurrentHost (ISE)
  • = This is the one shown when $profile is typed in.

API calls

Corporate IT departments often use Group Policies.

$Headers = “Authorization: token ${GITHUB_TOKEN}” echo “Headers=$Headers” # DEBUGGING

$Token=$GITHUBUSER +’:’+ $SECRETS.GITHUB_TOKEN; $Base64Token=[System.Convert]::ToBase64String([char[]]$Token); $Headers = @{ Authorization = ‘Basic(0)’ -f $Base64Token; }; # -f is for substitution of (0). # See https://technet.microsoft.com/en-us/library/ee692795.aspx # Write-Host (“Headers=”+$Headers.Authorization) $Headers = “{ Authorization: = Basic $GITHUB_TOKEN }” # -f is for substitution of (0). # See https://technet.microsoft.com/en-us/library/ee692795.aspx Write-Host (“Headers=”+$Headers)


  1. Stephane shows this command to move (pipe) png files from Desktop to Pictures folder:

    Get-ChildItem -Filter '*.png' | Move-Item -Destination '../Pictures'

    A variable can contain an array:

    $files = dir c:\script -file
    Foreach ($file in $files){
       $fileage = ((get-Date)) - $file.LastWriteTime )
       "$($file.name) = $fileage" | Out-File ...

    Remotely restart a server

More Libraries


Read in CSV file

This blog gives an example of importing a CSV file:

$data = Import-CSV C:\scripts\moviedata.csv

Sorting by date requires creating a new property:

   $data | Add-Member -MemberType ScriptProperty `
   -Name "OpensIn" `
   -Value { [int32]((($this.ReleaseDate `
      -as [DateTime]) - (Get-Date)).TotalDays)  }

The new property persists, so can be used this way:

   $data | 
   Sort "OpensIn" |
   Select Title.ReleaseDate.OpensIn.Coments

More on DevOps

This is one of a series on DevOps:

  1. DevOps_2.0
  2. User Stories for DevOps

  3. Choices for DevOps Technologies
  4. Java DevOps Workflow
  5. AWS DevOps (CodeCommit, CodePipeline, CodeDeploy)
  6. AWS server deployment options

  7. Digital Ocean
  8. Cloud regions
  9. AWS Virtual Private Cloud
  10. Azure Cloud Powershell

  11. Git and GitHub vs File Archival
  12. Git Commands and Statuses
  13. Data Security GitHub
  14. Git Commit, Tag, Push
  15. Git Utilities
  16. GitHub API

  17. TFS vs. GitHub

  18. Jenkins Server Setup
  19. Jenkins Plug-ins
  20. Jenkins Freestyle jobs
  21. Jenkins2 Pipeline jobs using Groovy code in Jenkinsfile

  22. Dockerize apps
  23. Docker Setup
  24. Docker Build

  25. Maven on MacOSX

  26. Powershell Ecosystem
  27. Powershell on MacOS
  28. Powershell Desired System Configuration

  29. Ansible

  30. MySQL Setup

  31. SonarQube static code scan

  32. API Management Microsoft
  33. API Management Amazon

  34. Scenarios for load