Microsoft.PowerShell.Security

Defines the base class from which all Security Descriptor commands are derived.

Add brokered properties for easy access to important properties of security descriptor

Gets the Path of the provided PSObject.

The PSObject for which to obtain the path. The path of the provided PSObject.

Gets the Owner of the provided PSObject.

The PSObject for which to obtain the Owner. The Owner of the provided PSObject.

Gets the Group of the provided PSObject.

The PSObject for which to obtain the Group. The Group of the provided PSObject.

Gets the access rules of the provided PSObject.

The PSObject for which to obtain the access rules. The access rules of the provided PSObject.

Gets the audit rules of the provided PSObject.

The PSObject for which to obtain the audit rules. The audit rules of the provided PSObject.

Gets the central access policy ID of the provided PSObject.

The PSObject for which to obtain the central access policy ID. The central access policy ID of the provided PSObject.

Gets the central access policy name of the provided PSObject.

The PSObject for which to obtain the central access policy name. The central access policy name of the provided PSObject.

Gets the names and IDs of all central access policies available on the machine.

The PSObject argument is ignored. The names and IDs of all central access policies available on the machine.

Gets the security descriptor (in SDDL form) of the provided PSObject. SDDL form is the Security Descriptor Definition Language.

The PSObject for which to obtain the security descriptor. The security descriptor of the provided PSObject, in SDDL form.

The filter to be used to when globbing to get the item.

The glob string used to determine which items are included.

The glob string used to determine which items are excluded.

Gets or sets the filter property. The filter property allows for provider-specific filtering of results.

Gets or sets the include property. The include property specifies the items on which the command will act.

Gets or sets the exclude property. The exclude property specifies the items on which the command will not act.

The context for the command that is passed to the core command providers.

Defines the implementation of the 'get-acl' cmdlet. This cmdlet gets the security descriptor of an item at the specified path.

Initialzes a new instance of the GetAclCommand class. Sets the default path to the current location.

Processes records from the input pipeline. For each input file, the command retrieves its corresponding security descriptor.

Gets or sets the path of the item for which to obtain the security descriptor. Default is the current location.

InputObject Parameter Gets or sets the inputObject for which to obtain the security descriptor

Gets or sets the literal path of the item for which to obtain the security descriptor. Default is the current location.

Gets or sets the audit flag of the command. This flag determines if audit rules should also be retrieved.

Gets or sets the AllCentralAccessPolicies flag of the command. This flag determines whether the information about all central access policies available on the machine should be displayed.

Defines the implementation of the 'set-acl' cmdlet. This cmdlet sets the security descriptor of an item at the specified path.

Returns a newly allocated SACL with no ACEs in it. Free the returned SACL by calling Marshal.FreeHGlobal.

Returns a newly allocated SACL with the supplied CAPID in it. Free the returned SACL by calling Marshal.FreeHGlobal.

Returns the current thread or process token with the specified privilege enabled and the previous state of this privilege. Free the returned token by calling NativeMethods.CloseHandle.

Processes records from the input pipeline. For each input file, the command sets its security descriptor to the specified Access Control List (ACL).

Gets or sets the path of the item for which to set the security descriptor.

InputObject Parameter Gets or sets the inputObject for which to set the security descriptor

Gets or sets the literal path of the item for which to set the security descriptor.

Gets or sets the security descriptor object to be set on the target item(s).

Gets or sets the central access policy to be set on the target item(s).

Clears the central access policy applied on the target item(s).

Gets or sets the Passthru flag for the operation. If true, the security descriptor is also passed down the output pipeline.

Defines the implementation of the get-pfxcertificate cmdlet

Initializes a new instance of the GetPfxCertificateCommand class

Processes records from the input pipeline. For each input file, the command retrieves its corresponding certificate.

Gets or sets the path of the item for which to obtain the certificate.

Gets or sets the literal path of the item for which to obtain the certificate.

Defines the Certificate Provider dynamic parameters. We only support one dynamic parameter for Win 7 and earlier: CodeSigningCert If provided, we only return certificates valid for signing code or scripts.

switch that controls whether we only return code signing certs.

Defines the type of DNS string The structure contains punycode name and unicode name

punycode version of DNS name

Unicode version of DNS name

ambiguous constructor of a DnsNameRepresentation

specific constructor of a DnsNameRepresentation

value comparison

get display string

get property of Punycode

get property of Unicode

Defines the Certificate Provider dynamic parameters. We only support one dynamic parameter for Win 7 and earlier: CodeSigningCert If provided, we only return certificates valid for signing code or scripts. For Win 8 and later, we also support: SSLServerAuthentication If provided, only return certificates valid for server authentication. DnsName If provided, only return certificates matching the supplied DNS Name. Eku If provided, only return certificates containing all of the OIDs supplied. ExpiringInDays If provided, only return certificates expiring within the specified number of days.

switch that controls whether we only return code signing certs.

switch that controls whether we only return code signing certs.

string to filter certs by DNSName Expected content is a single DNS Name that may start and/or end with '*': "contoso.com" or "*toso.c*"

string to filter certs by EKU Expected content is one or more OID strings: "1.3.6.1.5.5.7.3.1", etc. For a cert to match, it must be valid for all listed OIDs.

string to filter certs by the number of valid days Expected content is a non-negative integer. "0" matches all certs that have already expired. "1" matches all certs that are currently valid and will expire by midnight tonight (local time).

Defines the Certificate Provider remove-item dynamic parameters. Currently, we only support one dynamic parameter: DeleteKey If provided, we will delete the private key when we remove a certificate

switch that controls whether we should delete private key when remove a certificate

Defines the safe handle class for native cert store handles, HCERTSTORE.

Defines the safe handle class for native cert store handles, HCERTSTORE.

Defines the Certificate Provider store handle class

Initializes a new instance of the X509NativeStore class.

native IntPtr store handle

X509StoreLocation store location

string store name

true if a real store is open

Defines the types of items supported by the certificate provider.

An unknown item.

An X509 Certificate.

A certificate store location. For example, cert:\CurrentUser

A certificate store. For example, cert:\CurrentUser\My

Defines the implementation of a Certificate Store Provider. This provider allows for stateless namespace navigation of the computer's certificate store.

regex pattern that defines a valid cert path

tracer for certificate provider

Indicate if we already have attempted to load the PKI module

lock that guards access to the following static members -- storeLocations -- pathCache

list of store locations. They do not change once initialized. Synchronized on staticLock

cache that stores paths and their associated objects. key is full path to store-location/store/certificate value is X509StoreLocation/X509NativeStore/X509Certificate2 object Synchronized on staticLock

downlevel support flag

we allow either / or \ to be the path separator

Cache the store handle to avoid repeated CertOpenStore calls.

On demand create the Regex to avoid a hit to startup perf.

Note, its OK that staticLock is being used here because only IsValidPath is calling this static property so we shouldn't have any deadlocks due to other locked static members calling this property.

Initializes a new instance of the CertificateProvider class. This initializes the default certificate store locations.

Removes an item at the specified path

The path of the item to remove. Recursively remove. Nothing. path is null or empty. destination is null or empty.

Gets the dynamic parameters for remove-item on the Certificate Provider. We currently only support one dynamic parameter, "DeleteKey," that delete private key when we delete a certificate.

If the path was specified on the command line, this is the path to the item for which to get the dynamic parameters. Ignored. An object that has properties and fields decorated with parsing attributes similar to a cmdlet class.

Moves an item at the specified path to the given destination.

The path of the item to move. The path of the destination. Nothing. Moved items are written to the context's pipeline. path is null or empty. destination is null or empty.

Creates a certificate store with the given path.

New-Item doesn't go through the method "ItemExists". But for the CertificateProvider, New-Item can create an X509Store and return it, and the user can access the certificates within the store via its property "Certificates". We want the extra new properties of the X509Certificate2 objects to be shown to the user, so we also need to import the PKI module in this method, if we haven't tried it yet. The path of the certificate store to create. Ignored. Only support store. Ignored Nothing. The new certificate store object is written to the context's pipeline. path is null or empty.

Initializes the cert: drive.

A collection that contains the PSDriveInfo object that represents the cert: drive.

Determines if the item at the given path is a store-location or store with items in it.

The full path to the item. True if the path refers to a store location, or store that contains certificates. False otherwise. Path is null This exception can be thrown if any cryptographic error occurs. It is not possible to know exactly what went wrong. This is because of the way CryptographicException is designed. Some example reasons include: -- certificate is invalid -- certificate has no private key -- certificate password mismatch

Determines if the specified path is syntactically and semantically valid. An example path looks like this: cert:\CurrentUser\My\5F98EBBFE735CDDAE00E33E0FD69050EF9220254

The path of the item to check. True if the path is valid, false otherwise.

Determines if the store location, store, or certificate exists at the specified path.

The method ItemExists will be hit by all built-in cmdlets that interact with the CertificateProvider except for the New-Item. They are: Get-ChildItem Set-Location Push-Location Pop-Location Move-Item Invoke-Item Get-Item Remove-Item So we import the PKI module in this method if we haven't tried yet. The path of the item to check. True if a the store location, store, or certificate exists at the specified path. False otherwise. Path is null This exception can be thrown if any cryptographic error occurs. It is not possible to know exactly what went wrong. This is because of the way CryptographicException is designed. Possible reasons: -- certificate is invalid -- certificate has no private key -- certificate password mismatch -- etc

Gets the store location, store, or certificate at the specified path.

The path of the item to retrieve. Path is null This exception can be thrown if any cryptographic error occurs. It is not possible to know exactly what went wrong. This is because of the way CryptographicException is designed. Possible reasons: -- certificate is invalid -- certificate has no private key -- certificate password mismatch -- etc

Gets the parent of the given path.

The path of which to get the parent. The root of the drive. The parent of the given path.

Gets the name of the leaf element of the specified path.

The fully qualified path to the item. The leaf element of the specified path.

We want to import the PKI module explicitly because a type for X509Certificate is defined in the PKI module that add new properties to the X509Certificate2 objects. We want to show those new properties to the user without requiring someone to force the loading of this module.

Invokes the certificate management UI (certmgr.msc) for any path.

Ignored.

Delete private key

key prov info no return

Delete the cert store; if -DeleteKey is specified, we also delete the associated private key

the store name boolean to specify whether or not to delete private key source path no return

Delete the a single cert from the store; if -DeleteKey is specified, we also delete the associated private key

an X509Certificate2 object boolean to specify whether or not to delete private key machine context or user source path no return

Delete the cert from the store; if -DeleteKey is specified, we also delete the associated private key

an X509Certificate2 object boolean to specify whether or not to delete private key machine context or user source path no return

Commit store for UserDS store

an IntPtr for store handle no return

Delete the cert from the original store and add to the destination store

destination path an X509Certificate2 an X509NativeStore source path no return

fetches the store-location/store/certificate at the specified path.

path to the item set to true if item exists and is a container item at the path

Gets the child items of a given store, or location.

The full path of the store or location to enumerate. If true, recursively enumerates the child items as well. Path is null or empty. This exception can be thrown if any cryptographic error occurs. It is not possible to know exactly what went wrong. This is because of the way CryptographicException is designed. Possible reasons: -- certificate is invalid -- certificate has no private key -- certificate password mismatch -- etc

Gets the child names of a given store, or location.

The full path of the store or location to enumerate. Determines if all containers should be returned or only those containers that match the filter(s). Path is null or empty. This exception can be thrown if any cryptographic error occurs. It is not possible to know exactly what went wrong. This is because of the way CryptographicException is designed. Possible reasons: -- certificate is invalid -- certificate has no private key -- certificate password mismatch -- etc

Determines if the item at the specified path is a store or location.

True if the item at the specified path is a store or location. False otherwise. Path is null or empty. This exception can be thrown if any cryptographic error occurs. It is not possible to know exactly what went wrong. This is because of the way CryptographicException is designed. Possible reasons: -- certificate is invalid -- certificate has no private key -- certificate password mismatch -- etc

Gets the dynamic parameters for get-item on the Certificate Provider. We currently support the following dynamic parameters: "CodeSigning," that returns only certificates good for signing code or scripts.

If the path was specified on the command line, this is the path to the item for which to get the dynamic parameters. An object that has properties and fields decorated with parsing attributes similar to a cmdlet class.

Gets the dynamic parameters for get-childitem on the Certificate Provider. We currently only support one dynamic parameter, "CodeSigning," that returns only certificates good for signing code or scripts.

If the path was specified on the command line, this is the path to the item for which to get the dynamic parameters. Ignored. An object that has properties and fields decorated with parsing attributes similar to a cmdlet class.

Helper function to get store-location/store/cert at the specified path.

path to the item whether we need to recursively find all Determines if all containers should be returned or only those containers that match the filter(s). whether we only need the names filter info Does not return a value

get the name of the specified certificate

cert name we use Thumbprint as the name

Get cert objects or their name at the specifed path

path to cert path elements whether we should return only the names (instead of objects) filter info Does not return a value

get X509StoreLocation object at path

X509StoreLocation object

get the X509NativeStore object at path

path to store path elements X509NativeStore object

gets the X509NativeStore at the specified path. Adds to cache if not already there.

path to the store name of store (path leaf element) location of store (CurrentUser or LocalMachine) X509NativeStore object

gets X509NativeStore objects or their name at the specified path.

path to the store recursively return all items if true filter info Does not return a value

Get provider-specific help

Name of help item or cmdlet for which user has requested help Path to the current location or path to the location of the property that the user needs help about. Provider specific MAML help content string

Defines a class to represent a store location in the certificate provider. The two possible store locations are CurrentUser and LocalMachine

Initializes a new instance of the X509StoreLocation class.

Gets the location, as a string.

Gets the location as a

Gets the list of stores at this location.

Defines the type of EKU string The structure contains friendly name and EKU oid

Localized friendly name of EKU

OID of EKU

constructor of an EnhancedKeyUsageRepresentation

value comparison

get display string

get property of friendlyName

get property of oid

class for SendAsTrustedIssuer

get property of SendAsTrustedIssuer

set property of SendAsTrustedIssuer

class for ekulist

constructor for EnhancedKeyUsageProperty

get property of EKUList

class for DNSNameList

constructor for EkuList

get property of DnsNameList

downlevel helper function to determine if the OS is WIN8 and above

Check in UI is allowed

container for helper functions that use pinvoke into crypt32.dll

lock that guards access to the following static members -- storeNames

get a list of store names at the specified location

call back function used by CertEnumSystemStore Currently, there is no managed support for enumerating store names on a machine. We use the win32 function CertEnumSystemStore() to get a list of stores for a given context. Each time this callback is called, we add the passed store name to the list of stores

Defines the base class for exceptions thrown by the certificate provider when the specified item cannot be located.

Initializes a new instance of the CertificateProviderItemNotFoundException class with the default message.

Initializes a new instance of the CertificateProviderItemNotFoundException class with the specified message.

The message to be included in the exception.

Initializes a new instance of the CertificateProviderItemNotFoundException class with the specified message, and inner exception.

The message to be included in the exception. The inner exception to be included in the exception.

Initializes a new instance of the CertificateProviderItemNotFoundException class with the specified serialization information, and context.

The serialization information. The streaming context.

Initializes a new instance of the CertificateProviderItemNotFoundException class with the specified inner exception.

The inner exception to be included in the exception.

Defines the exception thrown by the certificate provider when the specified X509 certificate cannot be located.

Initializes a new instance of the CertificateNotFoundException class with the default message.

Initializes a new instance of the CertificateNotFoundException class with the specified message.

The message to be included in the exception.

Initializes a new instance of the CertificateNotFoundException class with the specified message, and inner exception.

The message to be included in the exception. The inner exception to be included in the exception.

Initializes a new instance of the CertificateNotFoundException class with the specified serialization information, and context.

The serialization information. The streaming context.

Initializes a new instance of the CertificateNotFoundException class with the specified inner exception.

The inner exception to be included in the exception.

Defines the exception thrown by the certificate provider when the specified X509 store cannot be located.

Initializes a new instance of the CertificateStoreNotFoundException class with the default message.

Initializes a new instance of the CertificateStoreNotFoundException class with the specified message.

The message to be included in the exception.

Initializes a new instance of the CertificateStoreNotFoundException class with the specified message, and inner exception.

The message to be included in the exception. The inner exception to be included in the exception.

Initializes a new instance of the CertificateStoreNotFoundException class with the specified serialization information, and context.

The serialization information. The streaming context.

Initializes a new instance of the CertificateStoreNotFoundException class with the specified inner exception.

The inner exception to be included in the exception.

Defines the exception thrown by the certificate provider when the specified X509 store location cannot be located.

Initializes a new instance of the CertificateStoreLocationNotFoundException class with the default message.

Initializes a new instance of the CertificateStoreLocationNotFoundException class with the specified message.

The message to be included in the exception.

Initializes a new instance of the CertificateStoreLocationNotFoundException class with the specified message, and inner exception.

The message to be included in the exception. The inner exception to be included in the exception.

Initializes a new instance of the CertificateStoreLocationNotFoundException class with the specified serialization information, and context.

The serialization information. The streaming context.

Initializes a new instance of the CertificateStoreLocationNotFoundException class with the specified inner exception.

The inner exception to be included in the exception.

Defines the implementation of the 'get-credential' cmdlet. The get-credential Cmdlet establishes a credential object called a Msh credential, by pairing a given username with a prompted password. That credential object can then be used for other operations involving security.

The Credential parameter set name.

The Message parameter set name.

Initializes a new instance of the GetCredentialCommand class

The command outputs the stored PSCredential.

Gets or sets the underlying PSCredential of the instance.

Gets and sets the user supplied message providing description about which script/function is requesting the PSCredential from the user.

Gets and sets the user supplied username to be used while creating the PSCredential.

Defines the implementation of the 'Get-ExecutionPolicy' cmdlet. This cmdlet gets the effective execution policy of the shell. In priority-order (highest priority first,) these come from: - Machine-wide Group Policy - Current-user Group Policy - Current session preference - Current user machine preference - Local machine preference

Outputs the execution policy.

Gets or sets the scope of the execution policy.

Gets or sets the List parameter, which lists all scopes and their execution policies.

Defines the implementation of the 'Set-ExecutionPolicy' cmdlet. This cmdlet sets the local preference for the execution policy of the shell. The execution policy may be overridden by settings in Group Policy. If the Group Policy setting overrides the desired behaviour, the Cmdlet generates a terminating error.

Sets the execution policy (validation).

Set the desired execution policy.

Gets or sets the execution policy that the user requests.

Gets or sets the scope of the execution policy.

Specifies whether to force the execution policy change.

Defines the base class from which all signature commands are derived.

Initializes a new instance of the SignatureCommandsBase class, using the given command name.

The name of the command.

Processes records from the input pipeline. For each input object, the command gets or sets the digital signature on the object, and and exports the object.

Performs the action (ie: get signature, or set signature) on the specified file.

The name of the file on which to perform the action.

Gets or sets the path to the file for which to get or set the digital signature.

Gets or sets the literal path to the file for which to get or set the digital signature.

Gets or sets the digital signature to be written to the output pipeline.

Defines the implementation of the 'get-AuthenticodeSignature' cmdlet. This cmdlet extracts the digital signature from the given file.

Initializes a new instance of the GetSignatureCommand class.

Gets the signature from the specified file.

The name of the file on which to perform the action. The signature on the specified file.

Defines the implementation of the 'set-AuthenticodeSignature' cmdlet. This cmdlet sets the digital signature on a given file.

Initializes a new instance of the SetAuthenticodeSignatureCommand class.

Sets the digital signature on the specified file.

The name of the file on which to perform the action. The signature on the specified file.

association between SigningOption.* values and the corresponding string names.

get SigningOption value corresponding to a string name

name of option SigningOption

Gets or sets the certificate with which to sign the file.

Gets or sets the additional certificates to include in the digital signature. Use 'signer' to include only the signer's certificate. Use 'notroot' to include all certificates in the certificate chain, except for the root authority. Use 'all' to include all certificates in the certificate chain. Defaults to 'notroot'.

Gets or sets the Url of the time stamping server. The time stamping server certifies the exact time that the certificate was added to the file.

Gets or sets the hash algorithm used for signing. This string value must represent the name of a Cryptographic Algorithm Identifier supported by Windows.

Property that sets force parameter.

Defines the base class from which all SecureString commands are derived.

Intitializes a new instance of the SecureStringCommandBase class.

The command name deriving from this class

Gets or sets the secure string to be used by the get- and set- commands.

Defines the base class from which all SecureString import and export commands are derived.

Initializes a new instance of the ConvertFromToSecureStringCommandBase class.

Gets or sets the SecureString version of the encryption key used by the SecureString cmdlets.

Gets or sets the byte version of the encryption key used by the SecureString cmdlets.

Defines the implementation of the 'ConvertFrom-SecureString' cmdlet. This cmdlet exports a new SecureString -- one that represents text that should be kept confidential. The text is encrypted for privacy when being used, and deleted from computer memory when no longer needed. When no key is specified, the command uses the DPAPI to encrypt the string. When a key is specified, the command uses the Rijndael algorithm to encrypt the string.

Initializes a new instance of the ExportSecureStringCommand class

Processes records from the input pipeline. For each input object, the command encrypts and exports the object.

Gets or sets the secure string to be exported.

Defines the implementation of the 'ConvertTo-SecureString' cmdlet. This cmdlet imports a new SecureString from encrypted data -- one that represents text that should be kept confidential. The text is encrypted for privacy when being used, and deleted from computer memory when no longer needed. When no key is specified, the command uses the DPAPI to decrypt the data. When a key is specified, the command uses the Rijndael algorithm to decrypt the data.

Initializes a new instance of the ImportSecureStringCommand class.

Processes records from the input pipeline. For each input object, the command decrypts the data, then exports a new SecureString created from the object.

Gets or sets the unsecured string to be imported.

Gets or sets the flag that marks the unsecured string as a plain text string.

Gets or sets the flag that will force the import of a plaintext unsecured string.

gets the size of a file

path to file file size

present a prompt for a SecureString data

ref to host ui interface prompt text user input as secure string

get plain text string from a SecureString This function will not be required once all of the methods that we call accept a SecureString. The list below has classes/methods that will be changed to accept a SecureString after Whidbey beta1 -- X509Certificate2.Import (String, String, X509KeyStorageFlags) (DCR #33007 in the DevDiv Schedule db) -- NetworkCredential(string, string);

input data a string representing clear-text equivalent of ss

resource string error identifier replacement params for resource string formatting

path that was not found error identifier ErrorRecord instance

Create an error record for 'operation not supported' condition

resource string error identifier replacement params for resource string formatting

Create an error record for 'operation not supported' condition

exception to include in ErrorRecord error identifier

convert the specifed provider path to a provider path and make sure that all of the following is true: -- it represents a FileSystem path -- it points to a file -- the file exists

cmdlet instance provider path filesystem path if all conditions are true, null otherwise

MshSecurityMshSnapin (or MshSecurityMshSnapinInstaller) is a class for facilitating registry of necessary information for monad security mshsnapin. This class will be built with monad security dll

Create an instance of this class.

Get name of this mshsnapin.

Get the default vendor string for this mshsnapin.

Get resource information for vendor. This is a string of format: resourceBaseName,resourceName.

Get the default description string for this mshsnapin.

Get resource information for description. This is a string of format: resourceBaseName,resourceName.

A strongly-typed resource class, for looking up localized strings, etc.

Returns the cached ResourceManager instance used by this class.

Overrides the current thread's CurrentUICulture property for all resource lookups using this strongly typed resource class.

Looks up a localized string similar to Invoke Certificate Manager.

Looks up a localized string similar to Move certificate.

Looks up a localized string similar to Remove certificate.

Looks up a localized string similar to Remove certificate and its private key..

Looks up a localized string similar to You cannot create an item other than certificate store. .

Looks up a localized string similar to Creating certificate stores under CurrentUser is not supported. .

Looks up a localized string similar to Deleting certificate stores under CurrentUser is not supported. .

Looks up a localized string similar to You cannot move a certificate container. .

Looks up a localized string similar to You cannot move a certificate from user store to or from machine. .

Looks up a localized string similar to You cannot move a certificate to the same store. .

Looks up a localized string similar to You cannot remove a certificate container. .

Looks up a localized string similar to Cannot find the X509 certificate at path {0}..

Looks up a localized string similar to Cannot find the certificate store because the specified X509 store location {0} is not valid..

Looks up a localized string similar to Cannot find the X509 certificate store at path {0}..

Looks up a localized string similar to X509 Certificate Provider.

Looks up a localized string similar to The destination is not a valid store. .

Looks up a localized string similar to Cannot process the path because path {0} is not a valid certificate provider path..

Looks up a localized string similar to Item: {0} Destination: {1} .

Looks up a localized string similar to {0} is not supported in the current operating system. .

Looks up a localized string similar to . The following error may be a result of user credentials required on the remote machine. See Enable-WSManCredSSP Cmdlet help on how to enable and use CredSSP for delegation with Windows PowerShell remoting. .

Looks up a localized string similar to Item: {0} .

Looks up a localized string similar to The store {0} is a built-in system store and cannot be deleted..

Looks up a localized string similar to The operation is on user root store and UI is not allowed. .

Looks up a localized string similar to Private key skipped. The certificate has no private key association. .

A strongly-typed resource class, for looking up localized strings, etc.

Returns the cached ResourceManager instance used by this class.

Overrides the current thread's CurrentUICulture property for all resource lookups using this strongly typed resource class.

Looks up a localized string similar to The following file could not be found: {0}..

Looks up a localized string similar to Enter password: .

Looks up a localized string similar to Command cannot find any of the specified files..

A strongly-typed resource class, for looking up localized strings, etc.

Returns the cached ResourceManager instance used by this class.

Overrides the current thread's CurrentUICulture property for all resource lookups using this strongly typed resource class.

Looks up a localized string similar to Cannot set execution policy. Execution policies at the MachinePolicy or UserPolicy scopes must be set through Group Policy..

Looks up a localized string similar to Windows PowerShell updated your execution policy successfully, but the setting is overridden by a policy defined at a more specific scope. Due to the override, your shell will retain its current effective execution policy of {0}. Type "Get-ExecutionPolicy -List" to view your execution policy settings. For more information please see "Get-Help Set-ExecutionPolicy"..

Looks up a localized string similar to Contact your system administrator..

Looks up a localized string similar to Cannot get execution policy. Specify only the List or Scope parameters..

Looks up a localized string similar to Execution Policy Change.

Looks up a localized string similar to The execution policy helps protect you from scripts that you do not trust. Changing the execution policy might expose you to the security risks described in the about_Execution_Policies help topic at http://go.microsoft.com/fwlink/?LinkID=135170. Do you want to change the execution policy?.

A strongly-typed resource class, for looking up localized strings, etc.

Returns the cached ResourceManager instance used by this class.

Overrides the current thread's CurrentUICulture property for all resource lookups using this strongly typed resource class.

Looks up a localized string similar to Cannot run software. Permission is denied..

Looks up a localized string similar to The specified command ({0}) is not in any of the directories in the PATH defined by your system administrator. You can only run commands from these directories: {1}..

A strongly-typed resource class, for looking up localized strings, etc.

Returns the cached ResourceManager instance used by this class.

Overrides the current thread's CurrentUICulture property for all resource lookups using this strongly typed resource class.

Looks up a localized string similar to The system cannot protect plain text input. To suppress this warning and convert the plain text to a SecureString, reissue the command specifying the Force parameter. For more information ,type: get-help ConvertTo-SecureString..

Looks up a localized string similar to Enter secret: .

A strongly-typed resource class, for looking up localized strings, etc.

Returns the cached ResourceManager instance used by this class.

Overrides the current thread's CurrentUICulture property for all resource lookups using this strongly typed resource class.

Looks up a localized string similar to The Get-AuthenticodeSignature cmdlet does not support directories. Supply a path to a file and retry..

Looks up a localized string similar to Cannot sign code. The specified certificate is not suitable for code signing..

Looks up a localized string similar to File {0} was not found..

Looks up a localized string similar to Cannot sign code. The TimeStamp server URL must be fully qualified in the form of http://<server url>.

A strongly-typed resource class, for looking up localized strings, etc.

Returns the cached ResourceManager instance used by this class.

Overrides the current thread's CurrentUICulture property for all resource lookups using this strongly typed resource class.

Looks up a localized string similar to Cannot digitally sign file because file {0} is smaller than 4 bytes in size. Files must be at least 4 bytes in order to be digitally signed..

Looks up a localized string similar to Could not create an empty SACL..

Looks up a localized string similar to Cannot get the ACL because the necessary method, GetSecurityDescriptor, does not exist..

Looks up a localized string similar to Could not create a SACL with the specified central access policy..

Looks up a localized string similar to Could not enable SeSecurityPrivilege..

Looks up a localized string similar to Central Access Policy identifier or name is not valid. If specifying an identifier, it must begin with S-1-17. If specifying a name, the policy must be applied on the target machine..

Looks up a localized string similar to ClearCentralAccessPolicy and CentralAccessPolicy parameters cannot be used at the same time..

Looks up a localized string similar to Could not perform operation because an exception was thrown during method invoke..

Looks up a localized string similar to Cannot perform the operation because it is not supported on the object found in path {0}..

Looks up a localized string similar to Windows PowerShell credential request..

Looks up a localized string similar to Could not set central access policy..

Looks up a localized string similar to Cannot set the ACL because the method that it needs to invoke, SetSecurityDescriptor, does not exist..

A strongly-typed resource class, for looking up localized strings, etc.

Returns the cached ResourceManager instance used by this class.

Overrides the current thread's CurrentUICulture property for all resource lookups using this strongly typed resource class.

Looks up a localized string similar to This Windows PowerShell Snap-In contains cmdlets to manage Windows PowerShell security..

Looks up a localized string similar to Security Windows PowerShell Snap-In..

Looks up a localized string similar to Microsoft Corporation.