With the help of PS2EXE WIN-PS2EXE, you can convert a PowerShell script into an executable (EXE). This allows you to delegeate administrator tasks to your help desk.

Imagine some from the help desk wants to know who has access to a network folder. They have the name of the AD group that has access, but they want to know which users are in the group, including any that have access because they belong to a group that has access. As an administrator, I can use the following PowerShell query:

write-host -nonewline "Type or paste the name of the AD group you want look up: "
 $ADGroup = read-host

 Get-ADGroupmember $ADGroup -Recursive|Get-ADUser -Properties \* | FT GivenName, Surname, name, displayname -AutoSize
write-host  "To copy the results, highlight the text you want to copy and right-click with your mouse.  Then paste into notepad."

Now that we have the script, we can save it as test.ps1. Next, we can use PS2EXE and WIN-PS2EXE to turn this PowerShell script into a self-contained EXE file that the business user can use.

Compiling a PowerShell script with PS2EXE and WIN-PS2EXE ^

PS2EXE was created by Ingo Karstein several years ago to convert a PowerShell script to a "standalone" EXE. However, it hadn't been updated in more than five years, so I chose to use a new version: WIN-PS2EXE, by Markus Scholtes. This module allowed me to take my tiny PowerShell script and convert it to an executable that could be placed on a network share for the help desk user.

With a fairly simple interface, the user can select the location of the saved source file (which is the PowerShell script), create a target file name, and even select an icon for the soon-to-be-created EXE. Once everything is filled out (only the source file is mandatory), click Compile.

Convert a PowerShell script into an EXE with PS2EXE WIN PS2EXE

Convert a PowerShell script into an EXE with PS2EXE WIN PS2EXE

The Win-PS2EXE front end passes the parameters to the PS2exe.ps1 back end, and the result is your newly created EXE file in the target location.

Because it is all self-contained, the user doesn't need to start PowerShell, load the ps1 file, and run it. All they need to do is double-click the EXE, paste the AD group, and press Enter, and the results appear.

If you want to use just the command line, you can install the module by using the command Install-Module ps2exe, and create the new executable by using the command Invoke-ps2exe .\source.ps1 .\target.exe or ps2exe .\source.ps1 .\target.exe. A full list of the available parameters can be found here.

Some words of caution ^

Converting a PowerShell script into an EXE file is a simple process. Decompiling the EXE back to a PS file is not as easy, but because this is doable, you have to make sure you don't store passwords in your PowerShell script. Keep the source files in a secure location, as it is much easier to make changes when you have the PowerShell code (for bug fixes and adding features) and recreate and redistribute the EXE file.

It is important to note that there are also some security concerns. Some organizations whitelist all the executable files that they permit to be used within their organization. Since you will be introducing a new EXE file, it has to be whitelisted as well.

Some antivirus vendors are also reporting EXE files created with PS2EXE as malicious software; this is a false positive. If your antivirus software marks all executables created with PS2EXE malicious, you should report the false positive to the vendor.

Subscribe to 4sysops newsletter!

Conclusion ^

Converting a PowerShell script into an EXE allows you to deploy your automation solutions to help desk personnel without requiring them to launch a PowerShell console. With the help of PS2EXE and WIN-PS2EXE, compiling your scripts into executables is easy and fast.


Leave a reply

Your email address will not be published.


© 4sysops 2006 - 2022


Please ask IT administration questions in the forums. Any other messages are welcome.


Log in with your credentials


Forgot your details?

Create Account