Infrastructure Testing Challenge for PowerShell

It is time for one more PowerShell scripting challenge before the end of summer in the Northern Hemisphere. The Chairman recognizes the value in testing code using tools like Pester. You can also use Pester to create tests to validate infrastructure. That is, you can write a test suite to run against a live system. This is what The Chairman has in mind for your next challenge. This task has intermediate and advanced levels.

Intermediate

Create a Pester test script that you can run with Invoke-Pester. The test should process a list of Windows computers and test for the following:

  • PowerShell 7 Remoting is enabled.
  • The WinRM service is running and set to auto-start.
  • PowerShell 2.0 is disabled.
  • The Remote Registry service is NOT running and is disabled.
  • There is at least 50% free space on drive C:.
  • There is at least 40% free physical memory.
  • The system has rebooted in the last 90 days.

Advanced

Advanced users should add these elements to their test:

  • The machine execution policy is set to AllSigned.
  • Anti-malware virus protection is enabled and has been updated in the last 30 days.
  • Ensure that routing and remote access inbound firewall rules are disabled.

Notes

  • Please do not run your test against production systems. You should use a test environment. If you only have a single system to test with, use the same system repeatedly in the list.
  • Pester v5 was recently released and takes a different approach compared to prior versions. You will need to write your test for the correct version and ensure the correct version of Pester is used.
  • If possible, write your test using Pester v5.
  • Your code should run in both Windows PowerShell and PowerShell 7 on Windows.
  • Support the use of alternate credentials. You may need to embed the credential. Can you do it securely?
  • Make the list of computers external to the Pester test so that it can be modified without editing the test itself.
  • Once your test is working, write a small piece of code to run the test and only display systems that fail the test. Or as an alternative, give your servers a grade based on the percentage of tests that they pass.

If you are new to Pester, or want to see what is new in v5, take a look at https://github.com/pester/Pester.


Leave a Reply

Your email address will not be published. Required fields are marked *