JEA can help you with just that and a lot more.
What Is JEA?
In addition, it’s possible for you to be extremely specific.
It’s a tool that can save you a tremendous amount of time and secure your environment.
Let’s get started by wrapping our script into a function.
This is quite easy, assuming that you already have your
set up.
While RoleCapabilities can be created manually, it’s recommended to use theNew-PSRoleCapabilityFilecommand built into PowerShell 5.1. you could also add the raw script with parameters.
You also specify how you are allowed to use the function in theVisibleCmdletparameter.
You do this by specifying the name of the function and its parameters together with a regular expression.
But there’s one caveat to making this work—you gotta add the psrc-file into a module.
The following script is a modified version of what you find in theOfficial JEA documentation.
You’re going to create the AD group and transcript directory here as well.
This enables the members of JEA_FILESHARE_CREATOR to connect via PowerShell to the server:
You’re done!
This does not only include your own scripts but built-in modules and installed modules as well.
Even though JEA can be a great value-add, be careful!
