Changing the Temp module directory

Welcome Forums General PowerShell Q&A Changing the Temp module directory

This topic contains 2 replies, has 2 voices, and was last updated by

 
Participant
9 months ago.

  • Author
    Posts
  • #94369

    Participant
    Points: 22
    Rank: Member

    Is there a way to define the temp path that a module uses?

    For example:
    When I load the Exchange Management Shell, it loads the module in the following path (* is a wildcard):
    c:\users\username\appdata\local\temp\tmp_tb5oo4kc.dnb\exchange_server.contoso.com.psm1

    I'd like to specify that the temp module should be loaded to a defined path. Does that sound like something that can be done?

  • #94440

    Participant
    Points: 229
    Helping Hand
    Rank: Participant

    You really cannot change what the EMS does directly, and I don't know of a workaround for what you are asking.
    Since the EMS will do this each time for each individual user who logs in and uses the EMS, I am not sure that what you ask is really prudent thing to try.

    I would like to ask, why this bothers you, that you feel the need to want to change it, or what benefit you feel you'd get by doing so. Just curious.

    Many product 'PowerShell Hosts' do this, not just EMS. Remember the EMS is really doing nothing more than using the same PSRemoting connection string as you would do if you'd implicitly remote to Exchange from a remote host.

    EMS shortcut properties specifically show it calling another script called 'RemoteExchange.ps1'

    C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -noexit -command ". 'C:\Program Files\Microsoft\Exchange Server\V15\bin\RemoteExchange.ps1'; Connect-ExchangeServer -auto -ClientApplication:ManagementShell "
    

    I've had no cause to mess with it, or any of the .ps1, .psd1 in the named folder. Personally, IMHO one would be ill-advised to do so.

    • #94447

      Participant
      Points: 22
      Rank: Member

      Yeah, I'm not liking the idea of doing it any more than you are.

      Our security team uses an application whitelisting tool and decided to place it into high-enforcement mode. It blocks PowerShell scripts from running. So I went and started implementing code-signing to all of my scripts and had them whitelist anything signed by Microsoft or one of our CA trusted certs.

      The problem is that when a module is loaded, that temp .psm1 file is not signed which causes it to be blocked.

      If we were able to change the location of the temp path, then we could place a whitelist on any .psm1 files in said path. We can do it for the appdata/local/temp path, they would just rather whitelist a custom path than the default.

The topic ‘Changing the Temp module directory’ is closed to new replies.