Hey, Scripting Guy! Quick-Hits Friday: The Scripting Guys Respond to a Bunch of Questions (11/20/09)


Bookmark and Share

In this post:


Troubleshooting a Windows PowerShell Script Using the Replace Operator

Hey, Scripting Guy! Question



Hey, Scripting Guy! I am learning Windows PowerShell in preparation for a Windows 7 and Server 2008 rollout. In the How Can I Use Windows PowerShell to Replace Characters in a Text File? post, you use the replace operator. I tried to use the replace operator, but it didn’t work from an interactive shell. Does this only work from inside a script? Here is an example:

$a = “apple”

$a -replace “a”, “b”

It would output what I wanted, but when I would enter $a, it would still print apple. It only overwrites the existing value of $a when I run this from a script, not interactively.

Do you have any suggestions?

— SC


Hey, Scripting Guy! AnswerHello SC,

You are not storing the value that is being replaced inside a variable. You are merely replacing the value that is displayed, but not the value that is stored. You need to write back to the $a variable. This is seen here:

Image of writing back to the $a variable



How Can I Get a List of Certificates and Their Expiration Dates?

Hey, Scripting Guy! Question


Hey, Scripting Guy! Is there any way to get a list from Microsoft Certificate Services of the certificates and their expiration dates?


— SM


Hey, Scripting Guy! Answer Hello SM, 

Using Windows PowerShell, it is easy. You can use the Get-ChildItem cmdlet on the Cert: drive. The Get-ChildItem cmdlet has an alias of Dir, so it is easy to remember. If you wish to see all of the certificates in all of the stores, you can use the -recurse switch. To see the expiration date of your certificates, use the Dir command on your certificate drive. The expiration date is the NotAfter property. This is seen here:

PS C:> dir cert:CurrentUser -Recurse



Name : SmartCardRoot


Name : UserDS


Name : AuthRoot


Subject      : CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C


Issuer       : CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C


Thumbprint   : E12DFB4B41D7D9C32B30514BAC1D81D8385E2D46

FriendlyName : USERTrust

NotBefore    : 7/9/1999 2:31:20 PM

NotAfter     : 7/9/2019 2:40:36 PM

Extensions   : {System.Security.Cryptography.Oid, System.Security.Cryptography.Oid, System.Security.Cryptography.Oid, S



To determine if a certificate is expired, check the value of the NotAfter property and compare it to the value of the current date. If the NotAfter property is less than the current date, the certificate is expired. This is seen here:

PS C:> dir cert:CurrentUser -Recurse | Where { $_.NotAfter -le (Get-Date) }



Name : SmartCardRoot


Name : UserDS


Name : AuthRoot


Subject      : OU=Class 3 Public Primary Certification Authority, O=”VeriSign, Inc.”, C=US

Issuer       : OU=Class 3 Public Primary Certification Authority, O=”VeriSign, Inc.”, C=US

Thumbprint   : 4F65566336DB6598581D584A596C87934D5F2AB4

FriendlyName : VeriSign

NotBefore    : 1/28/1996 7:00:00 PM

NotAfter     : 1/7/2004 6:59:59 PM

Extensions   : {}



Can I Change a Registry Value on 200 Computers?

Hey, Scripting Guy! Question


Hey, Scripting Guy! I need to change a value in the registry. The registry key is listed here:

HKEY_CURRENT_USERIdentities{GUID for Identity}SoftwareMicrosoftOutlook

The problem is that I need to change this value on 200 computers. Is there a way to write some constant instead of the real GUID for Identity?

— MK


Hey, Scripting Guy! AnswerHello MK,

I don’t think so because the GUID is what Outlook Express uses to keep track of the different users. What you will have to do is to read the value that is stored in the identities key and store the GUID that is returned in a variable. After you have that value, you can proceed to modify the child keys. Because you want to get this on 200 computers, you will need to use the WMI stdregprov class if you wish to run remotely, or you can use the VBScript registry classes if you will do this via login script.

Of course, Windows PowerShell makes it extremely easy to work with the registry, but based upon the registry key you are modifying, I doubt you have Windows PowerShell installed on all of your desktop machines yet.

Here are some registry scripts from the Script Repository that might help (you can refine the search results by selecting languages and other options from the lower left side of the screen).

In addition to the scripts from the Script Repository, you may be interested in some of the Hey, Scripting Guy! posts that talk about modifying the registry. The Hey, Scripting Guy! posts can provide you with more information than simple script samples (you can further refine the search results by clicking the keywords in the tag cloud above the list of articles).



How Can I Use Windows PowerShell to Delete Folders Within a Directory?

Hey, Scripting Guy! Question


Hey, Scripting Guy! As a complete newbie to Windows PowerShell scripting, I seek your advice. Usually, I would use a DOS batch file to complete this task, but Powershell is the way to go and so what better way to start learning than with a real life example?

I have a number of folders within a directory, all with files inside (the numbers at the end are randomly generated). The folders are shown here:




I would like to delete the folders. I could use an old school loop through with FOR /F and RMDIR, but how would I do this using a Windows PowerShell script?

— AS


Hey, Scripting Guy! AnswerHello AS, You could use the Del command (an alias for the Remove-Item cmdlet). Here is an example:

Dir C:test  | Del -recurse


This code deletes all of the files and folders in the C:test folder, but does not delete the C:test folder itself. To delete the C:test folder and all of its contents, use the command seen here:

del  C:test –Recurse




p style=”MARGIN: 0in 0in 8pt” class=”MsoNormal”>

Can I Use a Script to Connect to IPP Printers Through http://pserver/printer?

Hey, Scripting Guy! Question


Hey, Scripting Guy! I hope you can help me with this because I can’t find a straight answer elsewhere. I need to connect to IPP printers from client computers through http://pserver/printer via a script.

I can connect to IPP printers through http://pserver/printers. I choose the printer, click Connect, and it downloads the driver from the server. How can I achieve this via a script? I have tried PrintUI, but PrintUI does not pull the driver from the server; it installs the driver from the local ntprint.inf file that’s on the local client computer, but I want to download the driver from the server where the IPP printers are installed. I always want to install the driver from the server in case there is a driver setting change, and by downloading the driver, it pulls the settings down to the client computer.

I can create an IPP printer with the PrintUI command by giving the port path, but the IPP printer is not the same as when I connect from the browser because it is not downloading the driver from the server and as a result I end up with a driver version mismatch. The PrintUI command downloads the driver only if you connect to the UNC path, \serverprinter. It does not recognize IPP path, http://pserver/printer. Also Con2prt does not recognize the http: path, but works great with the UNC path.


Comments are closed.