Carbon 1.8 is out and is backwards compatible with 1.0 through 1.7. It supports PowerShell 2 and 3. Highlights include:

• Carbon now uses Write-Verbose instead of Write-Host.
• New functions:
  • Get-ProgramInstallInfo (gets installed programs)
  • New-RsaKeyPair (generates RSA public/private key pair)
  • Revoke-Permission (revokes permissions)
  • Get-ServiceConfiguration (gets extended service information: username, failure actions, etc.)
  • Compress-Item (create ZIP file)
  • Test-ZipFile (tests if a file is a ZIP file)
  • Expand-Item (decompresses ZIP file)
• Get-Permission, Grant-Permission, and Test-Permission now supports certificate private keys/key containers.
• Get-FirewallRule now returns additional rule information: interface type, security, source, description, program, and service.
• Lots of improved error handling.
• Some bug fixes.

Get the bits at BitBucket.

Enhancements

General

• The following functions now write messages with Write-Verbose instead of Write-Host. See Write-Host Considered Harmful.
  • Add-GroupMember
  • Clear-TrustedHost
  • Convert-XmlFile
  • Disable-FirewallStatefulFtp
  • Disable-IEEnhancedSecurityConfiguration
  • Disable-IisSecurityAuthentication
  • Disable-NtfsCompression
  • Enable-FirewallStatefulFtp
  • Enable-IEActivationPermission
  • Enable-IisSecurityAuthentication
  • Enable-NtfsCompression
  • Grant-ComPermission
  • Grant-MsmqMessageQueuePermission
  • Grant-Permission
  • Grant-ServiceControlPermission
  • Install-Group
  • Install-IisApplication
  • Install-MsmqMessageQueue
  • Install-PerformanceCounter
  • Install-RegistryKey
  • Install-Service
  • Install-User
  • Install-WindowsFeature
  • Invoke-WindowsInstaller
  • Lock-IisConfigurationSection
  • New-Junction
  • Protect-Acl
  • Remove-IniEntry
  • Remove-Junction
  • Remove-SslCertificateBinding
  • Reset-HostsFile
  • Reset-MsmqQueueManagerID
  • Revoke-ComPermission
  • Revoke-ServicePermission
  • Set-IisHttpHeader
  • Set-IisMimeMap
  • Set-IisWebsiteID
  • Set-IisWindowsAuthentication
  • Set-IniEntry
  • Set-RegistryKeyValue
  • Set-SslCertificateBinding
  • Uninstall-IisAppPool
  • Uninstall-WindowsFeature
  • Unlock-IisConfigurationSection
• The following internal functions (which we warned you not to use!) are no longer exported:
  • Add-IisServerManagerMember
  • Get-IdentityPrincipalContext
  • Invoke-ConsoleCommand
  • ConvertTo-ProviderAccessControlRights
  • Assert-WindowsFeatureFunctionsSupported
  • Resolve-WindowsFeatureName

Certificates

• Improving error handling when Get-Certificate fails to load a certificate from a file.
• Install-Certificate now supports installing with an X509Certificate2 object instead of just a path to a certificate.
• Remove-SslCertificateBinding: improved error handling.
• Set-SslCertificateBinding: improved error handling.
• Improved documentation for Get-Certificate.
• Added extended script property StoreName to X509Store objects to return the store’s System.Security.Cryptography.X509Certificates.StoreName value.
• Added a table view/format for X509Store objects. PowerShell’s default view is a list, so you’ll have to explicitly format the objects as a table, e.g. dir cert:\LocalMachine | Format-Table.
• Get-Certificate’s Path parameter now supports wildcards and certificate provider paths, e.g. cert:\.
• Get-Certificate now writes an error if a certificate isn’t found when getting a certificate by its path.

Computer

• Created Get-ProgramInstallInfo function to get the information displayed by the Programs and Features UI.

Cryptography

• Protect-String can now encrypt strings as a specific user. Use the Credential parameter.
• Created New-RsaKeyPair for creating public/private RSA key pair using makecert.exe and pkv2pfx.exe. Requires that you’ve installed a Windows SDK.
• Protect-String can now encrypt strings using an RSA public key.
• Unprotect-String can now decrypt strings using an RSA private key.

File System

• Disable-NtfsCompression: improved error handling.
• Enable-NtfsCompression: improved error handling.
• Created Compress-Item function for compressing files/directories into a ZIP file.
• Created Test-ZipFile function for testing if a file is a ZIP file.
• Created Expand-Item function for decompressing a ZIP file.
• New-TempDirectory now supports adding a prefix to the temporary directory’s name, so you can more easily track down those scripts/processes that don’t clean up after themselves.

Firewall

• Disable-FirewallStatefulFtp: improved error handling.
• Added Name and LiteralName parameters to Get-FirewallRule to return specific rules instead of all of them.
• Get-FirewallRule, now returns Carbon.Firewall.Rule objects, instead of anonymous hashes.
• Added default table format for Get-FirewallRule output.
• Get-FirewallRule now returns additional rule information: interface type, security, source, description, program, and service. Who knew netsh advfirewall firewall rule show had a verbose switch? RTFM.

INI

• Remove-IniEntry now handles case-sensitive INI files.
• Set-IniEntry now handles case-sensitive INI files.
• Split-Ini now handles case-sensitive INI files.

MSI

• Invoke-WindowsInstaller: improved error message if installation fails.

Security

• Creating Revoke-Permission function for revoking a user’s permission to a file, directory, registry key, or certificate’s private key/key container.
• Creating ConvertTo-ContainerInheritanceFlags function for converting System.Security.AccessControl.InheritanceFlags and System.Security.AccessControl.PropagationFlag values into a Carbon.Security.ContainerInheritanceFlags value.
• Get-Permission now supports returning the permissions on private keys/key containers.
• Grant-Permission now supports granting permissions on private keys//key containers.
• Test-Permission now supports testing permissions on certificate private keys/key containers.

Services

• Created Get-ServiceConfiguration function for loading a service’s configuration: description, account name/username, failure actions, etc.
• Added the following extended type data to System.ServiceController.Service:
  • Description
  • ErrorControl
  • FailureProgram
  • FirstFailure
  • LoadOrderGroup
  • Path
  • RebootDelay
  • RebootDelayMinutes
  • RebootMessage
  • ResetPeriod
  • ResetPeriodDays
  • RestartDelay
  • RestartDelayMinutes
  • SecondFailure
  • StartMode
  • StartType
  • TagID
  • ThirdFailure
  • UserName

Bug Fixes

General

• Importing Carbon gives an error if PATH environment variable contains an empty path.
• Improved the error handling in the following functions so they properly catch exceptions and write friendlier errors:
  • Get-Certificate
  • Grant-Privilege
  • Revoke-Privilege

Certificates

• Get-Certificate couldn’t open CA/CertificateAuthority store (fixes issue #130).
• Extended script property DisplayName on X509Store objects returning wrong store name for custom stores, now returns an empty string.

File System

• Disable-NtfsCompression now really supports multiple paths.
• Enable-NtfsCompression now really supports multiple paths.

Path

• Resolve-PathCase didn’t work under Windows 2012 R2.

Users and Groups

• The Carbon.Identity.FindByName method and the Resolve-IdentityName and Test-Identity functions now handle identity names with . for the domain/machine name, e.g. .\Administrator.
• The Carbon.Identity.FullName property returns the wrong value when domain is empty/null, e.g. Resolve-IdentityName -Name 'Everyone' returns \Everyone, when it should return Everyone.
• The Carbon.Identity.FindByName method and the Resolve-IdentityName and Test-Identity functions unable to resolve LocalSystem account (which is actually NT AUTHORITY\SYSTEM).