Skip to content

Die KW 32/2020 im Link-Rückblick

Powershell - Compare file hash with existing hash file (checksum, SHA1) to validate binary file integrity

A quick win you should add to your power shell scripts whenever you execute a binary file by doing an integrity check based on checksums.

$pathToBinaryFile = "/your/file.path"
$pathToSha1File = $($pathToBinaryFile + ".sha1")

If (test-path $pathToBinaryFile) {
    $calculatedFileHash = Get-FileHash -LiteralPath $pathToBinaryFile -Algorithm SHA1
    $sha1FileContent = Get-Content $pathToSha1File 

    Write-Host ":: Checking file integrity."
    #we are expecting a sha1 file with one line of content.
    #   this one line should look like:<file name>\t<sha1 sum>
    #we are exploding the expected content by " "
    #   first array entry is <file name>
    #   second array entry is \t
    #   third array entry is <sha1 sum>
    $expectedFileHash = $sha1FileContent.Split(" ")[2]

    If ($expectedFileHash -ne $calculatedFileHash.HASH) {
        Write-Host $("   Binary file integrity check failed. Expected checksum >>" + $expectedFileHash + "<<, current checksum >>" + $calculatedFileHash.HASH + "<<.")

A bit more advanced script can be found here in my examples collection.

Translate to de es fr it pt ja

Die KW 31/2020 im Link-Rückblick

Die KW 30/2020 im Link-Rückblick

Die KW 29/2020 im Link-Rückblick

Create and manage a shadow copy snapshot for windows with powershell

Following my essence about the topic of creating a shadow copy snapshot.

#bo:create shadow copy
$shadowSourceVolume = ($env:SystemDrive + "\")
$shadowDestinationLinkPath = ($env:SystemDrive + "\shadowed_test")


#create a shadow copy object
$shadowCopyObject = $shadowCopyClass.create($shadowSourceVolume, "ClientAccessible")
#fetch shadow object fron that
$shadowObject = Get-WmiObject Win32_ShadowCopy | Where-Object { $_.ID -eq $shadowCopyObject.ShadowID }
$shadowLinkPath = $shadowObject.DeviceObject + "\"
#eo:create shadow copy

#bo:create link
cmd /c mklink /d $shadowDestinationLinkPath $shadowLinkPath
#eo:create link

#bo: remove shadow link
cmd /c rmdir /S /Q $shadowDestinationLinkPath
#eo: remove shadow link

#bo: delete shadow copy
#Remove-CimInstance -InputObject $shadowObject
#eo: delete shadow copy

#bo: FTL
#list all available shadow copies
#Get-WmiObject Win32_Shadowcopy
#eo: FTL

Most important learned knowledge for me is that I only can create a snapshot of a whole volume.

Translate to de es fr it pt ja

Simple PowerShell Log Function

Just to share it somewhere with someone, following my powershell basic log function.

Function Log-Message {
    Param (
        [parameter(Mandatory=$true)] [string] $Message,
        [string] $LogLevel = "info"

    $currentDate = Get-Date -Format "yyyyMMdd"
    $currentTime = Get-Date -Format "HHmmss"

    $logMessage = '{0} {1} [{2}]: {3}' -f $currentDate,$currentTime,$logLevel,$message

    $logMessage >> $logFile

Enjoy it.

Translate to de es fr it pt ja

Die KW 28/2020 im Link-Rückblick

`error: archzfs: signature from "ArchZFS Bot <[email protected]>" is unknown trust` and how to solve it

I ran into this error error: archzfs: signature from "ArchZFS Bot <[email protected]>" is unknown trust on multiple machines over the last days.

Since one machine was working which is also running one of my dns servers, I was searching into this direction. After a while, I switched all my machines using this one dns server without fixing the real issue. Furthermore, by just trying to refresh keys with sudo pacman-key --refresh-keys, I ran into another error: gpg: WARNING: Tor is not running.

I could solve this with a one liner:

echo "no-use-tor" >> ~/.gnupg/dirmngr.conf

Next step was finally to delete the broken key and re-import ist again.

sudo pacman-key -d DDF7DB817396A49B2A2723F7403BD972F75D9D76
sudo pacman-key -r DDF7DB817396A49B2A2723F7403BD972F75D9D76
sudo pacman-key --lsign-key DDF7DB817396A49B2A2723F7403BD972F75D9D76

After running through all this steps, I was able to run a system update again with pacman.

Thanks to this issue report on github, this entry on redit and this entry on

Translate to de es fr it pt ja

Die KW 27/2020 im Link-Rückblick

Die KW 26/2020 im Link-Rückblick

My Microsoft Windows Terminal settings with vi keybindings and zen burn

I've started playing with the Microsoft Windows Terminal.

My settings.json now contains some simple VI keybindings to easy up creating of tabs and panes. Furthermore, I am a big fan of the zenburn color scheme. You can find your settings.json in the path %userprofile%\AppData\Local\Packages\Microsoft.WindowsTerminal_8wekyb3d8bbwe\LocalState.

// This file was initially generated by Windows Terminal 1.0.1401.0
// It should still be usable in newer versions, but newer versions might have additional
// settings, help text, or changes that you will not see unless you clear this file
// and let us generate a new one for you.
// located in: `%userprofile%\AppData\Local\Packages\Microsoft.WindowsTerminal_8wekyb3d8bbwe\LocalState`

// To view the default settings, hold "alt" while clicking on the "Settings" button.
// For documentation on these settings, see:
    "$schema": "",

    // "defaultProfile": "{574e775e-4f2a-5b96-ac1e-a2962a402336}",
    "defaultProfile": "{00000000-0000-0000-ba54-000000000002}",

    // You can add more global application settings here.
    // To learn more about global settings, visit

    // If enabled, selections are automatically copied to your clipboard.
    "copyOnSelect": false,

    // If enabled, formatted data is also copied to your clipboard
    "copyFormatting": false,

    // A profile specifies a command to execute paired with information about how it should look and feel.
    // Each one of them will appear in the 'New Tab' dropdown,
    //   and can be invoked from the commandline with `wt.exe -p xxx`
    // To learn more about profiles, visit
            // Put settings here that you want to apply to all profiles.
            "colorScheme" : "Zenburn"
        // BO: Taken from:
                "guid": "{00000000-0000-0000-ba54-000000000002}",
                "acrylicOpacity" : 0.75,
                "closeOnExit" : true,
                //if you have installed windows git globally for all users
                "commandline" : "\"%PROGRAMFILES%\\git\\usr\\bin\\bash.exe\" -i -l",
                //if you have installed windows git only for one user
                // "commandline" : "\"%LOCALAPPDATA%\\Programs\\Git\\bin\\bash.exe\" -i -l",
                "cursorColor" : "#FFFFFF",
                "cursorShape" : "bar",
                "fontFace" : "Consolas",
                "fontSize" : 10,
                "historySize" : 9001,
                "icon" : "%PROGRAMFILES%\\git\\mingw64\\share\\git\\git-for-windows.ico",
                "name" : "Bash",
                "padding" : "0, 0, 0, 0",
                "snapOnInput" : true,
                "startingDirectory" : "%USERPROFILE%",
                "useAcrylic" : true
        // BO: Taken from:
                // Make changes here to the powershell.exe profile.
                "guid": "{61c54bbd-c2c6-5271-96e7-009a87ff44bf}",
                "name": "Windows PowerShell",
                "commandline": "powershell.exe",
                "hidden": false
                // Make changes here to the cmd.exe profile.
                "guid": "{0caa0dad-35be-5f56-a8ff-afceeeaa6101}",
                "name": "Command Prompt",
                "commandline": "cmd.exe",
                "hidden": false
                "guid": "{574e775e-4f2a-5b96-ac1e-a2962a402336}",
                "hidden": false,
                "name": "PowerShell",
                "source": "Windows.Terminal.PowershellCore"
                "guid": "{58ad8b0c-3ef8-5f4d-bc6f-13e4c00f2530}",
                "hidden": false,
                "name": "Debian",
                "source": "Windows.Terminal.Wsl"
                "guid": "{b453ae62-4e3d-5e58-b989-0a998ec441b8}",
                "hidden": false,
                "name": "Azure Cloud Shell",
                "source": "Windows.Terminal.Azure"
    // Add custom color schemes to this array.
    // To learn more about color schemes, visit
    "schemes": [
        // @see:
            "background" : "#3A3A3A",
            "black" : "#1E2320",
            "blue" : "#506070",
            "brightBlack" : "#709080",
            "brightBlue" : "#94BFF3",
            "brightCyan" : "#93E0E3",
            "brightGreen" : "#C3BF9F",
            "brightPurple" : "#EC93D3",
            "brightRed" : "#DCA3A3",
            "brightWhite" : "#FFFFFF",
            "brightYellow" : "#F0DFAF",
            "cyan" : "#8CD0D3",
            "foreground" : "#DCDCCC",
            "green" : "#60B48A",
            "name" : "Zenburn",
            "purple" : "#DC8CC3",
            "red" : "#D78787",
            "white" : "#DCDCCC",
            "yellow" : "#DFAF8F"
            "background" : "#1C1C1C",
            "black" : "#1E2320",
            "blue" : "#506070",
            "brightBlack" : "#709080",
            "brightBlue" : "#94BFF3",
            "brightCyan" : "#93E0E3",
            "brightGreen" : "#C3BF9F",
            "brightPurple" : "#EC93D3",
            "brightRed" : "#DCA3A3",
            "brightWhite" : "#FFFFFF",
            "brightYellow" : "#F0DFAF",
            "cyan" : "#8CD0D3",
            "foreground" : "#DCDCCC",
            "green" : "#60B48A",
            "name" : "High-Contrast Zenburn",
            "purple" : "#DC8CC3",
            "red" : "#D78787",
            "white" : "#DCDCCC",
            "yellow" : "#DFAF8F"
    // Add custom keybindings to this array.
    // To unbind a key combination from your defaults.json, set the command to "unbound".
    // To learn more about keybindings, visit
        // Copy and paste are bound to Ctrl+Shift+C and Ctrl+Shift+V in your defaults.json.
        // These two lines additionally bind them to Ctrl+C and Ctrl+V.
        // To learn more about selection, visit
        { "command": {"action": "copy", "singleLine": false }, "keys": "ctrl+c" },
        { "command": "paste", "keys": "ctrl+v" },

        // Press Ctrl+Shift+F to open the search box
        { "command": "find", "keys": "ctrl+shift+f" },

        // Press Alt+Shift+D to open a new pane.
        // - "split": "auto" makes this pane open in the direction that provides the most surface area.
        // - "splitMode": "duplicate" makes the new pane use the focused pane's profile.
        // To learn more about panes, visit
        { "command": { "action": "splitPane", "split": "auto", "splitMode": "duplicate" }, "keys": "alt+shift+d" },

        // Close Tab
        {"command" : "closeTab", "keys" : "ctrl+w"},
        // Open New Tab
        {"command":"newTab", "keys": "ctrl+t"},

        // Open new pane
        { "command": { "action": "splitPane", "splitMode": "duplicate", "split": "vertical" }, "keys": "alt+ctrl+l" },
        { "command": { "action": "splitPane", "splitMode": "duplicate", "split": "horizontal" }, "keys": "alt+ctrl+j" },
        { "command": { "action": "splitPane", "splitMode": "duplicate", "split": "auto" }, "keys": "alt+ctrl+ " },

        // Move around the panes
        { "command": { "action": "moveFocus", "direction": "down" }, "keys": "alt+j" },
        { "command": { "action": "moveFocus", "direction": "left" }, "keys": "alt+h" },
        { "command": { "action": "moveFocus", "direction": "right" }, "keys": "alt+l" },
        { "command": { "action": "moveFocus", "direction": "up" }, "keys": "alt+k" },

        // Resize panes
        { "command": { "action": "resizePane", "direction": "down" }, "keys": "alt+shift+j" },
        { "command": { "action": "resizePane", "direction": "left" }, "keys": "alt+shift+h" },
        { "command": { "action": "resizePane", "direction": "right" }, "keys": "alt+shift+l" },
        { "command": { "action": "resizePane", "direction": "up" }, "keys": "alt+shift+k" }
Translate to de es fr it pt ja

Die KW 25/2020 im Link-Rückblick

Microsoft Powershells output is not local system language independet or - why "query user" sometimes returns USERNAME and BENUTZERNAME

I am working in an enviroment where some systems have a locale (or how microsoft is calling it "culture") of "en-US" or "de-DE".

Today I had to debug a script that is not outputting something. After a while, I've figured out that the result of query user /server:<server> is returning objects with different properties.

If the current locale is en-US, the property USERNAME exists. If the current locale is de-DE, the property BENUTZERNAME exists.

This is pretty sad since I could not find a way to set the culture within my powershell script to en-US.

What I've tried and what did not worked.

[System.Threading.Thread]::CurrentThread.CurrentCulture = "de-DE";
[System.Threading.Thread]::CurrentThread.CurrentUICulture = "de-DE";
[cultureinfo]::currentculture = 'de-DE';
[cultureinfo]::CurrentUICulture = 'de-DE';
Set-Culture de-DE

How did I solved it? I've added an or condition to support both properties, which is sad.

Where-Object { ($_.USERNAME -like "*$userNameToFilterAgainstOrNull*") -or ($_.BENUTZERNAME -like "*$userNameToFilterAgainstOrNull*") }

Good luck!

Translate to de es fr it pt ja

Die KW 24/2020 im Link-Rückblick

Die KW 23/2020 im Link-Rückblick

Die KW 22/2020 im Link-Rückblick

Die KW 21/2020 im Link-Rückblick

Die KW 20/2020 im Link-Rückblick

Die KW 19/2020 im Link-Rückblick

Die KW 18/2020 im Link-Rückblick

Die KW 17/2020 im Link-Rückblick

Die KW 16/2020 im Link-Rückblick