Remedying Shell Shock: Using PowerShell with JumpCloud

Written by Daniel Fay on December 10, 2020

Share This Article

In this post, we’ll solve the mystery of PowerShell and explain how to use it with JumpCloud. We’ll start by covering the history of shells and how you can use them to automate processes to reduce the time you spend on routine tasks. Next, we’ll dive into how you can use PowerShell on different operating systems. Finally, we’ll look into using PowerShell with the JumpCloud cloud directory platform.

Shell Shock: History of Shells

Starting in IT (or in the world of technology), more and more technologists have become accustomed to an easy-to-follow and intuitive user interface. Look at any program or platform today and you’ll likely find a wide variety of visually captivating interfaces, intuitive reports, and interactive graphics. Although UIs make many tasks easier and are great for productivity, many tasks can only be done from the command line. 

In the early 1990s, UIs were available but basic — think Windows 95 on a 10-inch CRT monitor in greyscale. Although UIs were the way of the future in those times, many generations of admins can relate to the old-school world of CLI, Unix systems, and DOS/C/K/Bash shells. Back in the day, this was the only method to interact with applications, systems, and platforms. 

For newer admins and technologists accustomed to modern operating systems, the shell and command-line interfaces can create anxiety, hesitation, and habits of avoidance. The goal of this series is to make PowerShell less scary by giving you fundamental skills to help you get work done faster.

What the Heck is a Shell?

Programs and operating systems (OS) at their core are just many, many lines of code. The shell is just one way of interacting with the operating system or different resources within the OS. Shells can be either command-line interfaces (CLI) or graphical user interfaces (GUI). It is the outer interface (shell) to interact with the core OS or application.

If you used computers in the late ‘80s to early ‘90s and ran a command line interface-only machine, that in its basic definition was interacting with a shell. Unix and Linux systems had variants of Bash, C shell, K shell, or Bourne shell (with many other alternatives as well). Microsoft had command line interfaces on its much older OSs, and then the shell took a new facade with releases of NT 3.5 and more widely adopted Windows 95 — the GUI.

GUIs started to replace command-line shells and became more common as the years went by. More and more admins and users alike rarely, if ever, touched the CLI if a GUI was present. These powerful and magical tools started to be put to the side, and the IT engineers and admins who could wield the CLI and scripting could be considered your office’s wizards.

Utilizing the shell — whether it be through PowerShell, bash, or Bourne — gives increased potential to any admin wanting to automate their day. Think of trying to make changes across several hundred objects. Would you really want to do this via the GUI for each object? Using a shell to script changes en-masse can achieve your task in fractions of the time it would take using a GUI or conventional method. With a command or two, you can change attributes across hundreds of objects within seconds, not hours. 

With the modernization of many realms of IT, we can easily demystify the lost art of the shell. 

Understanding Shell Syntax

Each OS has its own shell(s) and only listens to specific dialects through the shell. This dialect can be called the syntax. Syntax is the language used to form written commands in the shell. Think of the way that you write a sentence in English. For example, Subject → Verb → Predicate, with some other variables, such as a direct or indirect object thrown about. 

Writing shell commands and scripts is much like writing sentences, using syntax as the building blocks just like you would words and phrases. Variables like the UserID and String act as modifiers, which you use to specify which object you would like the command to act on. Other parameters, such as the -ByID and CommonParameters allow you to more finely control your query or action. Using a command like this one allows you to pull information from your directory and make changes at scale, automating processes that take significantly more time when performed manually.

What is PowerShell?

PowerShell was originally built and made to only run on Windows operating systems. Recently, however, it was opened up to the public for Mac and Linux systems as well. This is a huge benefit for admins — being able to use one tool across any OS makes life easier. The fact that the tool is PowerShell makes admin life better because of all the options out there, PowerShell is arguably by far the most capable and unique in its way of syntax, but also flexible on what you can write. 

Whether you’re looking to get quick reports or status updates to full on automation, PowerShell is one method to easily interact with any of your operating systems or other services, such as the JumpCloud Directory Platform. 

PowerShell Syntax

PowerShell is an object oriented shell, meaning that each command you write is targeting a thing within the environment. Again, going back to our written English and grammar example from last time, you’re writing a sentence to describe or find the direct object. 

For example, to list all available commands with the word Get in their name can be written like this: 

Get-Command -Name *Get*

This would list all the PowerShell commands you can run by its Name containing the value Get.

So why PowerShell? Why not Bash or C Shell? Because PowerShell is native to Windows and has been opened up to Mac & Linux Systems as well, this opens the doors for possible areas to run shell scripts and commands.

There are hundreds if not thousands of possible commands within PowerShell that you can leverage for work, although remembering all them is next to impossible. There are many good cheat sheets across the web which go over the top most used PowerShell Commands to get you eased into using the command line. If you’re interested in a cheat sheet or another beginner’s guide to PowerShell, the authors over at Comparitech have written an amazing intro to PowerShell guide. Otherwise if you’re looking for a much more advanced and in-depth document and reference, Microsoft’s got you covered there too. 

PowerShell and JumpCloud

Organizations using the JumpCloud Directory Platform can use PowerShell to manage and control their Windows, Mac, and Linux devices.

If you haven’t already, you’ll want to download and install the JumpCloud PowerShell Module for your current OS. Imagine the JumpCloud PowerShell Module as a plugin for PowerShell, allowing you to authenticate and interact with your JumpCloud tenant.

Another example using JumpCloud’s PowerShell Module, could be a simple command to see what all JumpCloud Commands are available using the same format above and type: 

Get-Command -Name *JC*

This will output an easily legible table with all the available JumpCloud PowerShell commands that you can use to interact with your JumpCloud tenant. 

Writing single line commands is great for doing quick queries or simple actions, but no good story or tale was written in a single line. By leveraging multiple lines, variables, and by combining simple singular lines together, you can now create massively powerful scripts. 

Reworking the Script

Throw out everything you know about scripts while disregarding any fears or anxieties you have around the command-line. Scripting can be easy, fun, and make your life 10x easier the more you use it. Before writing a script you should think of a key objective or goal that you would like to accomplish. Going into writing a script, you should have a clear understanding of what you would like to be able to achieve, then you can go into writing the draft. 

PowerShell executable script files are saved and written with the ps1 file extension. You can then execute these scripts via PowerShell by running the following command in the prompt:

./script_name.ps1

Luckily if you’re just starting with JumpCloud and PowerShell, we have a full GitHub Wiki with all of the commands that you can use to manage your JumpCloud organization. If you leverage these pre-written commands in tandem with your tenant, you could easily compile a script to perform a specific action. 

Imagine you are looking to list all Users without MFA enabled on their accounts, enable MFA on your Users, as well as enabling MFA on a System Group’s systems that do not have it enabled already. This can be done through the UI with several clicks through a few different menus, or could be easily compiled within a script where you can perform both tasks with a singular call.

For example, contents of a script to achieve this could be: 

#Get all Users with MFA disabled on their JumpCloud User Account and enable it#

Get-JCUser -enable_user_portal_multifactor $false | Set-JCUser -enable_user_portal_multifactor $True

#Get all Systems within the All Systems Group with MFA disabled and enable it#

Get-JCSystemGroupMember -GroupName “All Systems” | Set-JCSystem -allowMultiFactorAuthentication $true

Using JumpCloud’s GitHub Wiki, there are a boatload of PowerShell Commands which are pre-written for many of your daily tasks that you could do within JumpCloud. You could either copy and paste these commands straight into the JumpCloud PowerShell Module window, or you could compile several of these commands into executable ps1 script files. 

As JumpCloud builds out more and more of the product, the JumpCloud PowerShell Module is updated so you have the power and flexibility to manage your JumpCloud tenant with a few commands or a few simple scripts. 

Automate Your Day

When it comes down to brass tacks, all admins generally want the same thing. A day where they can hit a few buttons or run a few scripts and be off about their day focusing on higher priority projects or tasks. With automation, leveraging JumpCloud’s PowerShell Module, you can do that with relative ease.

Even if you’re new to the shell world and are not acquainted with scripting, we’ve provided a well written library and wiki within our GitHub page, blogs, and other resources. We believe that a day in the life of an admin shouldn’t be burdensome and littered with dozens of minor tasks. You should be able to execute a task simply within either a few clicks in the Admin Portal or within a simple script using the JumpCloud PowerShell Module. 

If you’re unsure about running certain commands or want to test your scripting before running it in production, we got you! You can simply sign up for a free JumpCloud account with up to 10 users and 10 devices for life today if you haven’t already created one. Use this secondary free account for your testing while leaving your production JumpCloud tenant alone. This flexibility gives you the power to test your scripts in a test environment first before running them in your production environment to ensure your syntax and commands are what you want them to be. 

If you’re interested in understanding more about PowerShell, JumpCloud, or our API, check out the resources below for more details!

Resources

JumpCloud PowerShell Module Wiki

JumpCloud PowerShell Module Command Basics

Sign up for a free JumpCloud Org with 10 users and devices — no credit card required

Evolution of the JumpCloud PowerShell Module

Managing a Cloud Directory with PowerShell

JumpCloud’s API Documentation

Daniel Fay

Daniel Fay is a Product Marketing Manager at JumpCloud.

Continue Learning with our Newsletter