The Human Side of PowerShell Scripting, Managing your WSL instances
+ Automating ‘Have I Been Pwned’ Breach Checks for Entra ID Groups
Hey everyone, we have another fantastic week of PowerShell News. I’m just wrapping up my conference season here in Michigan. I presented at the Michigan Association of School Boards (MASB) last weekend on AI Policy and at the Michigan Association of Educational Data Systems (MAEDS) on what I’ve coined as Guerilla Zero Trust Security, a combination of Zero Trust and irregular “Guerilla” tactics, which often center around PowerShell, to help organizations become more cognizant of the advanced threats we are all facing.
Not only that, but I also launched a new newsletter right here on Substack: Ransomware.News. Part of my obsession with PowerShell has focused more and more on the cybersecurity threats we are all facing. It’s my hope that you all will consider subscribing to Ransomware.News for fantastic TLDR style content, like this newsletter, and even richer, long form content on the state of Ransomware threats around the world, like my article from Friday about China’s Invisible War against Taiwan.
The PowerShell community is something special that I cherish, very, very deeply. I’ve often spoken about how K12 is nothing like private sector because we all collaborate against common threats and toward common opportunities for growth. PowerShell, something similar going on that isn’t with all tech communities. I’m super proud to be a part of it and of all the work you all are doing for all the organizations you are a part of around the world.
Videos
The Human Side of PowerShell Scripting - Jeff Hicks
PSConfEU has a great video with Jeff Hicks about how to write human-centered PowerShell code. He emphasizes that scripting is a craft that should prioritize the end user’s experience by focusing on effortless input, rich object output, and meaningful execution feedback.
Always Hype About Automation with Hailey Phillips. The PowerShell Podcast E198
Hailey Phillips was on the PowerShell Podcast with Andrew Pla, to discuss her journey from systems engineer to automation innovator, discussing her new PowerShell-driven CI/CD project, IntuneStack. She also reflects on her path to becoming a Microsoft MVP and the importance of mentorship and collaboration in the tech community.
Never Let Your App Secrets Expire Again! Send Alerts via PowerShell
Adeel Automates has a great video on building a comprehensive PowerShell script to manage Azure App Registration secrets. This script combines multiple techniques from previous episodes to detect expiring secrets, secure email sending using an application access policy for a shared mailbox, and automatically notify both the IT team and individual app owners with custom HTML alerts that include direct links to the expiring secrets.
Community News
Marius Solbakken has a great article introducing the open-source EntraIDAccessToken PowerShell module for simplifying Entra ID authentication in scripts and modules. The module abstracts the complexities of authentication, token refreshing, and caching across multiple environments like Azure Functions and GitHub Actions, allowing users to authenticate to Microsoft Graph and other APIs with just a couple of lines of code.
PowerShell 7 Support Arrives for the Granfeldt PowerShell Management Agent
Darren Robinson has an interesting article announcing the official addition of PowerShell 7 support for the Granfeldt PowerShell Management Agent (PSMA), which is the foundation for custom identity integration in Microsoft Identity Manager (MIM). This update, which Darren contributed, is a major performance uplift because PowerShell 7 is built on .NET, enabling faster execution, better memory efficiency, and the ability to use features like ForEach-Object -Parallel to drastically reduce sync cycle times.
Damien Van Robaeys has a good article detailing a PowerShell script that allows you to monitor and log the specific authentication methods users employ on Windows. The script captures the date, username, and the exact method used, such as PIN, fingerprint, facial recognition, or password, providing more detailed visibility than simple Windows Hello for Business (WHfB) vs. Password reports.
https://www.systanddeploy.com/2025/10/identify-how-users-authenticate-on.html
Managing your WSL instances in PowerShell using the WSL Module
Harm Veenstra has a great article introducing the WSL PowerShell Module for managing Windows Subsystem for Linux (WSL) distributions. This module wraps the functionality of wsl.exe into PowerShell cmdlets like Get-WslDistribution and Invoke-WslCommand, making it significantly easier to script, automate, and perform operations like exporting, importing, and stopping WSL instances.
October 2025 PowerShell Potluck
The October 2025 PowerShell Potluck newsletter provides a collection of PowerShell resources and community updates. Key topics include a YouTube video on Using Regex in PowerShell by Steven Judd, links to PSMiniCon Videos, a fun look at the FancyClearHost module for console animations, a deep dive into using the 256-color ANSI palette in PowerShell, and details about the PowerShell Summit 2026 and a new scripting challenge to get drive information using [System.IO.DriveInfo] and a custom format file.
https://buttondown.com/behind-the-powershell-pipeline/archive/october-2025-powershell-potluck/
Automating ‘Have I Been Pwned’ Breach Checks for Entra ID Groups using PowerShell – imab.dk
Martin Bengtsson has a great article detailing an automated PowerShell script that checks members of specified Entra ID (Azure AD) groups against the Have I Been Pwned database. The tool integrates the Microsoft Graph API and the Have I Been Pwned API to generate professional HTML and PDF reports for security audits and includes smart rate limiting to prevent API throttling errors.
https://www.imab.dk/powershell-script-automated-have-i-been-pwned-breach-checks-for-entra-id-groups/
PowerShell Conference Europe 2026: Call for Speakers
PowerShell Conference Europe 2026 has an interesting post about the Call for Speakers for their event in Wiesbaden, Germany, from June 1-4, 2026. Submissions for sessions are open until December 14, 2025, and they are looking for unique content ranging from Real-Life PowerShell and DevOps to soft skills, with options for 45-minute standard sessions or 90-minute follow-along/deep dive sessions.