Trust, but Verify

PowerShell for Admins

The PowerShell code you write can turn up in interesting places. Production services might rely on it. Your co-workers might take a peak and borrow ideas from it. You might decide to share it online. Someone might see your code online and use it in their own solutions.

Hit the link for a quick bit on how we can help create more reliable, consistent, and secure solutions. Simplified to one line: always ask yourself "what could go wrong?"

What do you think? Is this over the top? Do you have any funny or awe-inspiring-train-wreck stories that resulted from assumptions around PowerShell or other code?

I've been lucky so far. My scariest moment? A while back, I was testing some code against a test server or two with Invoke-Parallel. Oops! The code to pull test systems hit a bug, and pulled all computer accounts. A number of domain controllers were hit before I could press ctrl+c. After recovering from a minor heart attack, I realized the code was benign, quickly fixed the bug, and broke the bad habit of running with a high-privilege account.


One Response to " Trust, but Verify "

  1. I’m always using -whatif, if it’s harmful code. Even if it’s obvious what the code will do, I still use -whatif. I also learned in the bad way. Always use it when you don’t have a test environment available (which shouldn’t be too hard actually, with Hyper-V builtin Windows 8/10 now 🙂 )