Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Since every environment is different, all code should not be run in a production environment without your team or organization thoroughly testing first. We recommend the use of a test lab environment often referred to as a development/staging instance of Sitecore.
The disclaimer is provided because someone somewhere will inevitably not follow this recommendation and if they do hose their Sitecore environment, they have no one to blame but themselves.
All data and information provided in this book are for informational purposes only. Adam Najmanowicz, Michael West, and the SPE Team make no representations as to accuracy, completeness, currentness, suitability, or validity of any information in this book and will not be liable for any errors, omissions, or delays in this information or any losses, injuries, or damages arising from its display or use. All information found in this book is provided "as is" with no express or implied warranties.
The Sitecore task scheduler is capable of running PowerShell scripts when using the task command PowerShellScriptCommand. The Task Management module includes a few shortcuts to managing tasks.
The module provides the ability to create, edit, and run scheduled tasks.
The Sitecore PowerShell Extensions (SPE) module is a Sitecore development accelerator that can drastically increase your productivity and curtail the amount of time it takes to deliver a Sitecore solution.
The module provides a command line (CLI) and a scripting environment (ISE) for automating tasks. SPE works with the Sitecore process, capable of making native calls to the Sitecore API and manipulating files. Running commands and writing scripts follow the standard and well-known Windows PowerShell syntax. Windows PowerShell is a common tool used in IT for desktop and server management, so we decided to stick with that as a framework to build upon.
Support for Sitecore 7 has discontinued with SPE 5.0. Check the for version compatibility.
|
|
The following are some helpful modules distributed with SPE.
Core
Platform
PowerShell Background Session Manager
There is nothing you can not do with PowerShell Console, because you're inside the Sitecore application. You can call the Sitecore API. - - Sitecore Symposium 2012
Recommended by to use as a tool for .
Get a job done with a one liner! Just provisioned a new language for the whole content tree with a one-liner. Whaaaat? Have to include it as a default install for all sandboxes now. - 's comment on Marketplace
Thank you for the GitBook. Invaluable Reference. - 's
The Sitecore powershell tools are absurdly good and helpful. I know they make a lot of people nervous, but they are incredibly well managed. Everybody should learn to sling some shell in Sitecore, you'll never look back. -
I literally couldn't work without SPE - I can't remember the last implementation I did that didn't have it installed lol @michaellwest & @adamnaj better not ever retire it 😄 -
See the section for some common fixes.
Questions, comments, and feature requests should be submitted on . You may also check out the for more interactive support. Not on Slack yet? Contact us on Twitter and we'll send you an invite.
Disclaimer: With great power comes great responsibility – this tool can do a lot of good but also bring harm to a lot of content in a very short time – backup your system before running a script that modifies your content and never run any untested scripts in a production environment! We will not be held responsible for any use of it. Test your scripts on your development server first! Test on an exact copy of production before running scripts on production content.
There are multiple methods of accessing help documentation in SPE to provide you with information on the commands available to you.
A report is available which will show you all available SPE commands:
When executed, this report provides a paged view of the SPE commands.
To display the available help for a command in the Console, simply use the Get-Help command:
For full documentation, including examples, use the -Full parameter:
Through the Integrated Scripting Environment (ISE), SPE provides a method of acccessing help for available commands. To view the help for a command, simply highlight the command and press Ctrl + Enter.
After doing this, a dialog will appear with the relevant help information:
When writing scripts, you are able to include formatted comments that will be used to provide help text for functions. If formatted correctly, this help text will be available through the methods described above.
Example: A simple function with documentation:
Once the script containing this function has been invoked, the help text will be available:
For further information on comment-based help, refer to the .
Online help is additionaly available for all SPE commands in this documentation, with detailed explanations of commands and their parameters, along with useful examples. These can be found in the .
You can interact with the providers typically available in the standard Windows PowerShell Console. Below are some of the important providers. Run the command Get-PSProvider to see the complete list.
FileSystem - Supports interacting with files and folders.
CmsItemProvider - Supports interacting with the Sitecore content items.
The console prompt typically begins with PS master:\>. The present working directory is using the CmsItemProvider and set to the master database.
Example: Change directories between providers.
Note: Include the backslash in the path (i.e. **C:**) to get the root of the drive when interacting with the FileSystem provider; the behavior seen is different than you might expeect because of w3wp.exe. See issue #.
SPE includes several built-in interfaces for managing and executing scripts, as well as provides tools for modifying content.
Here we'll discuss the Console, ISE, and other dialogs made available through SPE.
The Functions integration allows for scripts to be discoverable through autocomplete while authoring scripts. Functions can be "disabled" by disabling the containing module.
Begin by adding a script library called "Functions" to a module. This can be created by the new module wizard.
Add a script to the "Functions" script library with a name that represents the purpose.
Use the command
Sitecore PowerShell Extensions provides an organization structure composed of modules, libraries, and scripts. Modules make up the highest level and can be grouped together by module folders.
Some benefits to using modules:
The contained within each module can be enabled or disabled globally. For this to take full affect the integration should be rebuilt in the ISE.
Organization of custom scripts is a cinch.
Thank you for taking the time to check out the latest and greatest changes for SPE. Send a tweet sharing how much you love the module on .
The following links provide a way to report issues and get the latest release.
See the Appendix for a compatibility matrix.
PS master:\> cd core:
PS core:\> cd C:
PS C:\windows\system32\inetsrv> Set-Location -Path master:
PS master:\>Get-Help Get-RenderingGet-Help Get-Rendering -Full<#
.SYNOPSIS
A short synopsis of this function.
.DESCRIPTION
A much more detailed description of this function, which outputs a value.
.PARAMETER Value
The value that will be output
.EXAMPLE
PS> Output-Value "My value"
My value
#>
Function Output-String
{
param(
[string]$value
)
Write-Host $value
} Get-Help Output-StringX-UnitTests - examples at how to use Pester to test your scripts
Extensions
Authorable Reports - reports based on the Sitecore Rules Engine.
Index Viewer - similar to the Luke tool
Maintenance
Index On Demand
Media Library Maintenance
System Maintenance
Task Management
Reporting
Content Reports - variety of reports to help audit the Sitecore solution.
Samples
Automatically show quick info section
Enforce user password expiration
Example Event Handlers
Getting Started - includes the Kitchen Sink Demo for Read-Variable.
License Expiration
Random desktop background
Training Modules
Unlock user items on logout
Tools
Authoring Instrumentation
Copy Renderings
Data Management
Bulk Data Generator - useful for items and users
Bulk Item Restorer - restore items from recycle bin
Bulk Template Changer - can't think of a better description than this
Data Importer - create or update items from a Csv
Elevated Unlock - provides options to unlock items using delegated administration
Package Generator - a simple method to package up items
Publishing Status Gutter
Security Management
Logged in Session Manager
Transfer item security
Training
Import-FunctionNote: It's best practice to create function scripts that follow the Verb-Noun pattern as outlined by Microsoft.
Here's a short video on authoring custom functions.
More reasons can be found in Adam's post.
The Platform module is one you should avoid changing.
Getting started with your own module is a short process and something you should do for all of your custom scripts.
Navigate to the Script Library item and Insert -> PowerShell Script Module.
Enter the name for the new module and click OK.
Right click the new module and Scripts -> Create libraries for integration points.
Select the appropriate integration points for your module.
Select the module and enable for use.
Open the ISE, switch to the Settings tab, and rebuild integrations.
The Console, ISE, and Result dialog all provide a way a way to view output data. The $host variable provides access to configuring the colors for this output data.
Example: The following configures colors for the background and forground text in multiple streams.
$Host.UI.RawUI.BackgroundColor = ($bckgrnd = 'DarkRed')
$Host.UI.RawUI.ForegroundColor = 'Cyan'
$Host.PrivateData.WarningForegroundColor = 'Magenta'
$Host.PrivateData.WarningBackgroundColor = "Green"
$Host.PrivateData.VerboseForegroundColor = 'Green'
$Host.PrivateData.VerboseBackgroundColor = "Red"
Write-Host " Write-Host "
Write-Verbose " Write-Verbose " -Verbose
Write-Warning " Write-Warning "
Show-Result -Text -Width 500 -Height 300Returns the current user's browser user agent.
Returns current user's browser user agent. Works only if Console is running outside of job. (e.g. in ISE - script needs to be run from the dropdown under the "Execute" button)
© 2010-2019 Adam Najmanowicz, Michael West. All rights reserved. Sitecore PowerShell Extensions
The output type is the type of the objects that the cmdlet emits.
System.String
Help Author: Adam Najmanowicz, Michael West
Custom ribbon commands for use in the ISE.
You can include custom ribbon commands in the ISE to aid in improving the script authoring experience.
For this example, we wish to have a plugin that analyzes the script and reports on any errors.
Create a new script stored under the following structure:
Use the following sample to fill in the script body.
Now you can run the command from the ribbon and see the results in the ISE.
Use the following in your scripts to get access to the arguments passed to the processor.
$pipelineArgs = Get-Variable -Name pipelineArgs -ValueOnlyConfigure any Enable rules to ensure your script only runs when necessary.
Note: Examples included in the following modules
Enforce user password expiration
Note: Examples included in the following modules
Automatically show quick info section
Note: Examples included in the following modules
Unlock user items on logout
The Notification integration reveals to the user a notification above the content. The Sitecore rules engine may be used to control the enabled state; simply configure the Enable rule on the script. The script is executed every time the page loads.
Example: The following adds an information notification to the page for Sitecore 8 and a warning for Sitecore 7.
Note: Examples included in the following modules
The Web API integration point exposes scripts through a url. This can be especially helpful when a script needs to be executed on the server but without knowledge of the script contents.
The url will look something like the following:
Here's the url broken down:
API Version - Specifies which service is being requested.
Scripted Data Sources provide a way to use a PowerShell script to perform complex queries.
Here are some good reasons to use this feature:
Delivering complex functionality based on multiple criteria.
Your field may need to provide different set of items to choose from based on:
The Event Handler integration provides a way to execute scripts when defined events are fired.
Steps required to activate this integration include the following:
Enable the Spe.Events.config or apply your own patch with the required events enabled.
Add a new integration point library to your new or existing module.
The Workflows integration allows for scripts to run like workflow commands. Rules can be used to control visiblity and enablement. The script is only executed when the command is triggered.
Begin by adding a new item to a workflow command of template type /Modules/PowerShell Console/PowerShell Script Workflow Action. We've added an insert option to help with this.
Edit the Type string field to your custom type or to the built in type Spe.Integrations.Workflows.ScriptAction, Spe.
Find and Replace - use Content Search to change text
$pipelineArgs.Username
$pipelineArgs.Password
$pipelineArgs.Success
$pipelineArgs.StartUrl$pipelineArgs.Username
$pipelineArgs.StartUrlRequired?
true
Position?
1
Default Value
Accept Pipeline Input?
true (ByValue)
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
v2Database - Specifies which database contains the script.
master - This database requires the credentials to be provided.
Script - Specifies the name of the script contained in the database. The SPE module containing the script needs to be enabled otherwise you'll receive a 404 error.
homeanddescendants - Replace this name with whatever your script is called in the Web API library.
Query String Parameters (deprecated) - Specifies the additional bits of data for use by the web service.
user and password - Authenticates the request and in most cases will be needed. If the script is published to the web database the credentials are not required. You should use the Basic header instead of the query string.
All of the query string parameters added to the variable scriptArguments. Use this PowerShell hashtable inside of your scripts. Check out the function Invoke-ApiScript for an example of how these parameters can be put to good use.
Headers:
Use the Basic header to provide authentication information. Here is an example of how to build that for a script.
Note: Examples included in the following modules
Getting Started
The integration point is disabled by default and can be enabled through configuration as described here. See Restfulv2. Be sure to enable the SPE script module in the content tree.
Watch Adam present this and much more on Sitecore! Experienced here.
The Get-Cache command retrieves a Sitecore cache.
© 2010-2019 Adam Najmanowicz, Michael West. All rights reserved. Sitecore PowerShell Extensions
Name of the cache to retrieve. Supports wildcards.
Required?
false
Position?
1
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
The output type is the type of the objects that the cmdlet emits.
Sitecore.Caching.Cache
Help Author: Adam Najmanowicz, Michael West
Edit the Script body with the appropriate script. I like to save my workflow scripts in a library called Workflows.
Configure the Enable rules on the workflow action item to specify when to execute. Leave the rule alone if you wish for it to execute any time the command is activated.
Edit the script in your Workflows library to perform the appropriate actions. The script can run in the background and show dialogs.
Change the icon of the workflow action item to match the script purpose.
Celebrate your success with the team!
Example: The following requests input from the user then writes to the workflow history.
See how Adam integrated workflow actions if you are really curious to know more.
Ensures the runner process window is closed after the script finishes execution. This is commonly used when the runner should close after a report runs while in the Desktop mode.
© 2010-2019 Adam Najmanowicz, Michael West. All rights reserved. Sitecore PowerShell Extensions
Help Author: Adam Najmanowicz, Michael West
PS master:\> Get-UserAgent
Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36PS master:\> Restart-ApplicationInvoke-JavaScript [-Script] <String> [-OnScriptEnd <SwitchParameter>] [<CommonParameters>]$username = "admin"
$password = "b"
$pair = "$($username):$($password)"
$encodedCreds = [System.Convert]::ToBase64String([System.Text.Encoding]::ASCII.GetBytes($pair))
$basicAuthValue = "Basic $encodedCreds"
$headers = @{
Authorization = $basicAuthValue
}
Invoke-RestMethod -Headers $headers -Uri "https://spe.dev.local/-/script/v2/master/TrainingWebApi?offset=3&limit=2&fields=(Name,ItemPath,Id)"PS master:\> Get-Cache -Name master*
Name Enabled Count Size Max Size Default Scavengable
Priority
---- ------- ----- ---- -------- -------- -----------
master[blobIDs] True 0 0 512000 Normal False
master[blobIDs] True 0 0 512000 Normal False
master[blobIDs] True 0 0 512000 Normal False
master[itempaths] True 292 108228 10485760 Normal False
master[standardValues] True 57 38610 512000 Normal False
master[paths] True 108 13608 512000 Normal False
master[items] True 1010 5080300 10485760 Normal False
master[data] True 3427 7420654 20971520 Normal False$item = $SitecoreContextItem
$comment = Show-Input -Prompt "Enter a comment:"
if($comment) {
New-ItemWorkflowEvent -Item $item -Text $comment
}
Close-WindowPS master:\> Close-WindowTo help make the setup simple, we've provided a Task Command.
The command shown above is simply a type exposed as a public method in the Spe assembly. There exists an update method which accepts one or more items and executes the associated script.
Beneath Schedules you can create as many tasks as Sitecore will allow. Configure the Command and Items fields like that shown below.
The Items field contains the path to a script in the Script Library.
Below are some of the scripts found out-of-the-box with SPE.
System Maintenance
Archive Sitecore logs, Clean up deleted items older than 30 days
User Session Management
Remove idle user sessions
We've added a context menu item to provide you with a shortcut to the Task Scheduler Editor.
Create a new scheduled task:
Run or edit the scheduled task:
The scheduled task is capable of running 1-to-many scripts. Choose all that apply for the selected task. Each script runs within a shared session, making it possible to share results between scripts.
Note: Make use of the Enable Rule to take advantage of the rules engine.
The task schedule has an intuitive dialog for working with and changing the frequency.
Note: Examples included are in the following modules
License Expiration
Media Library Maintenance
System Maintenance
See how Adam added powershell driven Sitecore scheduled tasks.
License Expiration
The Experience Button integration adds a button to the Page Editor. Rules can be used to control visiblity and enablement. The script is only executed when the button is clicked.
Begin by adding a new script to the Experience Button library. The name of the script will appear in the tooltip.
Edit the script to perform the appropriate actions. The script can run in the background and show dialogs.
Change the icon of the item to match the script purpose.
Configure any Enable or Show rules as needed.
Example: The following adds a command which will display a dialog asking a question, then send an email with the response.
current day or month?
In a multisite/multimarket scenario you may want to show different items for each site
based on engagement analytics parameters of the page
based on where in the tree an item exist (some of it can be done with use of a “query:”)
anything you might want to build the code data source for…
Something that would be beyond the reach of a regular Sitecore query and potentially something that you would really need to deliver code source for. But maybe you’re not in a position to deploy that on your environment?
Field Data Source provides a great opportunity for a script.
Below are field types you may wish to use a script:
Checklist
Droplist
Grouped Droplink
Grouped Droplist
Multilist
Name Lookup Value List
Droplink
Begin by adding a new script library called Data Sources followed by adding a script. You can call it something like Get-GlobalOption.
Add the path to your script in the Source field on the data template. The source should be prefixed with script: followed by the path.
Enjoy the results.
//TODO
//TODO
Sitecore Spark article on using scripted datasources
Configure an Enable Rule if needed.
Profit!
While SPE comes with an example configuration, which is disabled by default, it contains several events that may not meet your requirements.
An event configuration patch may look like the following:
To mimic the event item:added you should create nested script libraries such as Event Handlers -> Item -> Added followed by a script.
<configuration xmlns:patch="https://www.sitecore.net/xmlconfig/">
<sitecore>
<events>
<event name="item:added">
<handler type="Spe.Integrations.Tasks.ScriptedItemEventHandler, Spe" method="OnEvent" />
</event>
</events>
</sitecore>
</configuration>if([string]::IsNullOrWhiteSpace($scriptText)){
Show-Alert "Script is empty - nothing to format."
exit
}
Import-Module -Name PSScriptAnalyzer
Invoke-ScriptAnalyzer -ScriptDefinition $scriptText
Examples for managing item templates.
# Sample Item
$sourceTemplate = Get-Item -Path "master:\{76036F5E-CBCE-46D1-AF0A-4143F9B557AA}"
# Sample Content
$targetTemplate = Get-Item -Path "master:\{93A8866B-972F-4FBF-8FD9-D6004B18C0AF}"
# Use Get-ItemReferrer to find all items referencing the template, rather than scanning the content tree.
$sourceTemplate | Get-ItemReferrer |
Where-Object { $PSItem.TemplateId -eq $sourceTemplate.ID -and $PSItem.Paths.IsContentItem } |
ForEach-Object {
Set-ItemTemplate -Item $PSItem -TemplateItem $targetTemplate
}The following examples are best kept on SSE since it provides more context about the problem being solved.
Find all items based on a template found anywhere in the inheritance chain.
Examples for managing item referrers maintained by the Link Database.
Example: The following changes the image linked on an item to a new image. Originally posted here.
$item = Get-Item -Path "master:\media library\images\koala"
$itemNew = Get-Item -Path "master:\media library\images\penguins"
$links = Get-ItemReferrer -Item $item -ItemLink
foreach($link in $links) {
$linkedItem = Get-Item -Path master:\ -ID $link.SourceItemID
$itemField = $linkedItem.Fields[$link.SourceFieldID]
$field = [Sitecore.Data.Fields.FieldTypeManager]::GetField($itemField)
$linkedItem.Editing.BeginEdit()
$field.Relink($link, $itemNew)
$linkedItem.Editing.EndEdit() | Out-Null
}Example: The following removes an item link followed by removing the item. Originally posted .
The Integrated Scripting Environment (ISE) is a great way to group together commands and save for later use. This tool helps you write scripts in Powerful Ways!
The default security configuration for SPE requires the ISE to be in an before executing scripts. The following figure shows the ISE when the User Account Controls (UAC) are disabled. While this is a common configuration for developers, we highly encourage you to ensure UAC is enabled in higher environments.
Let's have a quick walk through of each ribbon tab available.
$title = "Thank you for using SPE!"
$text = "Today is $([datetime]::Now.ToLongDateString())"
$icon = @{$true="Office/32x32/information.png";$false="Applications/16x16/warning.png"}[$SitecoreVersion.Major -gt 7]
$notification = New-Object -TypeName Sitecore.Pipelines.GetPageEditorNotifications.PageEditorNotification -ArgumentList $text, "Info"
$notification.Icon = $icon
$pipelineArgs.Notifications.Add($notification)$item = Get-Item -Path .
$response = Show-Input -Prompt "What's the message for $($item.Name)?"
if($response) {
$mailSettings = @{
To = @("Michael West < [email protected] >")
From = "Console < [email protected] >"
BodyAsHtml = $true
SmtpServer = "localhost"
}
$subject = "Message sent regarding item $($item.Name) from $($SitecoreAuthority)"
$response += "<br/>$($item.ItemPath)"
Send-MailMessage @mailSettings -Subject $subject -Body $response
}
Close-Window
# Crafted by Dylan
function Remove-ItemLink {
param([Item]$item)
$linkDb = [Sitecore.Globals]::LinkDatabase
$links = Get-ItemReferrer -Item $item -ItemLink
foreach($link in $links) {
$linkedItem = Get-Item -Path master:\ -ID $link.SourceItemID
$itemField = $linkedItem.Fields[$link.SourceFieldID]
$field = [Sitecore.Data.Fields.FieldTypeManager]::GetField($itemField)
$linkedItem.Editing.BeginEdit()
$field.RemoveLink($link)
$linkedItem.Editing.EndEdit()
}
}
# Example usage: delete items along with their references that have passed a certain date defined by a 'date' field
$today = Get-Date
$todayIsoDate = [Sitecore.DateUtil]::ToIsoDate($today)
$query = "/sitecore/system/Modules/Mysite/Service Schedules/*[@date < '$($todayIsoDate)']"
$itemsToDelete = Get-Item -Path master: -Query $query
foreach($item in $itemsToDelete) {
Write-Host "Cleaning up $($itemsToDelete.Paths.Path)"
Remove-ItemLink -Item $item
Remove-Item -Path $item.Paths.Path
}Example: The following adds a Post Step and custom attributes. Assumes that the custom library exists in the deployed solution and the script is already available in the library.
Example: The following adds a Post Step included with SPE to delete a file. The SPE Post Step code reads xml data stored in the comment section of the package.
Example: The following adds a Post Step Script included with SPE to change icons.
$package = New-Package "Package-of-Stuff"
$package.Sources.Clear()
$package.Metadata.Author = "Michael West"
$package.Metadata.Publisher = "Team Awesome"
$package.Metadata.Version = "1.0"
$package.Metadata.Readme = @"
Set of instructions for the user.
"@
# Items using New-ItemSource and New-ExplicitItemSource
$source = Get-Item -Path "master:\templates\Feature\Forms" |
New-ItemSource -Name 'Feature Forms Items' -InstallMode Overwrite
$package.Sources.Add($source)
# Files using New-FileSource and New-ExplicitFileSource
$source = Get-Item -Path "$AppPath\App_Config\Include\Feature\Forms\Company.Feature.Forms.config" |
New-ExplicitFileSource -Name "Feature Forms Files"
$package.Sources.Add($source)
Export-Package -Project $package -Path "$($package.Name)-$($package.Metadata.Version).xml"
Export-Package -Project $package -Path "$($package.Name)-$($package.Metadata.Version).zip" -Zip
Download-File "$SitecorePackageFolder\$($package.Name)-$($package.Metadata.Version).zip"The Get-Archive command returns Sitecore archives in context of the specified database.
© 2010-2019 Adam Najmanowicz, Michael West. All rights reserved. Sitecore PowerShell Extensions
Name of the archive to retrieve.
Required?
false
Position?
1
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Database for which the archives should be retrieved.
Required?
false
Position?
2
Default Value
Accept Pipeline Input?
true (ByValue)
Accept Wildcard Characters?
false
The input type is the type of the objects that you can pipe to the cmdlet.
Sitecore.Data.Database
The output type is the type of the objects that the cmdlet emits.
Sitecore.Data.Archiving.Archive
Help Author: Adam Najmanowicz, Michael West
There is an additional configuration file added to support Identity Server. If you are installing Sitecore 9.1 or later you will want to enable the configuration file Spe.IdentityServer.config.
Some users have reported an issue where the package installation in Sitecore hangs while installing SPE. One possible fix is to disable the Sitecore Analytics feature; this of course assumes you do not plan on using it for your instance.
Article: Martin Miles encountered the issue and proposed a fix here.
Hack: Run this script on Sitecore 8.0.
378 - Missing Home item (fixed in 3.2)
Be sure the module is enabled and the integrations are rebuilt from within the ISE. The following are some of the integration issues you may experience:
Content Editor Gutter - Entries not listed.
Content Editor Ribbon - Buttons not visible or working.
Control Panel - Entries not listed.
Functions - Import-Function name parameter not populating with functions or can't be found after running the command.
Web API - Scripts not existing or can't be found.
404 error in browser console can be caused by missing SPE files, a custom pipeline, or perhaps a rewrite rule.
"The request failed with an empty response." could be caused when TLS is offloaded to a load balancer and traffic to the endpoint is no longer over HTTPS. Fixed by issue #1005.
"The underlying connection was closed: An unexpected error occurred on a send." could be caused in Azure PaaS when requests are made using TLS 1.1 or lower. Setting the SecurityProtocol may help. Thanks to Jayesh Sheth for pointing to a resolution.
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
The ConvertTo-CliXml command exports Microsoft .NET Framework objects from PowerShell to a CliXml string.
© 2010-2019 Adam Najmanowicz, Michael West. All rights reserved. Sitecore PowerShell Extensions
Specifies the object to be converted. Enter a variable that contains the objects, or type a command or expression that gets the objects. You can also pipe objects to ConvertTo-CliXml.
Required?
true
Position?
1
Default Value
Accept Pipeline Input?
true (ByValue)
Accept Wildcard Characters?
false
The input type is the type of the objects that you can pipe to the cmdlet.
object
The output type is the type of the objects that the cmdlet emits.
System.String
Help Author: Adam Najmanowicz, Michael West
ConvertFrom-Xml
ConvertTo-Xml
Export-CliXml
Import-CliXml
# The script must return an item. This is useful for populating a Droplink.
Get-ChildItem -Path "master:" -ID "{110D559F-DEA5-42EA-9C1C-8A5DF7E70EF9}"script:/sitecore/system/Modules/PowerShell/Script Library/X-Demo/Data Sources/Get-GlobalOption$package = New-Package "Package-of-Stuff"
$package.Sources.Clear()
$package.Metadata.Author = "Michael West"
$package.Metadata.Publisher = "Team Awesome"
$package.Metadata.Version = "1.0"
$package.Metadata.Readme = @"
Set of instructions for the user.
"@
$package.Metadata.PostStep = "Some.Library.Class,Some.Library"
$package.Metadata.Attributes = "scriptId={9b9a3906-1979-11e7-8c9d-177c30471cec}|width=50|height=200"
Export-Package -Project $package -Path "$($package.Name)-$($package.Metadata.Version).xml"# The New-PackagePostStep helper function is included with SPE for your convenience.
# Optionally, you can extend the function or create a completely
# custom implementation like storing data as JSON instead of XML.
Import-Function -Name New-PackagePostStep
$package = New-Package "Package-of-Stuff"
$package.Sources.Clear()
$package.Metadata.Author = "Michael West"
$package.Metadata.Publisher = "Team Awesome"
$package.Metadata.Version = "1.0"
$package.Metadata.Readme = @"
Set of instructions for the user.
"@
# The post step will uninstall/remove these files.
$newPackageFiles = @([PSCustomObject]@{"FileName"="/bin/Company.Feature.Unused.dll"})
# PackagePostStep only uninstalls files and items.
$package.Metadata.PostStep = "Spe.Package.Install.PackagePostStep, Spe.Package"
$package.Metadata.Comment = New-PackagePostStep -PackageFiles $newPackageFiles$package = New-Package "Package-of-Stuff"
$package.Sources.Clear()
$package.Metadata.Author = "Michael West"
$package.Metadata.Publisher = "Team Awesome"
$package.Metadata.Version = "1.0"
$package.Metadata.Readme = @"
Set of instructions for the user.
"@
## ScriptPostStep executes a script referenced by the attributes field.
$package.Metadata.PostStep = "Spe.Integrations.Install.ScriptPostStep, Spe"
# Attributes include scriptId, scriptDb, height, width
$package.Metadata.Attributes = "scriptId={737CD0CC-12F7-4528-8FBD-E0FDEFC41325}"# /sitecore/system/Modules/PowerShell/Script Library/SPE/Core/Platform/Upgrade/Compatibility
# {737CD0CC-12F7-4528-8FBD-E0FDEFC41325}
Write-Log "Processing changes to ensure backwards compatibility."
$oldVersion = New-Object System.Version(10,0)
if($PSVersionTable["SitecoreVersion"] -lt $oldVersion) {
$iseButton = Get-Item -Path "core:{bfc79034-857c-4432-a5c2-2d93af784384}"
$iseButton.Editing.BeginEdit()
$iseButton.Fields["{D25B56D4-23B6-4462-BE25-B6A6D7F38E13}"].Value = "powershell/32x32/ise8.png"
$iseButton.Editing.EndEdit() > $null
$reportButton = Get-Item -Path "core:{74744022-353c-43f1-b8e4-5bc569ca9348}"
$reportButton.Editing.BeginEdit()
$reportButton.Fields["{D25B56D4-23B6-4462-BE25-B6A6D7F38E13}"].Value = "Office/32x32/chart_donut.png"
$reportButton.Editing.EndEdit() > $null
Write-Log "Changes complete."
} else {
Write-Host "No changes required."
}
Close-WindowPS master:\> Get-Archive -Database "master"
Name Items
---- -----
archive 0
recyclebin 1950$paths = @("C:\inetpub\wwwroot\Console\Website\App_Config\Include\*")
$patterns = @("Sitecore.Analytics*.config", "Sitecore.ExperienceAnalytics*.config")
$paths | Get-ChildItem -Include $patterns -Recurse | Rename-Item -NewName { $PSItem.Name + ".disabled" }PS master:\> #Convert original item to xml
PS master:\> $myCliXmlItem = Get-Item -Path master:\content\home | ConvertTo-CliXml
PS master:\> #print the CliXml
PS master:\> $myCliXmlItem
PS master:\> #print the Item converted back from CliXml
PS master:\> $myCliXmlItem | ConvertFrom-CliXmlWrite:
New - Creates a new script or module.
Open - Opens an existing script for the library.
Save - Saves the current script to the library.
Save As - Saves a copy of the current script to the library.
Reload - Opens the original copy of the current script without saving any modifications.
Script Execution:
Execute - Runs the current script as a background job or in the HttpContext.
Selection - Runs the selected text of the current script.
Debug - Runs the current script with the debugging mode enabled. A temporary file is generated on the file system to support the use of breakpoints.
Abort - Stops the execution of an executing script.
Context:
Context - Specifies the current item in the script. Helpful if you write a script dependent on a specific path, or the current directory is denoted as a . (dot) or _$pwd (_present working directory). An MRU and tree view are provided for choosing a path.
Session - Specifies the session to use when executing the script. Reused sessions live in the HttpSession. Options include the session created for the ISE instance, One-Time session, or the Persistent Session ID configured on the script.
UI Context:
Language - Specifies the context language to use when executing the script.
User - Specifies the context user to impersonate when executing the script. This can be used to emulate UserSwitcher code.
Preferences:
Settings - This is where you configure the Console and ISE font family, font size, and other useful things.
Integration:
Rebuild All - This is where you rebuild the integration points for Control Panel, Gutters, and Ribbons. Without running this you will not see those integrations appear (or disappear).
The plugins feature is a great way to add custom behaviors while in the ISE. Any plugin added can make use of the Enable or Show rules to control how it appears in the ribbon.
Platform: Custom scripts added to the ISE Plugins integration point script library will appear here.
The Open dialog provides both a search and tree view of the scripts stored in the script libraries.
Below are the shortcuts available in the ISE.
Shortcut
Usage
TAB
Indent
Ctrl
Bypass cached variable value when pressed.
Ctrl-Space
Autocomplete commands. Use the up or down direction keys to cycle through options.
Ctrl-Enter
Displays the command help window.
Ctrl-Z
Undo the previous change.
Ctrl-Alt-Shift +
Increase the font size
For more commands built into the script editor see here
The ConvertFrom-CliXml command imports a CliXml string with data that represents Microsoft .NET Framework objects and creates the objects in PowerShell.
© 2010-2019 Adam Najmanowicz, Michael West. All rights reserved. Sitecore PowerShell Extensions
String containing the Xml with serialized objects.
Required?
true
Position?
1
Default Value
Accept Pipeline Input?
true (ByValue)
Accept Wildcard Characters?
false
The input type is the type of the objects that you can pipe to the cmdlet.
System.String
The output type is the type of the objects that the cmdlet emits.
object
Help Author: Adam Najmanowicz, Michael West
ConvertTo-Xml
ConvertFrom-Xml
Export-CliXml
Import-CliXml
There are several variables available out of the box for use in running commands and scripts. Many of the variables prefixed with Sitecore derive from the Sitecore.config settings. Run the command Get-Variable to see the complete list available in the currently running session.
Variable
Example
AppPath
C:\Inetpub\wwwroot\Console\Website\
HostSettings
... FontSize : 12 FontFamily : Wingdings ...
me
sitecore\admin
Note: Any new variables created are stored within the current session; when the session ends the variables are removed. Be careful not to overwrite the built-in variables.
The Console is a command line interface (CLI) designed for efficiency, providing a streamlined tool for working with Windows PowerShell and Sitecore.
The default security configuration for SPE requires the Console to be in an Elevated Session State before allowing the execution of commands. The following figure shows the Console when the User Account Controls (UAC) are disabled. While this is a common configuration for developers, we highly encourage you to ensure UAC is enabled in higher environments.
Below are the shortcuts available in the console.
Note: The font family, font size, and other settings can be configured through the ISE.
Review prerequisites and details on how to get setup with SPE.
Take a quick look at the appendix to see which version of SPE you should be installing that is compatible with your Sitecore environment. Generally SPE has pretty good backwards compatibility but may require a new version to support the latest Sitecore CMS release.
Windows Management Framework 5.1 (PowerShell) is generally available for most Windows environments.
PowerShell set to RemoteSigned (probably optional)
Working with Docker is going to be the preferred method of installation.
You can find two flavors of the images:
Ex: docker pull sitecorepowershell/sitecore-powershell-extensions:6.4-1809
Sitecore Built
With this approach, you essentially add a new layer during your image build to include the files from the asset image. Here are some samples of what you can add to your existing setup. Check out Sitecore's samples for additional guidance.
docker-compose.yml
Dockerfile (mssql-init)
Dockerfile (cm)
The SPE module installs like any other for Sitecore. This approach is appropriate for installations not within a containerized environment.
the module from the GitHub releases page and install through the Installation Wizard.
For Sitecore 10.1 and newer along with Identity Server you should enable the provided configuration Spe.IdentityServer.config.
For Sitecore 10.1 and newer you can leverage the IAR packages. There is still the need for dacpac deployments because SPE includes a security user and role.
An additional patch is required for 10.1 to include the location /sitecore modules/items/. See .
We've tried to make upgrading SPE as seamless as possible. The following should provide you with some basic information on what to expect when upgrading.
You should be able to install directly over the previous installation of 6.0+.
For Sitecore 10.1 and newer along with Identity Server you should enable the provided configuration Spe.IdentityServer.config.
For Sitecore 10.1 and newer you can leverage the IAR packages. There is still the need for dacpac deployments because SPE includes a security user and role.
An additional patch is required for 10.1 to include the location /sitecore modules/items/. See .
These versions used a different name for the assemblies and configs. You may find it easier to delete all files originally distributed with SPE before installing a newer version. Here are a few steps to consider:
Delete all files in the bin and App_Config/Include directories prefixed with Cognifide.
Delete /sitecore modules/Shell/PowerShell
Delete /sitecore modules/PowerShell
Reference the original SPE package (if available) to identify if any other files were included.
Sitecore items in the content tree will potentially shuffle around into their new location. Be sure to backup your custom scripts first.
See the troubleshooting section
Managing users and roles is a big topic and this section won't cover everything. We aim to show you different problems that have come up and how we solved them.
Example: The following command returns the security commands available.
Managing users should be a pretty straight forward task. While the User Manager provided by Sitecore is handy, you'll likely find yourself wanting to make bulk changes. The following examples should give you a few ideas about how to manage user accounts.
Example: The following generates a batch of test users in the default domain with the out-of-the-box user profile template. The users are then queried filtering on the name.
In case you forgot to set the user profile for accounts, we have a solution for that.
Example: The following queries a user and sets the profile template. Note that changing the profile template requires the user to be authenticated.
Example: The follow queries all the user accounts for the default provider and filters those over the age of 18. The age property is custom on the Profile. Finally, export to CSV.
When using the you may need to increase the setting LDAP.SizeLimit if you wish to return all Active Directory accounts.
Using Set-User to update AD accounts may result in an "Access denied message"; this is due to the fact that the account querying user does not have write access to profile properties or the profile provider is not configured properly.
Example: The following queries roles using the specified identity.
The ACL commands provide an automated way of granting privileges to items.
Example: The following creates a new ACL and assigns to an item.
The SPE Modules support a wide variety of predefined script libraries to help with exposing scripts to the Sitecore interface.
The following list outlines the available libraries for Integration Points that may be added to modules. These may also be generated automatically when creating or updating modules.
Context Menu - Visibility can be control using rules made available from within the Interactive field section.
Gutters - Requires the library to be .
Insert Item - Visibility can be control using rules made available from within the Interactive field section.
Ribbon - Requires the library to be
- Requires the library to be .
- Not a formal integration point library, but a good place to add scripts used for Data Source Scripts. Read more about how they work and . The Source field simply references the script like script:/sitecore/system/Modules/PowerShell/Script Library/[MODULE NAME]/Data Sources/[SCRIPT NAME].
- Requires a patch file to enable the desired events. Read more about it .
- Exposes scripts to the command Import-Function.
Internal
- Appears as a button in the ISE Settings tab.
List View - Represents the ribbon buttons such as for Actions and Exports.
(Experience Editor)
Notification - Appears as a notification message beneath the ribbon in the Experience Editor.
LoggedIn
LoggingIn
Logout
- Appears as a shortcut under Sitecore -> Reporting Tools -> PowerShell Reports.
- Appears as a shortcut under Sitecore -> Toolbox. Visibility can be control using rules made available from within the Interactive field section.
- Not a formal integration point library, but a good place to add scripts used for Scheduled Tasks. SPE includes a PowerShellScriptCommand found under /sitecore/system/Tasks/Commands/PowerShellScriptCommand which is used to run scripts from within scheduled tasks.
- Exposes scripts than can be consumed through . The script can be executed by requesting a specific url.
- Not a formal integration point library, but a good place to add scripts used for Workflow Action Scripts. Read more about how they work .
Remoting - Interact with SPE through the provided web services as described . A Windows PowerShell module is made available to encapsulate the web service calls into PowerShell commands.
Some integrations need to be synced with the Core database through the ISE. See the section of the Scripting documents for instructions.
The section on working with items provided a variety of examples in retrieving items based on their language. In this section will show how to manage items and their languages.
Example: The following example queries all of the content items and adds a new language version of "en-ca", while overwriting any that exist.
Example: The following example adds a language version from English to US and Polish while leaving the Title field blank. If a version already exists nothing happens.
Example: The following example adds a language version from English to Polish of Template Name Sample Item. If the version exists a new version is created for that language. Finally the results are displayed as a table showing only the Name, Language, and Version.
Example: The following example adds a language version in Polish to the Home item and all its children. If the version exists nothing happens. No fields were harmed in the making of this version.
Example: The following example queries all of the content items and removes the language version of "fr-CA".
Example: The following example creates a new item with language versions only matching the specified languages; all other language version are removed.
Supported parameters:
-Recurse Translates item and its children
-IfExist Accepts one of 3 pretty self explanatory actions: Skip, Append or OverwriteLatest
On top of the ignored fields in the -IgnoredFields the following fields are ignored as configured within the Spe.config file:
In this section we'll show how to manage item renderings.
Example: The following demonstrates the use of Get-LayoutDevice and Get-Rendering to find all renderings on a page associated with the FinalLayout.
Example: The following demonstrates the use of Get-Rendering and Set-Rendering for updating values on templates.
Example: The following demonstrates how to report on pages referencing the specified rendering.
Example: The following demonstrates how to report on which renderings are globally set to "Cacheable".
Example: The following demonstrates how to find renderings with a conditions node set on the item.
Example: The following demonstrates how to disable global caching on all renderings.
Example: The following moves renderings from one placeholder to another. .
Example: The following removes a datasource from a rendering on the FinalLayout.
Retrieves a Sitecore Database.
Get-Database [[-Name] <String>] [-Item <Item>]
The Get-Database command retrieves one or more Sitecore Database objects based on name or item passed to it.
© 2010-2019 Adam Najmanowicz, Michael West. All rights reserved. Sitecore PowerShell Extensions
Name of the database to be returned.
Database returned will be taken from the item passed to the command.
The input type is the type of the objects that you can pipe to the cmdlet.
Sitecore.Data.Items.Item
System.String
The output type is the type of the objects that the cmdlet emits.
Sitecore.Data.Database
Help Author: Adam Najmanowicz, Michael West
Support for Sitecore 7 has discontinued with SPE 5.0.
The following guide should provide you with enough information to setup a development environment configured to contribute to SPE. We'll begin with a single installation of Sitecore 8+.
The solution requires Visual Studio 2015 or later.
This guide assumes a source root location of "C:\Source" and a site root location of "C:\inetput\wwwroot". These are not prerequisites of the project, and you can use whatever folder locations suit you.
The PowerShell Toolbox is quick way to access frequently used scripts.
Navigate to Sitecore -> PowerShell Toolbox and after selecting you should see the configured scripts:
Note: Examples included in the following modules
Authorable Reports
Logged in Session Manager
PS master:\> #Convert original item to xml
PS master:\> $myCliXmlItem = Get-Item -Path master:\content\home | ConvertTo-CliXml
PS master:\> #print the CliXml
PS master:\> $myCliXmlItem
PS master:\> #print the Item converted back from CliXml
PS master:\> $myCliXmlItem | ConvertFrom-CliXmlGet-Command -Noun Role*,User,ItemAcl* | Sort-Object -Property Noun,VerbGet-ChildItem "master:\content" -Recurse |
Add-ItemLanguage -Language "en-us" -TargetLanguage "en-ca" -IfExist OverwriteLatest$languageParameters = @{
Path = "master:\content\home"
Language = "en"
TargetLanguage = @("pl-pl","en-us")
IfExist = "Skip"
IgnoredFields = @("Title")
}
Add-ItemLanguage @languageParameters$defaultLayout = Get-LayoutDevice -Default
$rootItem = Get-Item -Path "master:" -ID "{961563FC-3445-4558-BF3A-06DF06BA6298}"
Get-Rendering -Item $rootItem -Device $defaultLayout -FinalLayoutPWD
master:\
PSScript
$PSScript.Appearance.Icon # Returns the icon of the executing script
ScriptSession
... ID : e9fedd64-cad0-4c43-b950-9cd361b151fd ...
SitecoreAuthority
SitecoreContextItem
$SitecoreContextItem.Language.Name # Returns the language name
SitecoreDataFolder
C:\Inetpub\wwwroot\Console\Data
SitecoreDebugFolder
C:\Inetpub\wwwroot\Console\Data\debug
SitecoreIndexFolder
C:\Inetpub\wwwroot\Console\Data\indexes
SitecoreLayoutFolder
C:\Inetpub\wwwroot\Console\Website\layouts
SitecoreLogFolder
C:\Inetpub\wwwroot\Console\Data\logs
SitecoreMediaFolder
C:\Inetpub\wwwroot\Console\Website\upload
SitecorePackageFolder
C:\Inetpub\wwwroot\Console\Data\packages
SitecoreScriptRoot
master:\system\Modules\PowerShell\Script Library\Task Management\Toolbox
SitecoreCommandPath
master:\system\Modules\PowerShell\Script Library\Task Management\Toolbox\Task Manager
SitecoreSerializationFolder
C:\Inetpub\wwwroot\Console\Data\serialization
SitecoreTempFolder
C:\Inetpub\wwwroot\Console\Website\temp
SitecoreVersion
8.2.160729
Ctrl-Alt-Shift -
Decrease the font size
Ctrl-E
Executes the script
Alt-E
Executes the selected text in the script
Ctrl-D
Debugs the script
Ctrl-Shift-E
Aborts the running script
Ctrl-F
Search for keywords in the script
ArrowLeft/Ctrl+B
Move cursor to the left
ArrowRight/Ctrl+F
Move cursor to the right
Ctrl+ArrowLeft
Move cursor to previous word
Ctrl+ArrowRight
Move cursor to next word
Ctrl+A/Home
Move cursor to the beginning of the line
Ctrl+E/End
Move cursor to the end of the line
Ctrl+K/Alt+D
Remove the text after the cursor
Ctrl+H
Remove character before the cursor
Ctrl+D/Delete
Remove character selected by the cursor
Ctrl+C/Escape
Remove all text in the line
Ctrl+U
Remove the text before the cursor
Ctrl+V/Shift+Insert
Insert text from the clipboard
Ctrl+Alt+Shift +
Increase the font size
Ctrl+Alt+Shift -
Decrease the font size
PageUp
Scroll console up
PageDown
Scroll console down
Ctrl+R
Reverse search history
Shortcut
Usage
Enter
Submits line for execution.
Tab
Autocomplete commands. Press tab again to cycle through commands.
Shift+Tab
Reverse cycle through Autocomplete commands.
Shift+Enter
Inserts new line. Works when the backtick is used.
ArrowUp/Ctrl+P
Show previous command from history
ArrowDown/Ctrl+N
Show next command from history
Delete/backspace
Remove one character from right/left to the cursor
Warning - Appears as a warning message beneath the ribbon in the Content Editor.
Ex: docker pull scr.sitecore.com/sxp/modules/sitecore-spe-assets:6.4-1809
-TargetLanguage accepts a list of languages that should be created-DoNotCopyFields creates a new version but does not copy field values from original language
-IgnoredFields list of fields that should not be copied over from original item this can contain e.g. __Security if you don't want the new version to have the same restrictions as the original version.
Required?
false
Position?
1
Default Value
Accept Pipeline Input?
true (ByValue)
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
true (ByValue)
Accept Wildcard Characters?
false
The Import-Function command imports a function script from the script library's "Functions" folder.
© 2010-2019 Adam Najmanowicz, Michael West. All rights reserved. Sitecore PowerShell Extensions
Name of the script in the "Functions" library or one of its sub-libraries.
Required?
true
Position?
1
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Name of the library withing the "Functions" library. Provide this name to disambiguate a script from other scripts of the same name that might exist in multiple sub-librarties of the Functions library.
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Name of the module "Functions" are going to be taken from. Provide this name to disambiguate a script from other scripts of the same name that might exist in multiple Modules.
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
The input type is the type of the objects that you can pipe to the cmdlet.
Sitecore.Data.Items.Item
The output type is the type of the objects that the cmdlet emits.
System.Object
Help Author: Adam Najmanowicz, Michael West
The following imports a Resolve-Error function that you may later use to get a deeper understanding of a problem with script should one occur by xecuting the "Resolve-Error" command that was imported as a result of the execution of the following line
services:
mssql-init:
image: ${REGISTRY}${COMPOSE_PROJECT_NAME}-xm1-mssql-init:${VERSION:-latest}
build:
context: ./docker/build/mssql-init
args:
BASE_IMAGE: ${SITECORE_DOCKER_REGISTRY}sitecore-xm1-mssql-init:${SITECORE_VERSION}
SPE_IMAGE: ${SITECORE_MODULE_REGISTRY}sitecore-spe-assets:${SPE_VERSION}
cm:
image: ${REGISTRY}${COMPOSE_PROJECT_NAME}-xm1-cm:${VERSION:-latest}
build:
context: ./docker/build/cm
args:
BASE_IMAGE: ${SITECORE_DOCKER_REGISTRY}sitecore-xm1-cm:${SITECORE_VERSION}
SPE_IMAGE: ${SITECORE_MODULE_REGISTRY}sitecore-spe-assets:${SPE_VERSION}# escape=`
ARG BASE_IMAGE
ARG SPE_IMAGE
FROM ${SPE_IMAGE} as spe
FROM ${BASE_IMAGE}
COPY --from=spe C:\module\db C:\resources\spe# escape=`
ARG BASE_IMAGE
ARG SPE_IMAGE
FROM ${SPE_IMAGE} as spe
FROM ${BASE_IMAGE}
SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"]
WORKDIR /inetpub/wwwroot
COPY --from=spe \module\cm\content .\foreach($num in 0..10) {
$key = -join ((65..90) + (97..122) | Get-Random -Count 7 | % {[char]$_})
New-User -Identity "TestUser$($key)" -Enabled -Password "b" -ProfileItemId "{AE4C4969-5B7E-4B4E-9042-B2D8701CE214}" | Out-Null
}
Get-User -Filter "sitecore\TestUser*"Get-User -Id "michael" -Authenticated |
Set-User -ProfileItemId "{AE4C4969-5B7E-4B4E-9042-B2D8701CE214}"$users = Get-User -Filter * | Where-Object { $_.Profile.GetCustomProperty("age") -gt 18 }
$property = @(
"Name",
@{Name="Age";Expression={ $PSItem.Profile.GetCustomProperty("age") }}
)
$users | Select-Object -Property $property |
Export-CSV -Path "C:\temp\users-over-eighteen.csv" -NoTypeInformation# Identity can be "[domain]\[name]", "Creator-Owner", and "\Everyone"
Get-Role -Identity "default\Everyone"$aclForEveryone = New-ItemAcl -Identity "\Everyone" -PropagationType Any -SecurityPermission DenyInheritance -AccessRight *
Get-Item -Path "master:\content\home" | Add-ItemAcl -AccessRules $aclForEveryone -PassThruGet-ChildItem "master:\content\home" -Language "en" -Recurse |
Where-Object { $_.TemplateName -eq "Sample Item" } |
Add-ItemLanguage -TargetLanguage "pl-pl" -IfExist Append |
Format-Table Name, Language, Version -AutoSizeAdd-ItemLanguage -Path "master:\content\home" -TargetLanguage "pl-pl" -IfExist Skip -DoNotCopyFields -RecurseGet-ChildItem "master:\content" -Recurse |
Remove-ItemLanguage -Language "fr-CA"$itemPath = "master:\content\home\sample item\Sample Item 3"
New-Item -Path $itemPath -ItemType "Sample/Sample Item" -Language "en-CA"
Name Children Language Version Id TemplateName
---- -------- -------- ------- -- ------------
Sample Item 3 False en-CA 1 {C9517583-3AF9-4AFB-B247-BB0A09F55D94} Sample Item<configuration xmlns:patch="https://www.sitecore.net/xmlconfig/">
<sitecore>
<powershell>
<translation>
<ignoredFields>
<field>__Archive date</field>
<field>__Archive Version date</field>
<field>__Lock</field>
<field>__Owner</field>
<field>__Page Level Test Set Definition</field>
<field>__Reminder date</field>
<field>__Reminder recipients</field>
<field>__Reminder text</field>
<!--field>__Security</field-->
</ignoredFields>
</translation>
</sitecore>
</configuration>$rendering = Get-Item -Path "master:\sitecore\layout\Sublayouts\Sample Sublayout"
$items = Get-ChildItem -Path "master:\sitecore\templates\Sample Item" -Recurse
foreach($item in $items) {
$renderingInstance = Get-Rendering -Item $_ -Rendering $rendering
if ($renderingInstance) {
Set-Rendering -Item $_ -Instance $renderingInstance -Parameter @{
"Lorem" = "Ipsum"
}
Write-Host "Updated $($_.Paths.FullPath)"
}
}Get-Item "master:\layout\Renderings\Feature\Experience Accelerator\Page Content\Page Content" |
Get-ItemReferrer | Where-Object { $_.ContentPath.StartsWith("/Demo/usa/Home") } | Show-ListViewGet-ChildItem -Path "master:\layout\Renderings" -Recurse |
Where-Object { $_.Cacheable -eq "1" } |
Select-Object -Property Name, Cacheable, ClearOnIndexUpdate, VaryBy* |
Sort-Object -Property Name | Show-ListView$query = "fast:/sitecore/content//*[@__renderings='%<conditions%' or @#__Final Renderings#='%<conditions%']"
$items = Get-Item -Path "master:" -Query $query$VerbosePreference = "Continue"
Get-ChildItem -Path "master:\layout\Renderings" -Recurse |
Where-Object { $_.Cacheable -eq "1" } |
ForEach-Object { Write-Verbose "Disabled global caching on $($_.Name)"; $_.Cacheable = "0" }
# VERBOSE: Disabled global caching on Navigation$placeholderMappings = @(
@("/old-placeholder","/new-placeholder"),
@("/another-old-placeholder","/new-placeholder")
)
$rootItem = Get-Item -Path master:/sitecore/content/Home
$defaultLayout = Get-LayoutDevice "Default"
# Toggle for whether to update Shared or Final Layout
$useFinalLayout = $True
# If set to true, the script will only list the renderings that need fixing, rather than fixing them.
$reportOnly = $False
foreach ( $item in Get-ChildItem -Item $rootItem -Recurse )
{
# Only interested in items that have a layout
if (Get-Layout $item)
{
foreach( $mapping in $placeholderMappings )
{
# Get renderings in this item that have renderings in the placeholder we want to update
$renderings = Get-Rendering -Item $item -Placeholder ($mapping[0] + '/*') -Device $defaultLayout -FinalLayout:$useFinalLayout
foreach ( $rendering in $renderings )
{
# Only update the rendering if we're not in "Report Only" mode
if (!$reportOnly)
{
# Update the placeholder in the rendering and set it back in the item
$rendering.Placeholder = $rendering.Placeholder -replace $mapping[0], $mapping[1]
Set-Rendering -Item $item -Instance $rendering -FinalLayout:$useFinalLayout
}
Write-Host "$($item.FullPath) - Rendering $($rendering.UniqueID) - Placeholder: $($mapping[0]) --> $($mapping[1])"
}
}
}
}Get-Rendering -Item $item -PlaceHolder "main" |
Foreach-Object { Set-Rendering -Item $item -Instance $_ -DataSource $null -FinalLayout }$rendering = Get-Item master:\layout\path\to\your\rendering
$renderingPageContainer = Get-Rendering -Item $item "{F39BAC93-1EEC-446B-A4A1-AB7F7C1B6267}" -Device $defaultLayout
$renderingPageContainer.ItemID = $rendering.ID
Set-Rendering -Item $item -Instance $renderingPageContainerPS master:\> Get-Database
Name Languages Protected Read Only
---- --------- --------- ---------
core {da, pl-PL, ja-JP, en...} False False
master {en, de-DE, es-ES, pt-BR...} False False
web {es-ES, de-DE, pt-BR, pl-PL... False False
filesystem {en, en-US} False TruePS master:\> Get-Database -Name "master"
Name Languages Protected Read Only
---- --------- --------- ---------
master {en, de-DE, es-ES, pt-BR...} False FalsePS master:\> Get-Item . | Get-Database
Name Languages Protected Read Only
---- --------- --------- ---------
master {en, de-DE, es-ES, pt-BR...} False FalsePS master:\> Import-Function -Name Resolve-ErrorMeet the prerequisites found here
Install Sitecore 8+ to a folder of your choice, for example C:\inetpub\wwwroot\SitecoreSPE_8
Clone the repo to your local development environment
Copy C:\Source\Console\deploy.user.json.sample to C:\Source\Console\deploy.user.json. This will be a file just for your local environment and will be ignored by git.
Edit the sites definition in deploy.user.json to target your Sitecore web root folder, making sure you use double-slashes for paths like in the existing file. For this site, make sure the version property is 8. Remove any other sites in the file that do not apply.
The
deploy.user.jsonfile supports deploying SPE to multiple Sitecore installations. For now, we are just deploying to a single instance, but later on in the tutorial we will cover multiple instances.
Copy C:\Source\Console\UserConfiguration\App_Config\Include\z.Spe.Development.User.config.sample to a file of the same name, without the .sample suffix. This file can be edited to add any SPE-specific configuration that you want in your sites, but don't wish to commit back into the repo.
You may notice there is a %%sourceFolder%% value in this configuration file. This is a special string that gets replaced as part of the SPE deployment with your source folder location. You don't need to update this manually.
Open the solution in Visual Studio.
Compile the solution. Whenever you compile the solution, SPE will be automatically deployed to the site web root paths you have set in deploy.user.json
Login to Sitecore
Navigate to /Unicorn.aspx. Use Unicorn to sync all projects into Sitecore.
SPE uses Unicorn for serializing Sitecore items to the source folder, and for syncing items from disk into Sitecore. For more information on Unicorn, see
SPE is now installed in Sitecore and you're ready for developing!
Any changes you make going foward just require a build of the solution. Remember that when pulling down updates to the source, you should execute a Unicorn sync to ensure your items are up to date.
The SPE deployment process supports multiple sites and multiple versions of Sitecore. The following steps carry on from above to add further support for another Sitecore site, such as 8.x or 9.x.
Complete the steps for a Single Instance.
Install Sitecore 8.x/9.x to a folder of your choice, for example C:\inetpub\wwwroot\SitecoreSPE_91
Edit the sites definition in deploy.user.json to add your new Sitecore web root folder. Set the version property to 9.0, 9.1 or 9.2 depending on the major/minor version.
Follow steps 7 onward from the Single Instance guide above to deploy to your Sitecore 8.x/9.x installation and sync the SPE items into Sitecore.
SPE can be deployed to as many Sitecore sites as you like. Each time you first deploy to a new installation, make sure you use Unicorn to sync the latest state of items into Sitecore.
To add the SPE PowerShell Remoting Module scripts into your machine's PowerShell Module path, execute the .\Setup_Module.ps1 script from the source folder. This will add the \Modules folder from source into your PSModulePath environment variable. Once this is done, you can use Import-Module SPE on your development machine to run the remoting scripts.
As part of the SPE deployment process, all of the relevant binary, configuration and sitecore module files are copied over from the projects within the solution. This means that any changes to static files such as JS / CSS files require a full build for these to be deployed to the site. As the build triggers an application pool recycle of your site, this can be a little slow for quick changes.
For more rapid development, you can enable junction deployment on your sites. When this is enabled, rather than copying over the static files, junction points will be setup for various folders so that the folders within the Sitecore installation are directly linked to the source folder. Any changes made in the solution are seen instantly, because the solution and the site are referencing the exact same files.
To enable a junction deployment for a site, add junction property to the site definition and set it to true:
Note that with junction deployments, a solution build is still required if you want to deploy any code or
.configchanges.It is not currently supported for a junction deployment site to be changed back into a non-junction deployment site. If you wish to do this, you should manually delete the following folders from your Sitecore installation before updating the
junctionproperty back tofalse:sitecore modules\PowerShellandsitecore modules\Shell\PowerShell
Package Generator
Task Management
Platform
This tool provides similar functionality to the Index Viewer module. Search and rebuild the index on-demand.
View the list of user sessions and "kick" them out as needed.
Generate a report using the Sitecore Rules Engine.
View the list of SPE sessions and "kill" them as needed.
This tool provides similar functionality to the Sitecore Rocks module.
Simple tool for generating a site tree using an existing sitemap.
View and manage the configured scheduled tasks.
To create your own Toolbox item take the following steps: 1. Create the Toolbox folder under an SPE module. Use the context menu to simplify the process.
Right click the module name and choose Scripts -> Create libraries for integration points.
Select the Toolbox item and click Proceed.
Create a PowerShell Script under the Toolbox item.
Right click the Toolbox library and choose PowerShell Script.
Open and edit the PowerShell Script using the ISE.
Run the Rebuild All command in the ISE by navigating to the
The Get-SitecoreJob command returns the list of the currently running jobs of Sitecore.
© 2010-2019 Implemented by Vangasewinkel Benjamin using the Adam Najmanowicz, Michael West Sitecore PowerShell Extensions. All rights reserved.
None
The output type is the type of the objects that the cmdlet emits.
Sitecore.Jobs.Job
Help Author: Vangansewinkel Benjamin
Executes a script from Sitecore PowerShell Extensions Script Library. This command used to be named Execute-Script - a matching alias added for compatibility with older scripts.
Invoke-Script [-Item] <Item> [-ArgumentList <Object[]>]
Invoke-Script [-Path] <String> [-ArgumentList <Object[]>]
Executes a script from Sitecore PowerShell Extensions Script Library.
© 2010-2019 Adam Najmanowicz, Michael West. All rights reserved. Sitecore PowerShell Extensions
The following abbreviations are aliases for this cmdlet:
Execute-Script
The script item to be executed.
Path to the script item to be executed. Path can be absolute or Relavie to Script library root. e.g. the following two commands are equivalent:
PS master:> Invoke-Script 'master:\system\Modules\PowerShell\Script Library\Examples\Script Testing\Long Running Script with Progress Demo' PS master:> Invoke-Script 'Examples\Script Testing\Long Running Script with Progress Demo'
The input type is the type of the objects that you can pipe to the cmdlet.
Sitecore.Data.Items.Item
The output type is the type of the objects that the cmdlet emits.
System.Object
Help Author: Adam Najmanowicz, Michael West
Run a script with arguments passed in.
The arguments are passed and used in the called script like below:
© 2010-2019 Adam Najmanowicz, Michael West. All rights reserved. Sitecore PowerShell Extensions
The following gets the cloned Item and returns the available notifications.
The following gets the cloned Item based on the specified type of notification.
Returns all the clones for the specified item.
Get-ItemClone [-Item] <Item>
Get-ItemClone [-Path] <String>
Get-ItemClone -Id <String> [-Database <String>]
The Get-ItemClone command returns all the clones for the specified item.
© 2010-2019 Adam Najmanowicz, Michael West. All rights reserved. Sitecore PowerShell Extensions
The item to be analysed for clones presence.
Path to the item to be analysed for clones presence.
Id of the item to be analysed for clones presence.
Database containing the item to be processed - if item is being provided through Id.
The input type is the type of the objects that you can pipe to the cmdlet.
Sitecore.Data.Items.Item
The output type is the type of the objects that the cmdlet emits.
Sitecore.Data.Items.Item
Help Author: Adam Najmanowicz, Michael West
New-UsingBlock.
New-UsingBlock [-InputObject] <IDisposable> [-ScriptBlock] <ScriptBlock>
The New-UsingBlock command disposes of the provided input object after the specified scriptblock completes execution. You may find the data returned by the scriptblock is contained within the following object System.Collections.ObjectModel.Collection1[[System.Management.Automation.PSObject, System.Management.Automation, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35]]`. This helps when multiple objects are returned and is .
© 2010-2019 Adam Najmanowicz, Michael West. All rights reserved. Sitecore PowerShell Extensions
Object that should be disposed after the Script block is executed.
Script to be executed within the "Using" context.
The input type is the type of the objects that you can pipe to the cmdlet.
System.IDisposable
The output type is the type of the objects that the cmdlet emits.
void
Help Author: Adam Najmanowicz, Michael West
Assuming all items under /sitecore/content/home have both 'Title' and 'MetaTitle' fields... Using New-UsingBlock to bulk update items under /sitecore/Content/ to have their 'MetaTitle' field to be equal to the 'Title' field
Using New-UsingBlock to perform a test with UserSwitcher - checking whether an anonymous user can change a field The test should end up showing the error as below and the Title should not be changed!
The reports which come out of the box provide a wide variety of information regarding your Sitecore installation.
We've built quite a few reports, many similar to the (ASR) module.
The custom reports can be found by navigating to Sitecore -> Reporting Tools -> PowerShell Reports.
As an example, let's run the Unused media items report.
See some of the community contributed modules built for SPE.
cd "C:\Source\Console" // Your local source folder, with a new folder for the solution
git init
git remote add origin https://github.com/SitecorePowerShell/Console.git
git fetch origin
git checkout -b master --track origin/master{
"sites": [
{
"path": "C:\\inetput\\wwwroot\\SitecoreSPE_8\\Website",
"version": 8,
"junction": true
}
]
}PS master:\> Get-SitecoreJob
Category : PowerShell
Handle : b62d9129-298a-4630-bb37-d725e5ce3bbf;DCI5CG6011F3Y-sc81u3contact
IsDone : True
Name : PowerShell-ca2a0179-78c5-02a4-5970-17e4909752b0-{347EBAF8-6BE2-4ABC-91D0-36B36FCF414B}
Options : Sitecore.Jobs.JobOptions
Status : Sitecore.Jobs.JobStatus
WaitHandle : System.Threading.ManualResetEvent
QueueTime : 11/13/2017 1:03:18 PM
MessageQueue : Sitecore.Jobs.AsyncUI.MessageQueue
Category : Indexing
Handle : dca83fc7-def7-4564-ac44-987e79ffc3cd;DCI5CG6011F3Y-sc81u3contact
IsDone : True
Name : Index_Update_IndexName=sitecore_analytics_index
Options : Sitecore.Jobs.JobOptions
Status : Sitecore.Jobs.JobStatus
WaitHandle : System.Threading.ManualResetEvent
QueueTime : 11/13/2017 1:03:29 PM
MessageQueue : Sitecore.Jobs.AsyncUI.MessageQueue
Category : PowerShell
Handle : de0a1dce-45f7-44fb-81b5-02b402c1f614;DCI5CG6011F3Y-sc81u3contact
IsDone : False
Name : PowerShell-ca2a0179-78c5-02a4-5970-17e4909752b0-{47666A58-890B-4D13-8F15-3348643750E4}
Options : Sitecore.Jobs.JobOptions
Status : Sitecore.Jobs.JobStatus
WaitHandle : System.Threading.ManualResetEvent
QueueTime : 11/13/2017 1:03:29 PM
MessageQueue : Sitecore.Jobs.AsyncUI.MessageQueuePS master:\> $jobs = Get-SitecoreJob
PS master:\> $jobs[0].Status
Category : PowerShell
Handle : c9215f66-ce60-49e5-9620-bf1ec51b6ef4;DCI5CG6011F3Y-sc81u3contact
IsDone : False
Name : PowerShell-ca2a0179-78c5-02a4-5970-17e4909752b0-{DF4895A6-3EBB-4A2A-9756-3A0EF4B96396}
Options : Sitecore.Jobs.JobOptions
Status : Sitecore.Jobs.JobStatus
WaitHandle : System.Threading.ManualResetEvent
QueueTime : 11/13/2017 1:05:54 PM
MessageQueue : Sitecore.Jobs.AsyncUI.MessageQueuePS master:\> Get-SitecoreJob | Show-ListView -Property "Category", "IsDone", "Name", "QueueTime", `
@{Label="Status Expiry"; Expression={$_.Status.Expiry} },
@{Label="Status Failed"; Expression={$_.Status.Failed} },
@{Label="Status State"; Expression={$_.Status.State} },
@{Label="Status Processed"; Expression={$_.Status.Processed} },
@{Label="Status Total"; Expression={$_.Status.Total} },
@{Label="Status Message"; Expression={$_.Status.Messages} }Get-ItemCloneNotification [-Item] <Item> [-NotificationType <Notification | ChildCreatedNotification | FieldChangedNotification | FirstVersionAddedNotification | ItemMovedChildCreatedNotification | ItemMovedChildRemovedNotification | ItemMovedNotification | ItemTreeMovedNotification | ItemVersionNotification | OriginalItemChangedTemplateNotification | VersionAddedNotification>] [-Language <String[]>]
Get-ItemCloneNotification [-Path] <String> [-NotificationType <Notification | ChildCreatedNotification | FieldChangedNotification | FirstVersionAddedNotification | ItemMovedChildCreatedNotification | ItemMovedChildRemovedNotification | ItemMovedNotification | ItemTreeMovedNotification | ItemVersionNotification | OriginalItemChangedTemplateNotification | VersionAddedNotification>] [-Language <String[]>]
Get-ItemCloneNotification -Id <String> [-Database <String>] [-NotificationType <Notification | ChildCreatedNotification | FieldChangedNotification | FirstVersionAddedNotification | ItemMovedChildCreatedNotification | ItemMovedChildRemovedNotification | ItemMovedNotification | ItemTreeMovedNotification | ItemVersionNotification | OriginalItemChangedTemplateNotification | VersionAddedNotification>] [-Language <String[]>]
Required?
true
Position?
1
Default Value
Accept Pipeline Input?
true (ByValue, ByPropertyName)
Accept Wildcard Characters?
false
Required?
true
Position?
1
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
true
Position?
1
Default Value
Accept Pipeline Input?
true (ByValue, ByPropertyName)
Accept Wildcard Characters?
false
Required?
true
Position?
1
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
true
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Get-Item
Required?
true
Position?
1
Default Value
Accept Pipeline Input?
true (ByValue, ByPropertyName)
Accept Wildcard Characters?
false
Required?
true
Position?
1
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
true
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
true
Position?
1
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
true
Position?
2
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
The cmdlet allows to send content of an object (FileInfo, Stream, String, String[] or Byte[]) to the client. This is used for example by report scripts to send the report in HTML, Json or Excel without saving the content of the object to the disk drive. You can specify an object type and file name to make sure the downloaded file is interpreted properly by the browser.
© 2010-2019 Adam Najmanowicz, Michael West. All rights reserved. Sitecore PowerShell Extensions
Object content to be sent to the client. Object must be of one of the following types:
FileInfo,
Stream,
String,
String[],
Byte[]
Required?
true
Position?
named
Default Value
Accept Pipeline Input?
true (ByValue)
Accept Wildcard Characters?
false
The MIME content type of the object. In most cases you can skip this parameter and still have the content type be deduced by the browser from the
Common examples (after Wikipedia)
application/json
application/x-www-form-urlencoded
application/pdf
application/octet-stream
multipart/form-data
text/html
image/png
image/jpg
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Name of the file you want the user browser to save the object as.
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
true (ByPropertyName)
Accept Wildcard Characters?
false
The input type is the type of the objects that you can pipe to the cmdlet.
System.Object
The output type is the type of the objects that the cmdlet emits.
System.Boolea
Help Author: Adam Najmanowicz, Michael West
Send first log file to the user
Send Hello World text file to the user
Get a list of sitecore branches under root item in the master database and send the list to user as excel file
Invoke-Script 'Examples\Script Testing\Long Running Script with Progress Demo'$scriptItem = Get-Item -Path "master:" -ID "{35311878-54EF-4E7A-9B95-3B63F5DEE97D}"
$arguments = @{
TemplateId = "{76036F5E-CBCE-46D1-AF0A-4143F9B557AA}"
}
$scriptItem | Invoke-Script -ArgumentList $argumentsparam($params)
$templateId = $params.templateId
Get-ItemReferrer -ID $templateId$clonedItem = Get-Item -Path "master:" -ID "{9F158637-52C2-4005-8329-21527685CB71}"
Get-ItemCloneNotification -Item $clonedItem$clonedItem = Get-Item -Path "master:" -ID "{9F158637-52C2-4005-8329-21527685CB71}"
$clonedItem | Get-ItemCloneNotification -NotificationType ItemMovedChildRemovedNotificationPS master:\> Get-ItemClone -Path master:\content\homeNew-UsingBlock (New-Object Sitecore.Data.BulkUpdateContext) {
foreach ( $item in (Get-ChildItem -Path master:\Content\Home -Recurse -WithParent) ) {
$item."MetaTitle" = $item.Title
}
}$anonymous = Get-User -Identity "extranet\Anonymous"
$testItem = Get-Item -Path master:\Content\Home
New-UsingBlock (New-Object Sitecore.Security.Accounts.UserSwitcher $anonymous) {
$testItem.Title = "If you can see this title it means that anonymous users can change this item!"
}
New-UsingBlock : Exception setting "Title": "Exception calling "Modify" with "3" argument(s): "The current user does not have write access to this item. User: extranet\Anonymous, Item: Home ({110D559F-DEA5-42EA-9C1C-8A5DF7E70EF9})""
At line:3 char:1
+ New-UsingBlock (New-Object Sitecore.Security.Accounts.UserSwitcher $a ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [New-UsingBlock], SetValueInvocationException
+ FullyQualifiedErrorId : ScriptSetValueRuntimeException,Spe.Commands.Data.NewUsingBlockCommandGet-Item "$SitecoreLogFolder\*.*" | select -first 1 | Out-Download"Hello World!" | Out-Download -Name hello-world.txtImport-Function -Name ConvertTo-Xlsx
[byte[]]$outobject = Get-ChildItem master:\ |
Select-Object -Property Name, ProviderPath, Language, Varsion |
ConvertTo-Xlsx
Out-Download -Name "report-$datetime.xlsx" -InputObject $outobjectVerify the new toolbox item appears in the Toolbox.
Once the report completes, the results appear in a report window.
While SPE contains many reports, they don't match identical to ASR reports. We've done our best to build those that seem most relevant or likely to be used. If you find a report in ASR that you would like to exist in SPE please submit a request.
SPE Report
ASR Report
Active Aliases
Aliases
Audit
Broken Links2
Broken Links
Broken Links in publishable items
Item History
Check the reports in SPE under these sections to see the full list.
1 Configuration Audit report
2 Content Audit report
3 Media Audit report
4 Solution Audit report
5 Toolbox
Note: Examples included are in the following modules
Content Reports
You may wish to expose the reports to users such as Content Authors. Here are the steps required to grant access to users in the sitecore\Sitecore Client Authoring role.
Here is what users may see in the event they do not have the appropriate access.
Navigate to the item /sitecore/content/Documents and settings/All users/Start menu/Right/Reporting Tools/PowerShell Reports
Grant access to sitecore\Sitecore Client Authoring
Verify the reports are now visible to the Authoring users.
Note: In verson 6.4 the default access changed from sitecore\Sitecore Client Maintaining to a lower privileged account sitecore\Sitecore Client Authoring.
Example: The following lists configurations by name.
Example: The following syncs configurations just like you would through the Unicorn Control Panel or the PowerShell API.
The following are Sitecore modules that enhance the SPE experience.
:
:
© 2010-2019 Adam Najmanowicz, Michael West. All rights reserved. Sitecore PowerShell Extensions
Specifies the archive to use when determining which ArchiveEntry items to process. Use Get-Archive to find the appropriate archive.
Required?
true
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Specifies the ID for the original item that should be processed. This is NOT the ArchivalId.
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Specifies the user responsible for moving the item to the archive.
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
None.
The output type is the type of the objects that the cmdlet emits.
Sitecore.Data.Archiving.ArchiveEntry
Help Author: Adam Najmanowicz, Michael West
The following returns all items found in the specified archive.
The following returns items matching the ItemId found in the specified archive.
The following returns items moved to the recycle bin by the user found in the specified archive.
The following demonstrates changing the archive date on an item followed by retrieving the archived item.
Remove-ArchiveItem
Restore-ArchiveItem
Remove-Item
Remove-ItemVersion
Add one or more base templates to a template item.
Add-BaseTemplate -Item <Item> -TemplateItem <TemplateItem[]>
Add-BaseTemplate -Item <Item> -Template <String[]>
Add-BaseTemplate -Path <String> -TemplateItem <TemplateItem[]>
Add-BaseTemplate -Path <String> -Template <String[]>
Add-BaseTemplate -Id <String> -TemplateItem <TemplateItem[]>
Add-BaseTemplate -Id <String> -Template <String[]>
Add-BaseTemplate [-Database <String>]
The Add-BaseTemplate command adds one or more base templates to a template item.
© 2010-2019 Adam Najmanowicz, Michael West. All rights reserved. Sitecore PowerShell Extensions
The item to add the base template to.
Path to the item to add the base template to.
Id of the item to add the base template to.
Sitecore item or list of items of base templates to add.
Path representing the template item to add as a base template. This must be of the same database as the item to be altered. Note that this parameter only supports a single template.
Database containing the item to add the base template to - required if item is specified with Id.
The input type is the type of the objects that you can pipe to the cmdlet.
Sitecore.Data.Items.Item
Help Author: Adam Najmanowicz, Michael West, Alex Washtell
Add base template of /sitecore/templates/User Defined/BaseTemplate to a template, using a path.
Add multiple base templates to a template, using items.
Expands tokens in fields for items.
Expand-Token [-Item] <Item> [-Language <String[]>]
Expand-Token [-Path] <String> [-Language <String[]>]
Expand-Token -Id <String> [-Database <String>] [-Language <String[]>]
The Expand-Token command expands the tokens in fields for items.
Some example of tokens include:
$name
$time
© 2010-2019 Adam Najmanowicz, Michael West. All rights reserved. Sitecore PowerShell Extensions
Language that will be processed. If not specified the current user language will be used. Globbing/wildcard supported.
The item to be processed.
Path to the item to be processed - additionally specify Language parameter to fetch different item language than the current user language.
Id of the the item to be processed - additionally specify Language parameter to fetch different item language than the current user language.
Database containing the item to be processed - can work with Language parameter to narrow the publication scope.
The input type is the type of the objects that you can pipe to the cmdlet.
Sitecore.Data.Items.Item
The output type is the type of the objects that the cmdlet emits.
Sitecore.Data.Items.Item
Help Author: Adam Najmanowicz, Michael West
The following expands tokens in fields on the item.
The following expands tokens in fields on the item. If the standard value of the field contains a token we modify the field to the token so the expansion will work (Sitecore API does not expand if the field is the same as Standard Values and never modified).
Returns the item template and its base templates.
Get-ItemTemplate [-Item] <Item> [-Recurse]
Get-ItemTemplate [-Path] <String> [-Recurse]
Get-ItemTemplate -Id <String> [-Database <String>] [-Recurse]
The Get-ItemTemplate command returns the item template and its base templates.
© 2010-2019 Adam Najmanowicz, Michael West. All rights reserved. Sitecore PowerShell Extensions
Return the template the item is based on and all of its base templates.
The item to be analysed.
Path to the item to be analysed.
Id of the item to be analysed.
Database containing the item to be analysed - required if item is specified with Id.
The input type is the type of the objects that you can pipe to the cmdlet.
Sitecore.Data.Items.Item
The output type is the type of the objects that the cmdlet emits.
Sitecore.Data.Items.TemplateItem
Help Author: Adam Najmanowicz, Michael West
Get template of /sitecore/conent/home item
Get template of /sitecore/conent/home item and all of the templates its template is based on then format it to only show the template name, path and Key
© 2010-2019 Adam Najmanowicz, Michael West. All rights reserved. Sitecore PowerShell Extensions
The following gets the cloned Item, returns the available notifications, and finally accepts the notifications.
The following gets the cloned Item, returns the available notifications, and finally rejects the notifications.
Returns the object that describes a Sitecore PowerShell Extensions Module
Get-SpeModule -Item <Item>
Get-SpeModule -Path <String>
Get-SpeModule -Id <String> -Database <String>
Get-SpeModule -Database <String>
Get-SpeModule [-Database <String>] -Name <String>
The Get-SpeModule command returns the object that describes a Sitecore PowerShell Extensions Module.
© 2010-2019 Adam Najmanowicz, Michael West. All rights reserved. Sitecore PowerShell Extensions
A script or library item that is defined within the module to be returned.
Path to a script or library item that is defined within the module to be returned.
Id of a script or library item that is defined within the module to be returned.
Database containing the module to be returned.
Name fo the module to return. Supports wildcards.
The input type is the type of the objects that you can pipe to the cmdlet.
Sitecore.Data.Items.Item
System.String
The output type is the type of the objects that the cmdlet emits.
Spe.Core.Modules.Module
Help Author: Adam Najmanowicz, Michael West
Return all modules defined in the provided database
Return all modules defined in the master database Matching the "Content*" wildcard
Return the module the piped script belongs to
Resets item fields, specified as either names, fields or template fields.
Resets item fields, specified as either names, fields or template fields.
© 2010-2019 Adam Najmanowicz, Michael West. All rights reserved. Sitecore PowerShell Extensions
Includes fields that are defined on "Standard template"
Array of field names to include - supports wildcards.
The item to be analysed.
Path to the item to be analysed.
Id of the item to be analysed.
Database containing the item to be reset - can work with Language parameter to narrow the publication scope.
The input type is the type of the objects that you can pipe to the cmdlet.
Sitecore.Data.Items.Item
The output type is the type of the objects that the cmdlet emits.
None
Help Author: Adam Najmanowicz, Michael West, Alex Washtell
Reset all item fields, excluding standard fields.
Reset all item fields, including standard fields.
Reset all item fields with names beginning with "a", excluding standard fields.
The following resets one of the Standard Values fields for all versions and languages.
Converts an item from a clone to a fully independent item.
ConvertFrom-ItemClone [-Item] <Item> [-Recurse] [-PassThru]
ConvertFrom-ItemClone [-Path] <String> [-Recurse] [-PassThru]
ConvertFrom-ItemClone -Id <String> [-Database <String>] [-Recurse] [-PassThru]
Converts an item from a clone to a fully independent item.
© 2010-2019 Adam Najmanowicz, Michael West. All rights reserved. Sitecore PowerShell Extensions
The item to be converted.
Path to the item to be converted
Id of the item to be converted
Database containing the item to be converted
The input type is the type of the objects that you can pipe to the cmdlet.
Sitecore.Data.Items.Item
The output type is the type of the objects that the cmdlet emits.
Sitecore.Data.Items.Item
Help Author: Adam Najmanowicz, Michael West
Examples for managing complex field types such as MultilistField and NameValueListField.
Example: The following demonstrates how to set a field to a known list of Ids. The Id is already converted to a GUID string.
# Hardcoded list of Ids.
$item.Editing.BeginEdit()
$item["Allowed Controls"] = "{guid1}|{guid2}|{guid3}"
$item.Editing.EndEdit()# Array of Ids.
$array = [System.Collections.ArrayList]@()
$array.Add({guid1}) > $null
$array.Add({guid2}) > $null
$ids = [System.String]::Join("|", $array)
$item.Editing.BeginEdit()
$item["Allowed Controls"] = $ids
$item.Editing.EndEdit()Example: The following replaces an instance of an Id with an alternate Id. The Id is already converted to a GUID string.
Example: The following adds new Ids to an existing list. Makes use of the Sitecore.Text.ListString class.
Example: The following appends an ID to a set of items in all languages. It verifies that the field Keywords exists.
Example: The following example gets all of the items of a MultilistField and append a specific ID, ensuring that it's delimited with the | character.
Example: The following example extracts the items from a 'keywords' field, comma separates the values, and then outputs to a report.
Example: The following example gets all of the name/value pairs of a NameValueListField and appends a new pair.
Returns entries from the history store notifying of workflow state change for the specified item.
Get-ItemWorkflowEvent [-Item] <Item> [-Identity <String>] [-Language <String[]>]
Get-ItemWorkflowEvent [-Path] <String> [-Identity <String>] [-Language <String[]>]
Get-ItemWorkflowEvent -Id <String> [-Database <String>] [-Identity <String>] [-Language <String[]>]
Executes Workflow action for an item. This command used to be named Execute-Workflow - a matching alias added for compatibility with older scripts.
Invoke-Workflow [-Item] <Item> [-CommandName <String>] [-Comments <String>] [-Language <String[]>]
Invoke-Workflow [-Path] <String> [-CommandName <String>] [-Comments <String>] [-Language <String[]>]
Invoke-Workflow -Id <String> [-Database <String>] [-CommandName <String>] [-Comments <String>] [-Language <String[]>]
Returns all the items referring to the specified item.
Get-ItemReferrer -Item <Item>
Get-ItemReferrer -Item <Item> -ItemLink
Get-ItemReferrer -Path <String> [-Language <String[]>]
Get-ItemReferrer -Path <String> [-Language <String[]>] -ItemLink
Get-ItemReferrer -Id <String> [-Database <String>] [-Language <String[]>]
Visual components made available to users in the Content Editor.
The Context Menu integration reveals a list of options to the user in the context menu under a special node called Scripts. The Sitecore rules engine may be used to control visibility and enabled state. The script is only executed when the option is clicked.
Begin by adding a new script to the Context Menu library. The name of the script will appear in the context menu.
# Default returns all configurations
Get-UnicornConfiguration
# Exact match
Get-UnicornConfiguration -Filter "Foundation.Foo"
# Filter using a wildcard
Get-UnicornConfiguration -Filter "Foundation.*"# Sync one
Sync-UnicornConfiguration "Foundation.Foo"
# Sync multiple by name
Sync-UnicornConfiguration @("Foundation.Foo", "Foundation.Bar")
# Sync multiple from pipeline
Get-UnicornConfiguration "Foundation.*" | Sync-UnicornConfiguration
# Sync all, except transparent sync-enabled configurations
Get-UnicornConfiguration | Sync-UnicornConfiguration -SkipTransparent
# Optionally set log output level (Debug, Info, Warn, Error)
Sync-UnicornConfiguration -LogLevel Warn# Sync a single item (note: must be under Unicorn control)
Get-Item "/sitecore/content" | Sync-UnicornItem
# Sync multiple single items (note: all must be under Unicorn control)
Get-ChildItem "/sitecore/content" | Sync-UnicornItem
# Sync an entire item tree, show only warnings and errors
Get-Item "/sitecore/content" | Sync-UnicornItem -Recurse -LogLevel Warn# Reserialize one
Export-UnicornConfiguration "Foundation.Foo"
# Reserialize multiple by name
Export-UnicornConfiguration @("Foundation.Foo", "Foundation.Bar")
# Reserialize from pipeline
Get-UnicornConfiguration "Foundation.*" | Export-UnicornConfiguration# Reserialize a single item (note: must be under Unicorn control)
Get-Item "/sitecore/content" | Export-UnicornItem
# Reserialize multiple single items (note: all must be under Unicorn control)
Get-ChildItem "/sitecore/content" | Export-UnicornItem
# Reserialize an entire item tree
Get-Item "/sitecore/content" | Export-UnicornItem -Recurse# Convert an item to YAML format (always uses default excludes and field formatters)
Get-Item "/sitecore/content" | ConvertTo-RainbowYaml
# Convert many items to YAML strings
Get-ChildItem "/sitecore/content" | ConvertTo-RainbowYaml
# Disable all field formats and field filtering
# (e.g. disable XML pretty printing,
# and don't ignore the Revision and Modified fields, etc)
Get-Item "/sitecore/content" | ConvertTo-RainbowYaml -Raw# Get IItemDatas from YAML variable
$rawYaml | ConvertFrom-RainbowYaml
# Get IItemData and disable all field filters
# (use this if you ran ConvertTo-RainbowYaml with -Raw)
$yaml | ConvertFrom-RainbowYaml -Raw# Deserialize IItemDatas from ConvertFrom-RainbowYaml
$rawYaml | ConvertFrom-RainbowYaml | Import-RainbowItem
# Deserialize raw YAML from pipeline into Sitecore
# Shortcut bypassing ConvertFrom-RainbowYaml
$yaml | Import-RainbowItem
# Deserialize and disable all field filters
# (use this if you ran ConvertTo-RainbowYaml with -Raw)
$yaml | Import-RainbowItem -Raw
# Deserialize multiple at once
$yamlStringArray | Import-RainbowItem
# Complete example that does nothing but eat CPU
Get-ChildItem "/sitecore/content" | ConvertTo-RainbowYaml | Import-RainbowItem# Create a new Sitecore Package (SPE cmdlet)
$pkg = New-Package -Name MyCustomPackage
# Get the Unicorn Configuration(s) we want to package
$configs = Get-UnicornConfiguration "Foundation.*"
# Pipe the configs into New-UnicornItemSource
# to process them and add them to the package project
# (without -Project, this would emit the source object(s)
# which can be manually added with $pkg.Sources.Add())
$configs | New-UnicornItemSource -Project $pkg
# Export the package to a zip file on disk
Export-Package -Project $pkg -Path "C:\foo.zip" -ZipGet-ArchiveItem -Archive <Archive>
Get-ArchiveItem -Archive <Archive> [-ItemId <ID>]
Get-ArchiveItem -Archive <Archive> [-Identity <AccountIdentity>]$database = Get-Database -Name "master"
$archiveName = "recyclebin"
$archive = Get-Archive -Database $database -Name $archiveName
Get-ArchiveItem -Archive $archive$database = Get-Database -Name "master"
$archiveName = "recyclebin"
$archive = Get-Archive -Database $database -Name $archiveName
Get-ArchiveItem -Archive $archive -ItemId "{1BB32980-66B4-4ADA-9170-10A9D3336613}"$database = Get-Database -Name "master"
$archiveName = "recyclebin"
$archive = Get-Archive -Database $database -Name $archiveName
Get-ArchiveItem -Archive $archive -Identity "sitecore\admin"$item = Get-Item -Path "master:" -ID "{1BB32980-66B4-4ADA-9170-10A9D3336613}"
$date = $item[[Sitecore.FieldIDs]::ArchiveDate]
$serverTime = [Sitecore.DateUtil]::IsoDateToServerTimeIsoDate($date)
$serverTimeDateTime = [Sitecore.DateUtil]::IsoDateToDateTime($serverTime, [datetime]::MinValue)
# Here you could add more time to the $serverTimeDateTime
$utcTimeDateTime = [Sitecore.DateUtil]::ToUniversalTime($serverTimeDateTime)
$isoTime = [Sitecore.DateUtil]::ToIsoDate($utcTimeDateTime)
$item.Editing.BeginEdit()
$item[[Sitecore.FieldIDs]::ArchiveDate] = $isoTime
$item.Editing.EndEdit()
# Some time after the date has passed
$database = Get-Database -Name "master"
$archiveName = "archive"
$archive = Get-Archive -Database $database -Name $archiveName
Get-ArchiveItem -Archive $archive -ItemId "{1BB32980-66B4-4ADA-9170-10A9D3336613}"Receive-ItemCloneNotification [-Notification <Notification>] -Notification <Notification> -Action <None | Accept | Reject | Dismiss> [-NotificationType <Notification | ChildCreatedNotification | FieldChangedNotification | FirstVersionAddedNotification | ItemMovedChildCreatedNotification | ItemMovedChildRemovedNotification | ItemMovedNotification | ItemTreeMovedNotification | ItemVersionNotification | OriginalItemChangedTemplateNotification | VersionAddedNotification>] [-Language <String[]>]
Receive-ItemCloneNotification [-Item] <Item> -Notification <Notification> -Action <None | Accept | Reject | Dismiss> [-NotificationType <Notification | ChildCreatedNotification | FieldChangedNotification | FirstVersionAddedNotification | ItemMovedChildCreatedNotification | ItemMovedChildRemovedNotification | ItemMovedNotification | ItemTreeMovedNotification | ItemVersionNotification | OriginalItemChangedTemplateNotification | VersionAddedNotification>] [-Language <String[]>]
Receive-ItemCloneNotification [-Path] <String> -Notification <Notification> -Action <None | Accept | Reject | Dismiss> [-NotificationType <Notification | ChildCreatedNotification | FieldChangedNotification | FirstVersionAddedNotification | ItemMovedChildCreatedNotification | ItemMovedChildRemovedNotification | ItemMovedNotification | ItemTreeMovedNotification | ItemVersionNotification | OriginalItemChangedTemplateNotification | VersionAddedNotification>] [-Language <String[]>]
Receive-ItemCloneNotification -Id <String> [-Database <String>] -Notification <Notification> -Action <None | Accept | Reject | Dismiss> [-NotificationType <Notification | ChildCreatedNotification | FieldChangedNotification | FirstVersionAddedNotification | ItemMovedChildCreatedNotification | ItemMovedChildRemovedNotification | ItemMovedNotification | ItemTreeMovedNotification | ItemVersionNotification | OriginalItemChangedTemplateNotification | VersionAddedNotification>] [-Language <String[]>]Reset-ItemField [-Item] <Item> [-IncludeStandardFields] [-Name <String[]>]
Reset-ItemField [-Path] <String> [-IncludeStandardFields] [-Name <String[]>]
Reset-ItemField -Id <String> [-Database <String>] [-IncludeStandardFields] [-Name <String[]>][Sitecore.Data.Fields.MultilistField]$field = $item.Fields["Allowed Controls"]
$item.Editing.BeginEdit()
$field.Replace("{493B3A83-0FA7-4484-8FC9-4680991CF742}","{493B3A83-0FA7-4484-8FC9-4680991CF743}")
$item.Editing.EndEdit()[Sitecore.Text.ListString]$ids = $item.Fields["Rendering"].Value
$ids.AddAt(0,"{guid1}") > $null
$ids.Add("{guid2}") > $null
$ids.Add("{guid3}") > $null
$item.Editing.BeginEdit()
$item.Fields["Rendering"].Value = $ids.ToString()
$item.Editing.EndEdit() > $nullItems with Invalid Names
Items with security for an account2
Items with Security for an account
Items with Tokens in Fields
Links
Locked Items2
Locked Items
Logged errors
Logged in Session Manager5
Logged in Users
Limit number of versions4
Multiple versions
My Owned Items
Media items last updated before date3
Not recently modified
Media items not used by content items3
Orphaned media assets report
Owned items
Recent workflow history2
Recent Workflow History
Media items last updated after date3
Recently Modified
Regex Item Searcher
Renderings
Index Viewer5
-
Rules based report5
-
Task Manager report5
-
Required?
true
Position?
named
Default Value
Accept Pipeline Input?
true (ByValue)
Accept Wildcard Characters?
false
Required?
true
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
true
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
true
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
true
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
true
Position?
1
Default Value
Accept Pipeline Input?
true (ByValue, ByPropertyName)
Accept Wildcard Characters?
false
Required?
true
Position?
1
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
true
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
true
Position?
1
Default Value
Accept Pipeline Input?
true (ByValue, ByPropertyName)
Accept Wildcard Characters?
false
Required?
true
Position?
1
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
true
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
true
Position?
named
Default Value
Accept Pipeline Input?
true (ByValue)
Accept Wildcard Characters?
false
Required?
true
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
true
Position?
1
Default Value
Accept Pipeline Input?
true (ByValue, ByPropertyName)
Accept Wildcard Characters?
false
Required?
true
Position?
1
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
true
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
true
Position?
named
Default Value
Accept Pipeline Input?
true (ByValue, ByPropertyName)
Accept Wildcard Characters?
false
Required?
true
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
true
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
true
Position?
named
Default Value
Accept Pipeline Input?
true (ByValue)
Accept Wildcard Characters?
false
Required?
true
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
true
Position?
1
Default Value
Accept Pipeline Input?
true (ByValue, ByPropertyName)
Accept Wildcard Characters?
false
Required?
true
Position?
1
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
true
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
true
Position?
1
Default Value
Accept Pipeline Input?
true (ByValue, ByPropertyName)
Accept Wildcard Characters?
false
Required?
true
Position?
1
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
true
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
$items = Get-ChildItem -Path "master:\sitecore\content\home" -Recurse -Language *
foreach($item in $items) {
if ($item.Keywords -and $item.Keywords.Length -gt 0) {
$item.Keywords = $item.Keywords + "|{guid}"
} else {
$item.Keywords = "{guid}"
}
}$items = Get-ChildItem -Path "master:\sitecore\content\home" -Recurse -Language *
foreach($item in $items) {
$item.Keywords = (@() + $item.Keywords.GetItems().ID + "{6D1EACDD-0DE7-4F3D-B55A-2CAE8EBFF3D0}" | Select-Object -Unique) -join "|"
}The Get-ItemWorkflowEvent command returns entries from the history store notifying of workflow state change for the specified item.
© 2010-2019 Adam Najmanowicz, Michael West. All rights reserved. Sitecore PowerShell Extensions
User that has been associated with the enteries. Wildcards are supported.
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Language that will be used as source language. If not specified the current user language will be used. Globbing/wildcard supported.
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
The item to have its history items returned.
Required?
true
Position?
1
Default Value
Accept Pipeline Input?
true (ByValue, ByPropertyName)
Accept Wildcard Characters?
false
Path to the item to have its history items returned - additionally specify Language parameter to fetch different item language than the current user language.
Required?
true
Position?
1
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Id of the the item to have its history items returned - additionally specify Language parameter to fetch different item language than the current user language.
Required?
true
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Database containing the item to have its history items returned - can work with Language parameter to narrow the publication scope.
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
The input type is the type of the objects that you can pipe to the cmdlet.
Sitecore.Data.Items.Item
The output type is the type of the objects that the cmdlet emits.
Sitecore.Workflows.WorkflowEvent
Help Author: Adam Najmanowicz, Michael West
Executes Workflow action for an item. If the workflow action could not be performed for any reason - an appropriate error will be raised.
© 2010-2019 Adam Najmanowicz, Michael West. All rights reserved. Sitecore PowerShell Extensions
The following abbreviations are aliases for this cmdlet:
Execute-Workflow
Namer of the workflow command.
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Comment to be saved in the history table for the action.
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Language that will be used as source language. If not specified the current user language will be used. Globbing/wildcard supported.
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
The item to have the workflow action executed.
Required?
true
Position?
1
Default Value
Accept Pipeline Input?
true (ByValue, ByPropertyName)
Accept Wildcard Characters?
false
Path to the item to have the workflow action executed - additionally specify Language parameter to fetch different item language than the current user language.
Required?
true
Position?
1
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Id of the the item to have the workflow action executed - additionally specify Language parameter to fetch different item language than the current user language.
Required?
true
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Database containing the item to have the workflow action executed - can work with Language parameter to narrow the publication scope.
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
The input type is the type of the objects that you can pipe to the cmdlet.
Sitecore.Data.Items.Item
Help Author: Adam Najmanowicz, Michael West
Submit item to approval, item gotten from path
Reject item, item gotten from pipeline
Remove-BaseTemplate -Id <String> -Template <String[]>
Remove-BaseTemplate [-Database <String>]
The Remove-BaseTemplate command removes one or more base templates from a template item.
© 2010-2019 Adam Najmanowicz, Michael West. All rights reserved. Sitecore PowerShell Extensions
The item to remove the base template from.
Required?
true
Position?
named
Default Value
Accept Pipeline Input?
true (ByValue)
Accept Wildcard Characters?
false
Path to the item to remove the base template from.
Required?
true
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Id of the item to remove the base template from.
Required?
true
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Sitecore item or list of items of base templates to remove.
Required?
true
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Path representing the template item to remove as a base template. This must be of the same database as the item to be altered. Note that this parameter only supports a single template.
Required?
true
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Database containing the item to remove the base template from - required if item is specified with Id.
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
The input type is the type of the objects that you can pipe to the cmdlet.
Sitecore.Data.Items.Item
Help Author: Adam Najmanowicz, Michael West, Alex Washtell
Remove base template of /sitecore/templates/User Defined/BaseTemplate from a template, using a path.
Remove multiple base templates from a template, using items.
Get-ItemReferrer -Id <String> [-Database <String>] [-Language <String[]>] -ItemLink
The Get-ItemReferrer command returns all items referring to the specified item. If -ItemLink parameter is used the command will return links rather than items.
© 2010-2019 Adam Najmanowicz, Michael West. All rights reserved. Sitecore PowerShell Extensions
The item to be analysed.
Required?
true
Position?
named
Default Value
Accept Pipeline Input?
true (ByValue, ByPropertyName)
Accept Wildcard Characters?
false
Path to the item to be processed - additionally specify Language parameter to fetch different item language than the current user language.
Required?
true
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Id of the the item to be processed - additionally specify Language parameter to fetch different item language than the current user language.
Required?
true
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Database containing the item to be processed - can work with Language parameter to narrow the publication scope.
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Language that will be used as source language. If not specified the current user language will be used. Globbing/wildcard supported.
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Return ItemLink that define both source and target of a link rather than items linking to the specified item.
Required?
true
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
The input type is the type of the objects that you can pipe to the cmdlet.
Sitecore.Data.Items.Item
The output type is the type of the objects that the cmdlet emits.
Sitecore.Data.Items.Item
Sitecore.Links.ItemLink
Help Author: Adam Najmanowicz, Michael West
The Get-TaskSchedule command returns one or more task schedule items, based on name/database filter, path or simply converting a Sitecore item.
© 2010-2019 Adam Najmanowicz, Michael West. All rights reserved. Sitecore PowerShell Extensions
Task item to be converted.
Required?
true
Position?
named
Default Value
Accept Pipeline Input?
true (ByValue, ByPropertyName)
Accept Wildcard Characters?
false
Path to the item to be returned as Task Schedule.
Required?
true
Position?
named
Default Value
Accept Pipeline Input?
true (ByValue, ByPropertyName)
Accept Wildcard Characters?
false
Database containing the task items to be returned. If not provided all databases will be considered for filtering using the "Name" parameter.
Required?
false
Position?
2
Default Value
Accept Pipeline Input?
true (ByValue)
Accept Wildcard Characters?
false
Task filter - supports wildcards. Works with "Database" parameter to narrow tassk to only single database.
Required?
false
Position?
1
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
The input type is the type of the objects that you can pipe to the cmdlet.
Sitecore.Data.Items.Item
The output type is the type of the objects that the cmdlet emits.
Sitecore.Tasks.ScheduleItem
Help Author: Adam Najmanowicz, Michael West
The Get-SpeModuleFeatureRoot command returns library item or path to the library where scripts for a particular integration point should be located for a specific module.
© 2010-2019 Adam Najmanowicz, Michael West. All rights reserved. Sitecore PowerShell Extensions
Module for which the feature root library should be returned. If not provided the feature root will be returned for all modules.
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
true (ByValue, ByPropertyName)
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Feature for which the root library should be provided. If root item does not exist and -ReturnPath parameter is not specified - nothing will be returned, If -ReturnPath parameter is provided the path in which the feature root should be located will be returned
Valid features:
contentEditorContextMenu
contentEditorGutters
contentEditorRibbon
controlPanel
functions
listViewExport
listViewRibbon
pipelineLoggedIn
pipelineLoggingIn
pipelineLogout
toolbox
startMenuReports
eventHandlers
webAPI
pageEditorNotification
isePlugi
Required?
true
Position?
1
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
The input type is the type of the objects that you can pipe to the cmdlet.
Sitecore.Data.Items.Item
The output type is the type of the objects that the cmdlet emits.
Sitecore.Data.Items.Item
System.String
Help Author: Adam Najmanowicz, Michael West
Return the library item for "Content Editor Context Menu"
Return the Path to where "List View Export" scripts would be located if this feature was defined
PS master:\> Add-BaseTemplate -Path "master:/sitecore/content/User Defined/Page" -Template "/sitecore/templates/User Defined/BaseTemplate"PS master:\> $baseA = Get-Item -Path master:/sitecore/content/User Defined/BaseTemplateA
PS master:\> $baseB = Get-Item -Path master:/sitecore/content/User Defined/BaseTemplateB
PS master:\> Add-BaseTemplate -Path "master:/sitecore/content/User Defined/Page" -TemplateItem @($baseA, $baseB)Get-Item -Path "master:\content\home" | Expand-Token$tokens = @('$name', '$id', '$parentId', '$parentname', '$date', '$time', '$now')
$item = Get-Item -Path "master:\content\home"
$standardValueFields = Get-ItemField -Item $item -ReturnType Field -Name "*" `
| Where-Object { $_.ContainsStandardValue }
$item.Editing.BeginEdit()
foreach ($field in $standardValueFields) {
$value = $field.Value
if ($tokens -contains $value) {
$item[$field.Name] = $value
}
}
$item.Editing.EndEdit()
Expand-Token -Item $itemPS master:\> Get-ItemTemplate -Path master:\content\home
BaseTemplates : {Standard template}
Fields : {__Context Menu, __Display name, __Editor, __Editors...}
FullName : Sample/Sample Item
Key : sample item
OwnFields : {Title, Text, Image, State...}
StandardValues : Sitecore.Data.Items.Item
Database : master
DisplayName : Sample Item
Icon : Applications/16x16/document.png
ID : {76036F5E-CBCE-46D1-AF0A-4143F9B557AA}
InnerItem : Sitecore.Data.Items.Item
Name : Sample ItemPS master:\> Get-Item -Path master:/content/Home | Get-ItemTemplate -Recurse | ft Name, FullName, Key -auto
Name FullName Key
---- -------- ---
Sample Item Sample/Sample Item sample item
Standard template System/Templates/Standard template standard template
Advanced System/Templates/Sections/Advanced advanced
Appearance System/Templates/Sections/Appearance appearance
Help System/Templates/Sections/Help help
Layout System/Templates/Sections/Layout layout
Lifetime System/Templates/Sections/Lifetime lifetime
Insert Options System/Templates/Sections/Insert Options insert options
Publishing System/Templates/Sections/Publishing publishing
Security System/Templates/Sections/Security security
Statistics System/Templates/Sections/Statistics statistics
Tasks System/Templates/Sections/Tasks tasks
Validators System/Templates/Sections/Validators validators
Workflow System/Templates/Sections/Workflow workflow$clonedItem = Get-Item -Path "master:" -ID "{9F158637-52C2-4005-8329-21527685CB71}"
$clonedItem | Get-ItemCloneNotification | Receive-ItemCloneNotification -Action Accept$clonedItem = Get-Item -Path "master:" -ID "{9F158637-52C2-4005-8329-21527685CB71}"
$clonedItem | Get-ItemCloneNotification | Receive-ItemCloneNotification -Action RejectPS master:\> Get-SpeModule -Database (Get-Database "master")PS master:\> Get-SpeModule -Database (Get-Database "master")PS master:\> Get-item "master:\system\Modules\PowerShell\Script Library\Copy Renderings\Content Editor\Context Menu\Layout\Copy Renderings" | Get-SpeModulePS master:\> Reset-ItemField -Path master:\content\homePS master:\> Reset-ItemField -Path master:\content\home -IncludeStandardFieldsPS master:\> Get-Item master:\content\home | Reset-ItemField -Name "a*"Get-ChildItem -Path "master:" -ID "{110D559F-DEA5-42EA-9C1C-8A5DF7E70EF9}" -Version * -Language * -Recurse |
Reset-ItemField -Name "__Workflow State" -IncludeStandardFieldsPS master:\> ConvertFrom-ItemClone -Path master:\content\homefunction Get-KeywordsAsString($item) {
[Sitecore.Data.Fields.MultilistField] $field = $item.Fields["Keywords"]
$items = $field.GetItems()
$strArray = $items | Foreach { $_.DisplayName }
$strArray -join ', '
}
Get-ChildItem -Path 'master:\content\home\path-to-item' `
| Show-ListView -Property Name, Language, Version, ID, TemplateName, ItemPath, `
@{ Label = "KeywordsAsString"; Expression = { Get-KeywordsAsString($_) } }$item = Get-Item -Path "master:" -ID "{371EEE15-B6F3-423A-BB25-0B5CED860EEA}"
$nameValues = [System.Web.HttpUtility]::ParseQueryString($item.UrlMapping)
# Here you can add or remove name/value pairs
$nameValues["^/ab[cde]/$"] = "/somewhere/fun?lang=en"
foreach($key in $nameValues.AllKeys) {
$nameValues[$key] = [Uri]::EscapeDataString($nameValues[$key])
}
$item.UrlMapping = [Sitecore.StringUtil]::NameValuesToString($nameValues,"&")PS master:\> Get-ItemWorkflowEvent -Path master:\content\home
Date : 2014-07-27 14:23:33
NewState : {190B1C84-F1BE-47ED-AA41-F42193D9C8FC}
OldState : {46DA5376-10DC-4B66-B464-AFDAA29DE84F}
Text : Automated
User : sitecore\admin
Date : 2014-08-01 15:43:29
NewState : {190B1C84-F1BE-47ED-AA41-F42193D9C8FC}
OldState : {190B1C84-F1BE-47ED-AA41-F42193D9C8FC}
Text : Just leaving a note
User : sitecore\adminPS master:\> Invoke-Workflow -Path master:/content/home -CommandName "Submit" -Comments "Automated"PS master:\> Get-Item master:/content/home | Invoke-Workflow -CommandName "Reject" -Comments "Automated"PS master:\> Remove-BaseTemplate -Path "master:/sitecore/content/User Defined/Page" -Template "/sitecore/templates/User Defined/BaseTemplate"PS master:\> $baseA = Get-Item -Path master:/sitecore/content/User Defined/BaseTemplateA
PS master:\> $baseB = Get-Item -Path master:/sitecore/content/User Defined/BaseTemplateB
PS master:\> Remove-BaseTemplate -Path "master:/sitecore/content/User Defined/Page" -TemplateItem @($baseA, $baseB)PS master:\>Get-ItemReferrer -Path master:\content\home
Name Children Languages Id TemplateName
---- -------- --------- -- ------------
Home True {en, de-DE, es-ES, pt... {110D559F-DEA5-42EA-9C1C-8A5DF7E70EF9} Sample Item
Form False {en, de-DE, es-ES, pt... {6D3B4E7D-FEF8-4110-804A-B56605688830} Webcontrol
news True {en, de-DE, es-ES, pt... {DB894F2F-D53F-4A2D-B58F-957BFAC2C848} Article
learn-about-oms False {en, de-DE, es-ES, pt... {79ECF4DF-9DB7-430F-9BFF-D164978C2333} LinkPS master:\>Get-Item master:\content\home | Get-ItemReferrer -ItemLink
SourceItemLanguage : en
SourceItemVersion : 1
TargetItemLanguage :
TargetItemVersion : 0
SourceDatabaseName : master
SourceFieldID : {F685964D-02E1-4DB6-A0A2-BFA59F5F9806}
SourceItemID : {110D559F-DEA5-42EA-9C1C-8A5DF7E70EF9}
TargetDatabaseName : master
TargetItemID : {110D559F-DEA5-42EA-9C1C-8A5DF7E70EF9}
TargetPath : /sitecore/content/HomePS master:\> Get-TaskSchedule
Name Database Active Auto Remove Is Due Expired Completed Last Run Next Run
---- -------- ------ ----------- ------ ------- --------- -------- --------
__Task Schedule master True False True False False 0001-01-01 00:00:00 0001-01-01 00:00:00
Check Bounced Messages master True False False False False 2014-07-29 10:18:43 2014-07-29 22:48:43
Check DSN Messages master True False False False False 2014-07-29 10:19:18 2014-07-29 22:49:18
Clean Confirmation IDs master True False False False False 2014-07-28 22:14:30 2014-07-31 02:14:30
Clean Message History master True False False False False 2014-07-29 10:19:18 2014-07-29 22:49:18
Close Outdated Connections master True False False False False 2014-07-29 12:30:22 2014-07-29 13:30:22
Test-PowerShell master True False False False False 2014-07-28 14:30:06 2014-08-01 17:32:07
__Task Schedule web True False True False False 0001-01-01 00:00:00 0001-01-01 00:00:00
Check Bounced Messages web True False True False False 2013-11-04 08:36:22 2013-11-04 21:06:22
Check DSN Messages web True False True False False 2013-11-04 08:36:22 2013-11-04 21:06:22
Clean Confirmation IDs web True False False False False 2013-11-04 08:36:22 2013-11-04 21:36:22
Clean Message History web True False True False False 2013-11-04 08:36:22 2013-11-04 21:06:22
Close Outdated Connections web True False True False False 2013-11-04 09:36:23 2013-11-04 10:36:23
Test-PowerShell web True False True False False 2013-11-04 09:46:29 2013-11-04 09:46:30PS master:\> Get-TaskSchedule -Name "*Check*"
Name Database Active Auto Remove Is Due Expired Completed Last Run Next Run
---- -------- ------ ----------- ------ ------- --------- -------- --------
Check Bounced Messages master True False False False False 2014-07-29 10:18:43 2014-07-29 22:48:43
Check DSN Messages master True False False False False 2014-07-29 10:19:18 2014-07-29 22:49:18
Check Bounced Messages web True False True False False 2013-11-04 08:36:22 2013-11-04 21:06:22
Check DSN Messages web True False True False False 2013-11-04 08:36:22 2013-11-04 21:06:22PS master:\> Get-TaskSchedule -Name "*Check*" -Database "master"
Name Database Active Auto Remove Is Due Expired Completed Last Run Next Run
---- -------- ------ ----------- ------ ------- --------- -------- --------
Check Bounced Messages master True False False False False 2014-07-29 10:18:43 2014-07-29 22:48:43
Check DSN Messages master True False False False False 2014-07-29 10:19:18 2014-07-29 22:49:18$module = Get-SpeModule -Name "Copy Renderings"
Get-SpeModuleFeatureRoot -Feature contentEditorContextMenu -Module $module$module = Get-SpeModule -Name "Copy Renderings"
Get-SpeModuleFeatureRoot -Module $module -Feature listViewExport -ReturnPathThe setup of the module only requires a few steps: 1. In the Sitecore instance install the Sitecore module package. 2. On the local desktop or server install the SPE Remoting module.
After downloading you may need to unblock the file by right-clicking the zip and unblocking.
Ensure that you have run Set-ExecutionPolicy RemoteSigned in order for the SPE Remoting module will run. This typically requires elevated privileges.
Enable the remoting service through a configuration patch. See the Security page for more details.
Grant the remoting service user account through a configuration patch and granting acess to the appropriate role. See the page for more details.
The remoting services use a combination of a SOAP service (ASMX) and HttpHandler (ASHX). Remoting features are disabled by default and should be configured as needed as can be seen in the security section here. The SOAP service may require additional Windows authentication using the -Credential parameter which is common when logged into a Windows Active Directory domain.
If you have configured the web services to run under Windows Authentication mode in IIS then you'll need to use the Credential parameter for the commands.
You'll definitely know you need it when you receive an error like the following:
Example: The following connects Windows PowerShell ISE to a remote Sitecore instance using Windows credentials and executes the provided script.
Example: The following connects to several remote instances of Sitecore and returns the server name.
We have provided a service for downloading all files and media items from the server. This disabled by default and can be enabled using a patch file. See the Security page for more details about the services available and how to configure.
Example: The following downloads a single file from the Package directory.
Example: The following downloads a single media item from the library.
Inevitably you will need to have long running processes triggered remotely. In order to support this functionality without encountering a timeout using Invoke-RemoteScript you can use the following list of commands.
Get-ScriptSession - Returns details about script sessions.
Receive-ScriptSession - Returns the results of a completed script session.
Remove-ScriptSession - Removes the script session from memory.
Start-ScriptSession - Executes a new script session.
Stop-ScriptSession - Terminates an existing script session.
Wait-ScriptSession - Waits for all the script sessions to complete before continuing.
Example: The following remotely runs the id of a ScriptSession and polls the server until completed.
Example: The following remotely runs a script and checks for any output errors. The LastErrors parameter is available for ScriptSession objects.
Example: The following redirects messages from Write-Verbose to the remote session. The data returned will be both System.String and Deserialized.System.Management.Automation.VerboseRecord so be sure to filter it out when needed. More information about the redirection 4>&1 can be read here.
Example: The following improves upon the previous example.
If you receive the following error when trying to run a script (note the namespace is Microsoft.PowerShell.Commands instead of Spe or similar):
then add the following line as the first line within the Invoke-RemoteScript block: Set-Location -Path "master:"
Example:
This issue occurs due to the fact that the remoting session defaults to the FileSystem provider. Changing the location activates the custom provider included with SPE. As part of the custom provider there are additional parameters added to commands native to PowerShell.
© 2010-2019 Adam Najmanowicz, Michael West. All rights reserved. Sitecore PowerShell Extensions
Specifies the archive to use when determining which ArchiveEntry items to remove. Use Get-Archive to find the appropriate archive.
Required?
true
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Specifies the ID for the original item that should be processed. This is NOT the ArchivalId.
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Specifies the user responsible for moving the item to the archive.
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
true (ByValue)
Accept Wildcard Characters?
false
Specific items from the archive may be deleted when using this parameter.
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
true (ByValue)
Accept Wildcard Characters?
false
AccountIdentity
Sitecore.Data.Archiving.ArchiveEntry
The output type is the type of the objects that the cmdlet emits.
None.
Help Author: Adam Najmanowicz, Michael West
The following removes items matching the ItemId found in the specified archive.
The following removes items from the recycle bin by the user found in the specified archive.
The following removes all items from the recycle bin found in the specified archive.
Get-ArchiveItem
Restore-ArchiveItem
Remove-Item
Remove-ItemVersion
© 2010-2019 Adam Najmanowicz, Michael West. All rights reserved. Sitecore PowerShell Extensions
Specifies the archive to use when determining which ArchiveEntry items to process. Use Get-Archive to find the appropriate archive.
Required?
true
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Specifies the ID for the original item that should be processed. This is NOT the ArchivalId.
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Specifies the user responsible for moving the item to the archive.
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
true (ByValue)
Accept Wildcard Characters?
false
Specific items from the archive may be restored when using this parameter.
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
true (ByValue)
Accept Wildcard Characters?
false
AccountIdentity
Sitecore.Data.Archiving.ArchiveEntry
The output type is the type of the objects that the cmdlet emits.
None.
Help Author: Adam Najmanowicz, Michael West
The following restores items matching the ItemId found in the specified archive.
The following restores items from the recycle bin by the user found in the specified archive.
The following restores all items from the recycle bin found in the specified archive.
Get-ArchiveItem
Restore-ArchiveItem
Remove-Item
Remove-ItemVersion
Edit the script to perform the appropriate actions. The script can run in the background and show dialogs.
Change the icon of the item to match the script purpose.
Configure any Enable or Show rules as needed.
Note: Examples included in the following modules
Authoring Instrumentation
Copy Renderings
Index On Demand
Media Library Maintenance
Package Generator
Task Management
See how Adam added context menu PowerShell scripts.
The Gutter integration reveals a visual notification to the user in the far left gutter. The Sitecore rules engine may be used to control enabled state.
Begin by adding a new script to the Gutters library.
Edit the script to create a new instance of Sitecore.Shell.Applications.ContentEditor.Gutters.GutterIconDescriptor if the right conditions are met.
Set the Icon, Tooltip, and Click properties.
Return the gutter object
Configure any Enable rules to ensure the script runs only when necessary.
Rebuild the gutter integration from within the ISE.
Settings tab
Integration chunk
Sync Library with Content Editor Gutter command
Note: Examples included in the following modules
Publishing Status Gutter
The Insert Item integration reveals a list of options to the user in the context menu under the node called Insert. The Sitecore rules engine may be used to control visibility and enabled state. The script is only executed when the option is clicked.
Begin by adding a new script to the Insert Item library. The name of the script will appear in the context menu.
Edit the script to perform the appropriate actions. The script can run in the background and show dialogs.
Change the icon of the item to match the script purpose.
Configure any Show rules as needed.
Note: Examples included in the following modules
Task Management
Platform
The Ribbon integration reveals commands to the user in the ribbon. The Sitecore rules engine may be used to control visibility and enabled state. The script is only executed when the option is clicked.
Begin by adding a new child script library to the Ribbon library; we'll refer to this library as the Tab library. Choose a name that matches an existing tab to be used, such as Home or Developer, or a new name to create a new tab.
Add a child script library to the Tab library; we'll call this the Chunk library. Choose a name such as Edit or Tools.
Add a new script to the Chunk script library; we'll refer to this library as the Command library. The name of the script will appear in the ribbon chunk as a command.
Optionally add a short description on the item, which is found as a standard field on the item. The description will appear as a tooltip on the ribbon button.
Edit the script to perform the appropriate actions. The script can run in the background and show dialogs.
Change the icon of the item to match the script purpose.
Configure any Enable or Show rules as needed.
Example: The following script gets the selected Context Menu item and displays an alert using the item name.
Button Size:
There is a way to generate small buttons and combo buttons. You simply need to prefix the script name and SPE will generate accordingly.
Small$[SCRIPT_NAME]
Combo$[SCRIPT_NAME]
SmallCombo$[SCRIPT_NAME]
See the birth of extending the Sitecore ribbon with powershell scripts by Adam.
Check out an example of the 5 steps to extending the Sitecore ribbon in the wild by Toby.
Similar to the Ribbon integration, this provides a way to show buttons when certain contextual conditions are met. Most common is with media items. The steps are the same as with the standard Ribbon, but the structure is slightly changed.
In the following example, we have a ribbon button that appears whenever the selected item in the Content Editor is a media item. Take note of the "Optimize" button.
The ribbon structure would look like the following:
The Warning integration reveals a notification to the user above content. The Sitecore rules engine can be used to control visibility and enabled state. The scripts are only executed when the rule is met and the command is clicked.
Begin by adding a new script library to the Warning library.
Edit the script to perform the appropriate actions. The script can run in the background and show dialogs.
The warning notification title, text and icon should be configured in the script.
Include options to the warning by adding one or more secondary scripts to the script library.
Configure any Enable rules to ensure the script only runs when required.
Note: Examples included in the following modules
License Expiration - disabled by default
Alan provided a nice example here on setting up the warning with commands.
DO NOT install on Content Delivery (CD) instances
DO NOT deploy on servers facing the Internet
DO NOT expose SPE endpoints to untrusted networks
SPE is a powerful development and administration tool intended for Content Management (CM) servers in protected internal networks only.
Before deploying SPE to any environment beyond your local development machine, complete these essential steps:
By default, all SPE web services are disabled except those required for the Sitecore UI. Keep them disabled unless you have a specific need.
The default security configuration is found in:
App_Config\Include\Spe\Spe.config
Do not modify this file directly. Instead, create configuration patch files.
Create a new configuration file: App_Config\Include\Spe\Custom\Spe.Custom.config
Example: Basic production security configuration:
Protect the SPE services directory at the IIS level.
Edit sitecore modules\PowerShell\Services\web.config:
This denies anonymous access to all SPE web services.
Log in as a non-administrator user
Verify you cannot access the PowerShell Console
Verify you cannot access the PowerShell ISE
Log in as an administrator
Verify Session Elevation prompts appear when expected
Test that scripts execute successfully after elevation
For local development machines, you may use relaxed settings:
Never use elevationAction="Allow" in non-development environments!
Use the same strict security as production, but you may extend session timeouts slightly for testing convenience:
Use the strictest settings:
For Azure AD/SSO environments, use:
If using Sitecore 9.1 or later with Identity Server, enable this configuration file:
File: App_Config\Include\Spe\Spe.IdentityServer.config
After completing the initial setup:
Review the Security Policies to understand the security model
Configure Session Elevation for your environment
If you need external access, carefully review Web Services security
Learn about User and Role Management and Delegated Access
Complete the before deployment
❌ Don't install on CD servers - SPE is for CM only ❌ Don't expose to the internet - Keep SPE behind firewalls ❌ Don't use Allow elevation in production - Always require password or confirmation ❌ Don't enable unnecessary web services - Only enable what you specifically need ❌ Don't grant broad access - Limit to administrators only ❌ Don't skip session elevation - UAC is critical for production environments
If you need assistance with SPE security:
Review the detailed Security Hardening documentation
Check the Security Checklist
Visit the GitHub repository
Join #module-spe on Sitecore Community Slack
Returns all the items linked to the specified item..
Get-ItemReference -Item <Item>
Get-ItemReference -Item <Item> -ItemLink
Get-ItemReference -Path <String> [-Language <String[]>]
Get-ItemReference -Path <String> [-Language <String[]>] -ItemLink
Get-ItemReference -Id <String> [-Database <String>] [-Language <String[]>]
Get-ItemReference -Id <String> [-Database <String>] [-Language <String[]>] -ItemLink
The Get-ItemReference command returns all items linked to the specified item. If -ItemLink parameter is used the command will return links rather than items.
© 2010-2019 Adam Najmanowicz, Michael West. All rights reserved. Sitecore PowerShell Extensions
The item to be analysed.
Path to the item to be processed - additionally specify Language parameter to fetch different item language than the current user language.
Id of the the item to be processed - additionally specify Language parameter to fetch different item language than the current user language.
Database containing the item to be processed - can work with Language parameter to narrow the publication scope.
Language that will be used as source language. If not specified the current user language will be used. Globbing/wildcard supported.
Return ItemLink that define both source and target of a link rather than items that are being linked to from the specified item.
The input type is the type of the objects that you can pipe to the cmdlet.
Sitecore.Data.Items.Item
The output type is the type of the objects that the cmdlet emits.
Sitecore.Data.Items.Item
Sitecore.Links.ItemLink
Help Author: Adam Najmanowicz, Michael West
Useful code snippets to help you with those complex scripts.
Example: The following demonstrates how to list all of the fields of a template excluding the Standard Template fields.
Example: The following demonstrates how to generate the public facing url from a media item.
Example: The following demonstrates the use of the HtmlAgilityPack for parsing html.
Example: The following demonstrates how to update text in the document and exclude certain nodes.
Example: The following demonstrates how to remove empty paragraph tags in an html field.
Example: The following demonstrates removing style attributes from the html.
Example: The following prints the workflow history of the home item.
Example: The following restores items in the media library that were removed yesterday. @technomaz.
Example: The following will incrementally purge items from the recycle bin (master db) with a progress counter.
Example: The following logs messages to the browser console and then alerts the user with a message.
Example:
Not seeing what you are looking for? You can always check out some Github Gists that and have shared or the .
Executes Sitecore Shell command for an item. This command used to be named Execute-ShellCommand - a matching alias added for compatibility with older scripts.
Invoke-ShellCommand [-Item] <Item> [-Name] <String> [-Language <String[]>]
Invoke-ShellCommand [-Path] <String> [-Name] <String> [-Language <String[]>]
Invoke-ShellCommand -Id <String> [-Database <String>] [-Name] <String> [-Language <String[]>]
Executes Sitecore Shell command for an item. e.g. opening dialogs or performing commands that you can find in the Content Editor ribbon or context menu.
© 2010-2019 Adam Najmanowicz, Michael West. All rights reserved. Sitecore PowerShell Extensions
The following abbreviations are aliases for this cmdlet:
Execute-ShellCommand
Name of the sitecore command e.g. "item:publishingviewer"
Language that will be used as source language. If not specified the current user language will be used. Globbing/wildcard supported.
The item to be sent to the command.
Path to the item to be sent to the command - additionally specify Language parameter to fetch different item language than the current user language.
Id of the the item to be sent to the command - additionally specify Language parameter to fetch different item language than the current user language.
Database containing the item to be sent to the command - can work with Language parameter to narrow the publication scope.
The input type is the type of the objects that you can pipe to the cmdlet.
Sitecore.Data.Items.Item
The output type is the type of the objects that the cmdlet emits.
Sitecore.Data.Items.Item
Help Author: Adam Najmanowicz, Michael West
Launch Publishing Viewer for /sitecore/content/home item.
Initiate /sitecore/content/home item duplication.
Show properties of the /sitecore/content/home item.
File upload capabilities in SPE can be restricted by file type and destination path. This provides defense in depth by preventing malicious file uploads even if the upload service is enabled.
When the is enabled, SPE enforces restrictions on:
File Types - Which file extensions and MIME types can be uploaded
For CI/CD and automation environments where you only need SPE web services (without the full UI), a minimal deployment reduces the attack surface while maintaining remote automation capabilities.
The minimal deployment includes only the files necessary to support SPE web services, removing all UI components (Console, ISE, Content Editor integrations).
Benefits:
Creates a new item clone based on the item provided.
New-ItemClone [-Item] <Item> -Destination <Item> [-Name <String>] [-Recurse]
New-ItemClone [-Path] <String> -Destination <Item> [-Name <String>] [-Recurse]
New-ItemClone -Id <String> [-Database <String>] -Destination <Item> [-Name <String>] [-Recurse]
New-WebServiceProxy : The request failed with HTTP status 401: Unauthorized.Import-Module -Name SPE
$credential = Get-Credential
$session = New-ScriptSession -Username admin -Password b -ConnectionUri https://remotesitecore -Credential $credential
Invoke-RemoteScript -Session $session -ScriptBlock { Get-User -id admin }
Stop-ScriptSession -Session $session
# Name Domain IsAdministrator IsAuthenticated
# ---- ------ --------------- ---------------
# sitecore\admin sitecore True False# If you need to connect to more than one instance of Sitecore add it to the list.
$instanceUrls = @("https://remotesitecore","https://remotesitecore2")
$session = New-ScriptSession -Username admin -Password b -ConnectionUri $instanceUrls
Invoke-RemoteScript -Session $session -ScriptBlock { $env:computername }
Stop-ScriptSession -Session $sessionImport-Module -Name SPE
$session = New-ScriptSession -Username admin -Password b -ConnectionUri https://remotesitecore
Receive-RemoteItem -Session $session -Path "default.js" -RootPath App -Destination "C:\Files\"
Stop-ScriptSession -Session $sessionImport-Module -Name SPE
$session = New-ScriptSession -Username admin -Password b -ConnectionUri https://remotesitecore
Receive-RemoteItem -Session $session -Path "/Default Website/cover" -Destination "C:\Images\" -Database master
Stop-ScriptSession -Session $sessionImport-Module -Name SPE
$session = New-ScriptSession -Username admin -Password b -ConnectionUri https://remotesitecore
$jobId = Invoke-RemoteScript -Session $session -ScriptBlock {
"master", "web" | Get-Database |
ForEach-Object {
[Sitecore.Globals]::LinkDatabase.Rebuild($_)
}
} -AsJob
Wait-RemoteScriptSession -Session $session -Id $jobId -Delay 5 -Verbose
Stop-ScriptSession -Session $session$jobId = Invoke-RemoteScript -Session $session -ScriptBlock {
Get-Session -ParameterDoesNotExist "SomeData"
} -AsJob
# This delay could actually be that you got up to get some coffee or tea.
Start-Sleep -Seconds 2
Invoke-RemoteScript -Session $session -ScriptBlock {
$ss = Get-ScriptSession -Id $using:JobId
$ss | Receive-ScriptSession
if($ss.LastErrors) {
$ss.LastErrors
}
}Invoke-RemoteScript -ScriptBlock {
Write-Verbose "Hello from the other side" -Verbose 4>&1
"data"
Write-Verbose "Goodbye from the other side" -Verbose 4>&1
} -Session $sessionInvoke-RemoteScript -ScriptBlock {
function Write-Verbose {
param([string]$Message)
Microsoft.PowerShell.Utility\Write-Verbose -Message $Message -Verbose 4>&1
}
Write-Verbose "Hello from the other side"
"data"
Write-Verbose "Goodbye from the other side"
} -Session $session + FullyQualifiedErrorId : NamedParameterNotFound,Microsoft.PowerShell.Commands.NewItemCommandInvoke-RemoteScript -ScriptBlock {
Set-Location -Path "master:"
...
[The rest of your script]
...
}Remove-ArchiveItem -Archive <Archive> [-ItemId <ID>]
Remove-ArchiveItem -Archive <Archive> [-Identity <AccountIdentity>]
Remove-ArchiveItem -Archive <Archive> [-ArchiveItem <ArchiveEntry[]>]$database = Get-Database -Name "master"
$archiveName = "recyclebin"
$archive = Get-Archive -Database $database -Name $archiveName
Remove-ArchiveItem -Archive $archive -ItemId "{1BB32980-66B4-4ADA-9170-10A9D3336613}"$database = Get-Database -Name "master"
$archiveName = "recyclebin"
$archive = Get-Archive -Database $database -Name $archiveName
Remove-ArchiveItem -Archive $archive -Identity "sitecore\admin"$database = Get-Database -Name "master"
$archiveName = "recyclebin"
$archive = Get-Archive -Database $database -Name $archiveName
Get-ArchiveItem -Archive $archive | Remove-ArchiveItemRestore-ArchiveItem -Archive <Archive> [-WhatIf] [-Confirm] [<CommonParameters>]
Restore-ArchiveItem -Archive <Archive> [-ItemId <ID>] [-WhatIf] [-Confirm] [<CommonParameters>]
Restore-ArchiveItem -Archive <Archive> [-Identity <AccountIdentity>] [-WhatIf] [-Confirm] [<CommonParameters>]
Restore-ArchiveItem -ArchiveItem <ArchiveEntry[]> [-WhatIf] [-Confirm] [<CommonParameters>]$database = Get-Database -Name "master"
$archiveName = "recyclebin"
$archive = Get-Archive -Database $database -Name $archiveName
Restore-ArchiveItem -Archive $archive -ItemId "{1BB32980-66B4-4ADA-9170-10A9D3336613}"$database = Get-Database -Name "master"
$archiveName = "recyclebin"
$archive = Get-Archive -Database $database -Name $archiveName
Restore-ArchiveItem -Archive $archive -Identity "sitecore\admin"$database = Get-Database -Name "master"
$archiveName = "recyclebin"
$archive = Get-Archive -Database $database -Name $archiveName
Get-ArchiveItem -Archive $archive | Restore-ArchiveItem# Use the notation "." to get the current directory/item.
$item = Get-Item -Path .
Show-Alert -Title $item.Name<configuration xmlns:patch="https://www.sitecore.net/xmlconfig/">
<sitecore>
<powershell>
<!-- Session Elevation (UAC) -->
<userAccountControl>
<tokens>
<token name="Console">
<patch:attribute name="expiration">00:05:00</patch:attribute>
<patch:attribute name="elevationAction">Password</patch:attribute>
</token>
<token name="ISE">
<patch:attribute name="expiration">00:05:00</patch:attribute>
<patch:attribute name="elevationAction">Password</patch:attribute>
</token>
<token name="ItemSave">
<patch:attribute name="expiration">00:05:00</patch:attribute>
<patch:attribute name="elevationAction">Password</patch:attribute>
</token>
</tokens>
</userAccountControl>
<!-- Ensure web services remain disabled -->
<services>
<remoting enabled="false" />
<restfulv1 enabled="false" />
<restfulv2 enabled="false" />
<fileDownload enabled="false" />
<fileUpload enabled="false" />
<mediaDownload enabled="false" />
<mediaUpload enabled="false" />
</services>
</powershell>
</sitecore>
</configuration><configuration>
<system.web>
<authorization>
<deny users="?" />
</authorization>
</system.web>
</configuration><token name="Console">
<patch:attribute name="expiration">01:00:00</patch:attribute>
<patch:attribute name="elevationAction">Allow</patch:attribute>
</token><token name="Console">
<patch:attribute name="expiration">00:15:00</patch:attribute>
<patch:attribute name="elevationAction">Password</patch:attribute>
</token><token name="Console">
<patch:attribute name="expiration">00:05:00</patch:attribute>
<patch:attribute name="elevationAction">Password</patch:attribute>
</token><token name="Console">
<patch:attribute name="elevationAction">Confirm</patch:attribute>
</token># Create a list of field names on the Standard Template. This will help us filter out extraneous fields.
$standardTemplate = Get-Item -Path "master:" -ID "{1930BBEB-7805-471A-A3BE-4858AC7CF696}"
$standardTemplateTemplateItem = [Sitecore.Data.Items.TemplateItem]$standardTemplate
$standardFields = $standardTemplateTemplateItem.OwnFields + $standardTemplateTemplateItem.Fields | Select-Object -ExpandProperty key -Unique
$itemTemplate = Get-Item -Path "master:" -ID "{76036F5E-CBCE-46D1-AF0A-4143F9B557AA}"
$itemTemplateTemplateItem = [Sitecore.Data.Items.TemplateItem]$itemTemplate
$itemTemplateFields = $itemTemplateTemplateItem.OwnFields + $itemTemplateTemplateItem.Fields | Select-Object -ExpandProperty key -Unique
$filterFields = $itemTemplateFields | Where-Object { $standardFields -notcontains $_ } | Sort-ObjectRequired?
true
Position?
named
Default Value
Accept Pipeline Input?
true (ByValue)
Accept Wildcard Characters?
false
Required?
true
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
true
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
true
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
true
Position?
1
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
true
Position?
1
Default Value
Accept Pipeline Input?
true (ByValue, ByPropertyName)
Accept Wildcard Characters?
false
Required?
true
Position?
1
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
true
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
PS master:\>Get-ItemReference -Path master:\content\home
Name Children Languages Id TemplateName
---- -------- --------- -- ------------
Home True {en, de-DE, es-ES, pt... {110D559F-DEA5-42EA-9C1C-8A5DF7E70EF9} Sample Item
Home True {en, de-DE, es-ES, pt... {110D559F-DEA5-42EA-9C1C-8A5DF7E70EF9} Sample ItemPS master:\>Get-Item master:\content\home | Get-ItemReference -ItemLink
SourceItemLanguage : en
SourceItemVersion : 1
TargetItemLanguage :
TargetItemVersion : 0
SourceDatabaseName : master
SourceFieldID : {F685964D-02E1-4DB6-A0A2-BFA59F5F9806}
SourceItemID : {110D559F-DEA5-42EA-9C1C-8A5DF7E70EF9}
TargetDatabaseName : master
TargetItemID : {110D559F-DEA5-42EA-9C1C-8A5DF7E70EF9}
TargetPath : /sitecore/content/Home$item = Get-Item -Path "master:{04DAD0FD-DB66-4070-881F-17264CA257E1}"
$siteName = "website"
$site = [Sitecore.Sites.SiteContextFactory]::GetSiteContext($siteName)
New-UsingBlock (New-Object Sitecore.Sites.SiteContextSwitcher $site) {
[Sitecore.Resources.Media.MediaManager]::GetMediaUrl($item)
}
# /-/media/default-website/cover.jpg$html = "<ul><li>foo</li><li>bar</li></ul>"
$htmlDocument = New-Object -TypeName HtmlAgilityPack.HtmlDocument
$htmlDocument.LoadHtml($html)
foreach($x in $htmlDocument.DocumentNode.SelectNodes("//li")) {
$x.InnerText;
}$html = @"
<div class="kitchen">
<div class="kitchen">
<blockquote>kitchen<br />
<span class="kitchen">kitchen</span>
</blockquote>
<a><img title="kitchen" src="https://kitchen-sink.local" /></a>
</div>
</div>
"@
$htmlDocument = New-Object -TypeName HtmlAgilityPack.HtmlDocument
$htmlDocument.LoadHtml($html)
foreach($x in $htmlDocument.DocumentNode.Descendants()) {
if($x.Name -ne "img" -and ![string]::IsNullOrEmpty($x.Text)) {
$x.Text = $x.Text.Replace("kitchen", "sink")
}
}
$htmlDocument.DocumentNode.OuterHtml$html = @"
<div style='padding: 10px 10px;'>Some Text</div>
"@
$htmlDocument = New-Object -TypeName HtmlAgilityPack.HtmlDocument
$htmlDocument.LoadHtml($html)
$nodes = $htmlDocument.DocumentNode.SelectNodes("//@style");
foreach($node in $nodes) {
$node.Attributes["style"].Remove()
}
$htmlDocument.DocumentNode.OuterHtml$item = Get-Item -Path "master:" -Id "{110D559F-DEA5-42EA-9C1C-8A5DF7E70EF9}"
$db = Get-Database -Name "master"
$workflowProvider = $db.WorkflowProvider
foreach($version in $item.Versions.GetVersions()) {
$workflowEvents = $workflowProvider.HistoryStore.GetHistory($version)
foreach($workflowEvent in $workflowEvents) {
"[$($workflowEvent.Date)] ($($workflowEvent.User)) $(($workflowEvent.Text -replace '(\r|\n)',''))"
}
}Write-Host "Restoring items recycled after $($archivedDate.ToShortDateString())"
foreach($archive in Get-Archive -Name "recyclebin") {
Write-Host " - Found $($archive.GetEntryCount()) entries"
$entries = $archive.GetEntries(0, $archive.GetEntryCount())
foreach($entry in $entries) {
if($entry.ArchiveLocalDate -ge $archivedDate) {
Write-Host "Restoring item: $($entry.OriginalLocation) {$($entry.ArchivalId)}on date $($entry.ArchiveLocalDate)"
$archive.RestoreItem($entry.ArchivalId)
} else {
Write-Host "Skipping $($entry.OriginalLocation) on date $($entry.ArchiveLocalDate)"
}
}
}$database = Get-Database -Name "master"
$archiveName = "recyclebin"
$archive = Get-Archive -Database $database -Name $archiveName
$items = Get-ArchiveItem -Archive $archive
$count = 0
$total = $items.Count
foreach($item in $items) {
$count++
if($count % 100 -eq 0) {
Write-Host "[$(Get-Date -Format 'yyyy-MM-dd hh:mm:ss')] $([math]::round($count * 100 / $total, 2))% complete"
}
$item | Remove-ArchiveItem
}
Write-Host "Completed processing recycle bin"1..5 | ForEach-Object {
Start-Sleep -Seconds 1
Invoke-JavaScript -Script "console.log('Hello World! Call #$($_) from PowerShell...');"
}
Invoke-JavaScript -Script "alert('hello from powershell');"Import-Module -Name SPE -Force
$packageName = "$($SitecorePackageFolder)\[PACKAGE].zip"
$session = New-ScriptSession -Username "admin" -Password "b" -ConnectionUri "https://remotesitecore"
Test-RemoteConnection -Session $session -Quiet
$jobId = Invoke-RemoteScript -Session $session -ScriptBlock {
[Sitecore.Configuration.Settings+Indexing]::Enabled = $false
Get-SearchIndex | ForEach-Object { Stop-SearchIndex -Name $_.Name }
Import-Package -Path "$($SitecorePackageFolder)\$($using:packageName)" -InstallMode Merge -MergeMode Merge
[Sitecore.Configuration.Settings+Indexing]::Enabled = $true
} -AsJob
Wait-RemoteScriptSession -Session $session -Id $jobId -Delay 5 -Verbose
Stop-ScriptSession -Session $sessionPS master:\> Get-Item master:\content\home\ | Invoke-ShellCommand "item:publishingviewer"PS master:\> Get-Item master:/content/home | Invoke-ShellCommand "item:duplicate"PS master:\> Get-Item master:/content/home | Invoke-ShellCommand "contenteditor:properties"Upload Locations - Which directories files can be written to
These restrictions apply to uploads via:
SPE Remoting file upload
Custom scripts using upload functionality
By default, SPE allows limited file types and restricts uploads to the Sitecore temp folder:
File types can be restricted using:
File Extensions - Specific extensions like .csv, .txt, .xml
MIME Type Patterns - Wildcards like image/*, text/*, application/json
Images
.jpg, .png, .gif
image/*
Documents
.pdf, .doc, .docx
application/pdf, application/msword
Spreadsheets
.xls, .xlsx, .csv
application/vnd.ms-excel, text/csv
Text Files
.txt, .log
Security Warning: Be extremely careful allowing executable file types like .exe, .dll, .ps1, .bat, .cmd, .vbs, .js. These can be used to compromise the server.
SPE restricts where files can be uploaded using path patterns. These paths support Sitecore variables.
$SitecoreDataFolder
Data folder
C:\inetpub\wwwroot\App_Data
$SitecoreLogFolder
Log folder
C:\inetpub\wwwroot\App_Data\logs
$SitecorePackageFolder
Package folder
C:\inetpub\wwwroot\App_Data\packages
$SitecoreTempFolder
Temp folder
Recommended: Standardize your solution with a folder that you will routinely clean.
❌ Never allow uploads to these locations:
Allow CSV/Excel imports to a dedicated import folder:
✅ Do:
Use the principle of least privilege - only allow necessary file types
Restrict uploads to non-web-accessible folders when possible
Use $SitecoreTempFolder as the primary upload location
Create dedicated subdirectories for different upload purposes
Regularly clean up uploaded files
Monitor upload activity
Use both extension AND MIME type patterns for defense in depth
Test your restrictions before deploying to production
❌ Don't:
Allow executable file types (.exe, .dll, .ps1, etc.)
Allow uploads to the web root or bin folder
Allow uploads to system directories
Use wildcard MIME types like */* (allows everything)
Forget to restrict both file types AND locations
Allow script files that could be executed
Trust client-provided file extensions without validation
Start Restrictive - Begin with minimal allowed types and locations
Add as Needed - Only add permissions when you have a specific use case
Document Reasons - Comment your configuration explaining why each type/location is allowed
Regular Review - Audit allowed types and locations quarterly
Possible causes:
Location is not in allowedLocations
MIME type doesn't match pattern
File extension doesn't match pattern
Solution: Check both file type and location configuration.
Cause: Pattern syntax error or MIME type mismatch.
Solution: Use specific MIME types or verify wildcard syntax (image/*, not image*).
Cause: Variable not recognized by SPE configuration.
Solution: Use supported Sitecore variables or absolute paths.
Web Services Security - Enable/disable file upload service
Security Checklist - Validate your configuration
Logging and Monitoring - Monitor upload activity
GitHub Issue #1362 - Feature introduction
Fewer files to maintain
Faster deployment
Ideal for build/deployment servers
Only what's needed for automation
Limitations:
No PowerShell Console
No PowerShell ISE
No Content Editor integration
No Reports UI
Web services only (Remoting)
Scenario: Build servers need to execute deployment scripts remotely.
Requirements:
Remoting service
Minimal file footprint
No interactive UI
Scenario: Automated systems deploy content packages to Sitecore.
Requirements:
Remote script execution
File upload capability
Package installation commands
Scenario: Sitecore instances that serve as API backends without content authoring.
Requirements:
Remote automation capability
No UI overhead
Security-focused configuration
App_Config\Include\Spe\Spe.config
Core configuration
✓ Yes
App_Config\Include\Spe\Spe.Minimal.config
Minimal deployment config
✓ Yes
bin\Spe.dll
Main assembly
✓ Yes
bin\Spe.Abstractions.dll
Abstractions assembly
✓ Yes
sitecore modules\PowerShell\Services\web.config
IIS configuration
✓ Yes
sitecore modules\PowerShell\Services\RemoteAutomation.asmx
Remoting service
✓ Yes
sitecore modules\PowerShell\Services\RemoteScriptCall.ashx
RESTful/file services
✓ Yes
The following are NOT included in minimal deployment:
❌ PowerShell Console UI files ❌ PowerShell ISE files ❌ Content Editor integration files ❌ Report UI files ❌ Gutter renderers ❌ Ribbon extensions ❌ All UI-related files in sitecore modules\Shell\PowerShell\
SPE provides a pre-built minimal package: SPE.Minimal-6.x.zip
Download SPE.Minimal-8.x.zip from SPE releases
Extract to your Sitecore instance
Enable disabled config files (see below)
Configure security settings
Test connectivity
Deploy required files using your favorite scripting language.
Create a config patch to disable UI control sources:
File: App_Config\Include\Spe\Custom\Spe.DisableUI.config
By default, Remoting is disabled. Enable it with proper security:
File: App_Config\Include\Spe\Custom\Spe.Remoting.config
File: sitecore modules\PowerShell\Services\web.config
Network - Firewall rules, VPN if possible
IIS - IP restrictions, Windows Auth (optional), HTTPS
Sitecore - Specific user accounts with minimal roles
SPE - requireSecureConnection, file upload restrictions
Monitoring - Comprehensive logging and alerts
Possible causes:
Remoting service not enabled
User not in authorization list
HTTPS required but using HTTP
Anonymous access denied but not providing credentials
IP address blocked
Solution: Check configuration, verify credentials, ensure HTTPS.
Cause: controlSources not disabled in configuration.
Solution: Verify Spe.DisableUI.config patch is present and loading.
Web Services Security - Detailed web service configuration
IIS Security - IIS-level hardening
File Upload Restrictions - Configure upload limits
Security Checklist - Validation checklist
- Monitoring remote operations
- Using SPE Remoting features
Creates a new item clone based on the item provided.
© 2010-2019 Adam Najmanowicz, Michael West. All rights reserved. Sitecore PowerShell Extensions
Parent item under which the clone should be created.
Required?
true
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Name of the item clone.
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Add the parameter to clone thw whole branch rather than a single item.
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
The item to be cloned.
Required?
true
Position?
1
Default Value
Accept Pipeline Input?
true (ByValue, ByPropertyName)
Accept Wildcard Characters?
false
Path to the item to be cloned.
Required?
true
Position?
1
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Id of the item to be cloned
Required?
true
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Database of the item to be cloned if item is specified through its ID.
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
The input type is the type of the objects that you can pipe to the cmdlet.
Sitecore.Data.Items.Item
The output type is the type of the objects that the cmdlet emits.
Sitecore.Data.Items.Item
Help Author: Adam Najmanowicz, Michael West
Clone /sitecore/content/home/ under /sitecore/content/new-target/ with the "New Home" name.
Downloads are hosted on Github
Legend: "–" - not supported; "✓" - supported.
[1] Released by Sitecore for SXA which can be download from the however you should be safe simply installing the official SPE release on GitHub.
[2] Some features are not available. It is recommended to upgrade to the latest version available for 9.2.
Publish-Item command unsupported ()
When reviewing the different download packages you may see some names that are not too clear. The following list outlines what those names should mean.
N.X : Full N.X release - This refers to the package used by Standalone and CM roles. This includes what is required to see the PowerShell ISE, Console and their associated services.
N.X Minimal : Server-side remoting only - This refers to the package with only files. Useful for remotely connecting to SPE.
N.X Authorable Reports : Additional reports and tools - This package is a sublemental installation to the full version with additional reports. With version 6.0 this package is no longer needed as the reports are included with the full release.
Retrieves item fields as either names or fields or template fields.
Get-ItemField [-Item] <Item> [-IncludeStandardFields] [-ReturnType <Name | Field | TemplateField>] [-Name <String[]>] [-Language <String[]>]
Get-ItemField [-Path] <String> [-IncludeStandardFields] [-ReturnType <Name | Field | TemplateField>] [-Name <String[]>] [-Language <String[]>]
Get-ItemField -Id <String> [-Database <String>] [-IncludeStandardFields] [-ReturnType <Name | Field | TemplateField>] [-Name <String[]>] [-Language <String[]>]
Retrieves item fields as either names or fields or template fields.
© 2010-2019 Adam Najmanowicz, Michael West. All rights reserved. Sitecore PowerShell Extensions
Includes fields that are defined on "Standard template"
Determines type returned. The possible values include:
Name - strings with field names.
Field - fields on the item
TemplateField - template fields.
Array of names to include - supports wildcards.
Language that will be analysed. If not specified the current user language will be used. Globbing/wildcard supported.
The item to be analysed.
Path to the item to be analysed.
Id of the item to be analysed.
Database containing the item to be analysed - can work with Language parameter to narrow the publication scope.
The input type is the type of the objects that you can pipe to the cmdlet.
Sitecore.Data.Items.Item
The output type is the type of the objects that the cmdlet emits.
Sitecore.Data.Items.Item
Sitecore.Data.Templates.TemplateField
Sitecore.Data.Fields.Field
Help Author: Adam Najmanowicz, Michael West
Get list of names of non standard fields from /sitecore/content/home item
Get list of fields including standard fields from /sitecore/content/home item and list their Name, DisplayName, SectionDisplayName and Description in a table.
Understanding the security policies that govern SPE is essential for properly securing your installation. SPE operates under two primary security contexts that work together to control what scripts can do.
SPE security operates on two levels:
Application Pool Service Account - Controls OS-level access (file system, registry, network)
Sitecore User Account - Controls Sitecore API access (content, security, configuration)
Both security contexts work together to determine what a PowerShell script can accomplish.
The Windows PowerShell runspace executes under the identity of the IIS application pool service account. This account determines what OS-level resources the script can access through PowerShell providers.
Key Providers Affected:
FileSystem - Read/write files and directories
Registry - Read/write Windows registry keys
Environment - Access environment variables
Certificate - Access certificate stores
The application pool service account gives SPE access to OS-level features. If the service account can delete files from the root directory, SPE can do the same.
Example: If your application pool runs as NETWORK SERVICE or ApplicationPoolIdentity, the script may have:
Read/write access to C:\inetpub\wwwroot
Access to the application directories
Potentially access to other directories on the system
✅ Do:
Use the principle of least privilege
Audit file system permissions for the service account
Restrict the account to only necessary directories
Use a named service account when you need specific permissions
❌ Don't:
Run as LocalSystem or Administrator
Grant the service account unnecessary file system permissions
Assume ApplicationPoolIdentity is fully restricted
Allow write access to system directories
Example: Check which directories the service account can access:
You can restrict which directories SPE can access by:
NTFS Permissions - Remove unnecessary file system permissions from the service account
AppLocker - Use Windows AppLocker to restrict PowerShell execution paths
File Upload Restrictions - Configure SPE to only allow uploads to specific locations (see )
Scripts execute within the security context of the logged-in Sitecore user. The user's Sitecore roles and permissions determine what content and functionality the script can access through the Sitecore API.
Key Areas Controlled:
Content item access (read/write/delete)
Security management (users/roles)
Configuration access
Workflow operations
The Sitecore security model applies to all script operations that use the Sitecore API:
However, scripts can bypass Sitecore security just like any other Sitecore API code:
Security Note: Scripts can disable Sitecore security checks using SecurityDisabler and other disablers. This is why limiting who can write and execute scripts is critical.
SPE features are protected by Sitecore security at the application level. Access to SPE interfaces is controlled through item-level security in the Core database.
Configuration Location: core:\content\Applications\PowerShell
Note: Security is validated in each SPE application within the OnLoad function.
Context menu items in the Content Editor are also protected by security.
Configuration Location: core:\content\Applications\Content Editor\Context Menues\Default\
Note: PowerShell Script Library and PowerShell Script items have additional visibility and enabled rules. Adjust role permissions on these items to control menu visibility.
✅ Do:
Only grant SPE access to trusted administrators
Use Sitecore roles to control feature access
Require Session Elevation (UAC) for production environments
Audit which users have access to Developer and related roles
❌ Don't:
Grant sitecore\Developer role to content authors
Assume Sitecore security prevents all unauthorized actions
Allow untrusted users to write or execute scripts
Ignore the fact that scripts can disable security
Example: Check current user context and permissions:
Both security contexts work together. A script is limited by whichever context is more restrictive:
Example Scenarios:
Implement defense in depth by restricting both security contexts:
Minimum file system access
No access to sensitive directories
Regular permission audits
Role-based access control
Session elevation required
Regular role membership audits
Script library security reviews
- Require reauthentication
- Disable unnecessary endpoints
- Block anonymous access
- Detect unauthorized access
Configure to add an additional authentication layer
Review if you need external access
Learn about
Complete the
https://blog.najmanowicz.com/2014/10/26/sitecore-powershell-extensions-persistent-sessions/Modules may contain PowerShell Script Library items and PowerShell Script items. The following section outlines some of the basic concepts you need to know for the following chapters.
The library items represent a collection of scripts, and may be structured with one or more levels of libraries.
You'll find that with the Integration Points some libraries should be created with specific names (i.e. Content Editor, Control Panel).
As a best practice we recommend that the Functions library consist of reusable scripts containing PowerShell functions (i.e. Do-Something) while other libraries contain the solution specific scripts (i.e. MakeScriptingGreatAgain).
Example: The following demonstrates the use of the Functions script library containing Get-DateMessage.
Some names we've used included:
Beginner Tutorials
Content Editor
Content Maintenance
Content Interrogation
Interactive : The following fields support the two custom rules as well as a variety of out-of-the-box rules.
ShowRule (Show if rules are met or not defined) - typically controls visibility of integration points.
PowerShell
where calling the specific PowerShell script returns $True
There are a number of use cases for the EnableRule and ShowRule.
If there is a UI component the ShowRule can be used to ensure it appears while the EnableRule can toggle when it can be clicked.
If there is no UI component, the EnableRule is used to determine when the script should be executed; useful to limit creation of PowerShell runspaces.
Use the below report to help you identify which PoweShell Script and Script Library items contain rules that could alter the behavior or visibility.
The script items represent the code that will be executed.
There are three conventions that we recommend you follow which are shown with an example below.
Title Casing - This should be used when the name will be exposed in places such as the Content Editor, script library names, and Reports root directory.
Sentence casing - This should be used when the name is long and will not be visible to the user or is a report with a very long name.
Noun-Verb - This should be used when the script is stored within the Functions script library and will be imported using the command Import-Function.
Interactive : Refer to the description shown for PowerShell Script Library .
Scripting
Script (Script body) : This is a multi-line text than should be edited using the PowerShell ISE application.
Session Persistency
PersistentSessionId (Persistent Session ID) : Context scripts using this ID will execute in a single session and be reused; leaving empty will cause the session to be discarded after execution. This value should be used for rules requesting the session ID.
Use this field in combination with the rules related to Persistent Session.
Read more about how Adam implemented this feature here:
Creates new entry in the history store notifying of workflow state change.
New-ItemWorkflowEvent [-Item] <Item> [-OldState <String>] [-NewState <String>] [-Text <String>] [-Language <String[]>]
New-ItemWorkflowEvent [-Path] <String> [-OldState <String>] [-NewState <String>] [-Text <String>] [-Language <String[]>]
New-ItemWorkflowEvent -Id <String> [-Database <String>] [-OldState <String>] [-NewState <String>] [-Text <String>] [-Language <String[]>]
Creates new entry in the history store notifying of workflow state change.
© 2010-2019 Adam Najmanowicz, Michael West. All rights reserved. Sitecore PowerShell Extensions
Id of the old state. If not provided - current item workflow state will be used.
Id of the old state. If not provided - current item workflow state will be used.
Action comment.
Language that will be used as source language. If not specified the current user language will be used. Globbing/wildcard supported.
The item to have the history event attached.
Path to the item to have the history event attached - additionally specify Language parameter to fetch different item language than the current user language.
Id of the the item to have the history event attached - additionally specify Language parameter to fetch different item language than the current user language.
Database containing the item to have the history event attached - can work with Language parameter to narrow the publication scope.
The input type is the type of the objects that you can pipe to the cmdlet.
Sitecore.Data.Items.Item
Help Author: Adam Najmanowicz, Michael West
Execute-Workflow
Allows users to download files from server and file items from media library.
Send-File [-Path] <String> [-Message <String>] [-NoDialog] [-ShowFullPath] [-Title <String>] [-Width <Int32>] [-Height <Int32>]
Send-File [-Item] <Item> [-Message <String>] [-NoDialog] [-ShowFullPath] [-Title <String>] [-Width <Int32>] [-Height <Int32>]
Executing this command with file path on the server provides script users with means to download a file to their computer. Executing it for an Item located in Sitecore Media library allows the user to download the blob stored in that item. If the file has been downloaded the dialog returns "downloaded" string, otherwise "cancelled" is returned.
© 2010-2019 Adam Najmanowicz, Michael West. All rights reserved. Sitecore PowerShell Extensions
The following abbreviations are aliases for this cmdlet:
Download-File
Path to the file to be downloaded. The file has to exist in the Data folder. Files from outside the Data folder are not downloadable.
Message to show the user in the download dialog.
The item to be downloaded.
If this parameter is used the Dialog will not be shown but instead the file download will begin immediately.
If this parameter is used the Dialog will display full path to the file downloaded in the dialog, otherwise only the file name will be shown.
Download dialog title.
Download dialog width.
Download dialog height.
The input type is the type of the objects that you can pipe to the cmdlet.
Sitecore.Data.Items.Item
The output type is the type of the objects that the cmdlet emits.
System.String
Help Author: Adam Najmanowicz, Michael West
Download File from server disk drive
Download item from media library
Delegated Access allows lower-privileged users to run specific scripts with elevated permissions by impersonating a power user. This provides controlled privilege escalation for trusted operations without granting users permanent elevated access.
Delegated Access solves a common problem: You want to give content authors access to specific administrative tasks without making them full administrators.
Without Delegated Access:
Building reports is a straightforward task. We've provided a variety of examples for you to model when designing your own.
The Authorable Reports module includes reports such as Index Viewer and Rules based report that provide input dialogs to help make the reports dynamic.
Note: The Index Viewer and Rules Based Report are bundled as separate a package on the Sitecore Marketplace.
<powershell>
<uploadFile>
<allowedFileTypes>
<pattern>image/*</pattern>
<pattern>.xls</pattern>
<pattern>.xlsx</pattern>
<pattern>.csv</pattern>
</allowedFileTypes>
<allowedLocations>
<path>$SitecoreMediaFolder</path>
</allowedLocations>
</uploadFile>
</powershell><configuration xmlns:patch="https://www.sitecore.net/xmlconfig/">
<sitecore>
<powershell>
<uploadFile>
<allowedFileTypes>
<pattern>.csv</pattern>
<pattern>.txt</pattern>
<pattern>.xml</pattern>
<pattern>.json</pattern>
</allowedFileTypes>
</uploadFile>
</powershell>
</sitecore>
</configuration><configuration xmlns:patch="https://www.sitecore.net/xmlconfig/">
<sitecore>
<powershell>
<uploadFile>
<allowedFileTypes>
<!-- All image types -->
<pattern>image/*</pattern>
<!-- All text types -->
<pattern>text/*</pattern>
<!-- Specific MIME type -->
<pattern>application/json</pattern>
<pattern>application/xml</pattern>
</allowedFileTypes>
</uploadFile>
</powershell>
</sitecore>
</configuration><configuration xmlns:patch="https://www.sitecore.net/xmlconfig/">
<sitecore>
<powershell>
<uploadFile>
<allowedFileTypes>
<!-- Excel -->
<pattern>.xls</pattern>
<pattern>.xlsx</pattern>
<pattern>application/vnd.ms-excel</pattern>
<pattern>application/vnd.openxmlformats-officedocument.spreadsheetml.sheet</pattern>
<!-- Word -->
<pattern>.doc</pattern>
<pattern>.docx</pattern>
<pattern>application/msword</pattern>
<pattern>application/vnd.openxmlformats-officedocument.wordprocessingml.document</pattern>
<!-- PowerPoint -->
<pattern>.ppt</pattern>
<pattern>.pptx</pattern>
<pattern>application/vnd.ms-powerpoint</pattern>
<pattern>application/vnd.openxmlformats-officedocument.presentationml.presentation</pattern>
</allowedFileTypes>
</uploadFile>
</powershell>
</sitecore>
</configuration><configuration xmlns:patch="https://www.sitecore.net/xmlconfig/">
<sitecore>
<powershell>
<uploadFile>
<allowedLocations>
<path>$SitecoreTempFolder</path>
</allowedLocations>
</uploadFile>
</powershell>
</sitecore>
</configuration><configuration xmlns:patch="https://www.sitecore.net/xmlconfig/">
<sitecore>
<powershell>
<uploadFile>
<allowedLocations>
<path>$SitecoreTempFolder</path>
<path>$SitecoreDataFolder\uploads</path>
<path>$SitecorePackageFolder</path>
</allowedLocations>
</uploadFile>
</powershell>
</sitecore>
</configuration><!-- DO NOT DO THIS -->
<allowedLocations>
<path>C:\</path> <!-- Root drive -->
<path>C:\Windows</path> <!-- Windows directory -->
<path>C:\inetpub\wwwroot</path> <!-- Web root (allows direct access) -->
</allowedLocations><configuration xmlns:patch="https://www.sitecore.net/xmlconfig/">
<sitecore>
<powershell>
<uploadFile>
<!-- Only allow data file types -->
<allowedFileTypes>
<pattern>.csv</pattern>
<pattern>.xls</pattern>
<pattern>.xlsx</pattern>
<pattern>text/csv</pattern>
<pattern>application/vnd.ms-excel</pattern>
<pattern>application/vnd.openxmlformats-officedocument.spreadsheetml.sheet</pattern>
</allowedFileTypes>
<!-- Only allow specific import locations -->
<allowedLocations>
<path>$SitecoreTempFolder</path>
<path>$SitecoreDataFolder\uploads</path>
</allowedLocations>
</uploadFile>
</powershell>
</sitecore>
</configuration><configuration xmlns:patch="https://www.sitecore.net/xmlconfig/">
<sitecore>
<controlSources>
<source mode="on" namespace="Spe.Client.Controls" assembly="Spe">
<patch:delete />
</source>
<source mode="on" namespace="Spe.Client.Applications"
folder="/sitecore modules/Shell/PowerShell/" deep="true">
<patch:delete />
</source>
</controlSources>
</sitecore>
</configuration><configuration xmlns:patch="https://www.sitecore.net/xmlconfig/">
<sitecore>
<powershell>
<services>
<!-- Enable remoting with HTTPS requirement -->
<remoting>
<patch:attribute name="enabled">true</patch:attribute>
<patch:attribute name="requireSecureConnection">true</patch:attribute>
<!-- Clear default authorization -->
<authorization>
<patch:delete />
</authorization>
<!-- Add specific service account -->
<authorization>
<add Permission="Allow" IdentityType="User" Identity="sitecore\automation-user" desc="CI/CD automation account" />
</authorization>
</remoting>
<!-- Optionally enable file operations for package deployment -->
<fileDownload>
<patch:attribute name="enabled">true</patch:attribute>
</fileDownload>
<fileUpload>
<patch:attribute name="enabled">true</patch:attribute>
</fileUpload>
</services>
</powershell>
</sitecore>
</configuration><configuration>
<system.web>
<authorization>
<!-- Deny anonymous access -->
<deny users="?" />
</authorization>
</system.web>
<system.webServer>
<security>
<!-- Require HTTPS -->
<access sslFlags="Ssl" />
<!-- Optional: IP restrictions for build servers -->
<ipSecurity allowUnlisted="false">
<add ipAddress="10.0.0.100" allowed="true" desc="Build Server 1" />
<add ipAddress="10.0.0.101" allowed="true" desc="Build Server 2" />
</ipSecurity>
</security>
</system.webServer>
</configuration># Test from remote machine using SPE Remoting module
Import-Module SPE
# Create session
$session = New-ScriptSession `
-Username "sitecore\automation-user" `
-Password "SecurePassword123!" `
-ConnectionUri "https://sitecore-instance.local"
# Test script execution
$result = Invoke-RemoteScript -Session $session -ScriptBlock {
Get-Item -Path "master:\content\home" | Select-Object -ExpandProperty Name
}
Write-Host "Result: $result" -ForegroundColor Green
# Close session
Stop-ScriptSession -Session $sessionPS master:\> $newTarget = Get-Item master:\content\new-target\
PS master:\> New-ItemClone -Path master:\content\home -Destination $newTarget -Name "New Home"text/plain, text/*
Data Files
.json, .xml
application/json, application/xml
Archives
.zip
application/zip
C:\inetpub\wwwroot\temp
$SitecoreMediaFolder
Media folder
C:\inetpub\wwwroot\upload
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
true
Position?
1
Default Value
Accept Pipeline Input?
true (ByValue, ByPropertyName)
Accept Wildcard Characters?
false
Required?
true
Position?
1
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
true
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
true
Position?
1
Default Value
Accept Pipeline Input?
true (ByValue, ByPropertyName)
Accept Wildcard Characters?
false
Required?
true
Position?
1
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
true
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
true
Position?
1
Default Value
Accept Pipeline Input?
true (ByValue, ByPropertyName)
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
true
Position?
1
Default Value
Accept Pipeline Input?
true (ByValue)
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
PS master:\> Get-ItemField -Path master:\content\home
Text
Title
ImagePS master:\> Get-Item master:\content\home | Get-ItemField -IncludeStandardFields -ReturnType Field -Name "*" | ft Name, DisplayName, SectionDisplayName, Description -auto
Name DisplayName SectionDisplayName Description
---- ----------- ------------------ -----------
__Revision Revision Statistics
__Standard values __Standard values Advanced
__Updated by Updated by Statistics
__Validate Button Validation Rules Validation Button Validation Rules Validation Rules
__Created Created Statistics
__Thumbnail Thumbnail Appearance
__Insert Rules Insert Rules Insert Options
__Short description Short description Help
__Created by Created by Statistics
__Presets Presets Layout
Text Text Data The text is the main content of the document.PS master:\> New-ItemWorkflowEvent -Path master:\content\home -lanuage "en" -Text "Just leaving a note"PS master:\> Send-File -Path "C:\Projects\ZenGarden\Data\packages\Sitecore PowerShell Extensions-6.0.zip"PS master:\> Get-Item "master:/media library/Showcase/awesome_logo" | Send-File -Message "Awesome Logo"✓
✓
✓
✓
6.4
✓
✓
✓
✓
✓
-
6.3
✓
✓
✓
✓
-
-
6.2
✓
✓
✓
-
-
-
6.1
✓
✓
✓
-
-
-
6.0
✓
✓
✓
-
-
-
✓
✓
✓
✓
6.4
✓
✓
✓
✓
✓
✓
6.3
✓
✓
✓
✓
✓
✓
6.2
✓
✓
✓
✓
✓
✓
6.1
✓
✓
✓
✓
✓
✓
6.0
✓
✓
✓
✓
✓
✓
5.1
✓
✓
✓
✓
✓
✓
5.0
✓
✓
✓
✓
✓
✓
4.7
✓
✓
✓
✓
✓
–
4.6
✓
✓
✓
–
–
–
4.5
✓
✓
✓
–
–
–
4.4
✓
✓
✓
–
–
–
4.3
✓
✓
✓
–
–
–
4.2
✓
✓
✓
–
–
–
4.1
✓
✓
✓
–
–
–
4.0
✓
✓
–
–
–
–
Indexing commands unsupported (#1133)
N.X Remoting : SPE Remoting module for CI/CD - This provides a Windows PowerShell module for connecting to SPE remotely. Use in combination with the full or minimal packages.
SPE ↓ / Sitecore→
9.3
10.0
10.1
10.2
10.3
10.4
8.0
✓
✓
✓
✓
✓
✓
7.0
✓
SPE ↓ / Sitecore→
8.0
8.1
8.2
9.0
9.1
9.2
8.0
✓
✓
✓
✓
✓
✓
7.0
✓
✓
✓
Test what directories the account can access
PowerShell Reports
sitecore\Sitecore Client Authoring (read)
See
Review script libraries for appropriate security settings
Use delegated access for controlled privilege escalation
Give broad access to SPE features
Delete file outside Sitecore
Has file permission
Is administrator
✅ Success (dangerous!)
ApplicationPoolIdentity
Limited local access
No user profile ($HOME is empty); may have broader file system access than expected
NetworkService
Network and local access
Similar to ApplicationPoolIdentity; verify file system permissions
Custom Domain Account
Defined by domain policy
Has a user profile; permissions controlled by Active Directory
LocalSystem
Full system access
PowerShell Console
sitecore\Developer (read)
core:\content\Applications\PowerShell\PowerShellConsole
PowerShell ISE
sitecore\Developer (read)
core:\content\Applications\PowerShell\PowerShellIse
PowerShell ListView
sitecore\Sitecore Client Users (read)
core:\content\Applications\PowerShell\PowerShellListView
PowerShell Runner
sitecore\Sitecore Client Users (read)
Edit with ISE
sitecore\Developer (read)
Enabled when item template is PowerShell Script, otherwise Hidden
Console
sitecore\Developer (read)
Enabled when user is admin or in role sitecore\Sitecore Client Developing, otherwise Hidden
Scripts
sitecore\Sitecore Limited Content Editor (deny read)
Enabled when the service and user are authorized to execute, otherwise Hidden
Read Sitecore content
Has file access
Has read permission
✅ Success
Read Sitecore content
Has file access
No read permission
❌ Denied by Sitecore
Delete file outside Sitecore
No file permission
Is administrator
❌ Never use - grants unlimited access
core:\content\Applications\PowerShell\PowerShellRunner
❌ Denied by Windows
Event Handlers
Functions
Internal
Page Editor
Pipelines
Profile and Security
Reports
Script Testing
Tasks
Toolbox
User Interaction
Web API
where specific persistent PowerShell session was already initiated #153
Pairs with the PersistentSessionId field on the Script item template.
where specific persistent PowerShell session was already initiated and has the specific variable defined and not null
Pairs with the PersistentSessionId field on the Script item template.
where exposed in a specific view #156
Used with the command Show-ListView to allow actions to be visible only on views with a corresponding name.
EnableRule (Enable if rules are met or not defined) - typically controls enabled state of integration points.
Same as above
ISE Plugin
ISE Plugin
Reports List View Action
Reports List View Action
Reports List View Export
Reports List View Export
Page Editor
Page Editor
Content Editor Context Menu
Content Editor Context Menu
Content Editor Gutter
Content Editor Insert Item
Content Editor Ribbon
Content Editor Ribbon
Content Editor Warning
Risk: Users have more permissions than needed
Violates principle of least privilege
With Delegated Access:
Users keep limited permissions
Specific scripts run with elevated permissions
All actions are logged with both user identities
Scenario: Content authors need to publish items but shouldn't have global publish rights.
Solution: Create a script that publishes specific items, configured to run as an administrator via delegated access.
Scenario: Managers need to run reports that query all items, but they have limited content access.
Solution: Configure the report script to impersonate an administrator, allowing full content access for the report only.
Scenario: A user needs to perform bulk updates on items they normally can't modify.
Solution: Create a controlled script with delegated access that performs the specific operation.
Scenario: Users need to trigger workflow commands that require elevated permissions.
Solution: Workflow scripts run with delegated access to perform administrative actions.
Delegated Access Item - Configuration item that defines the delegation
Requester Role - Sitecore role containing lower-privileged users
Impersonated User - Power user account whose permissions are used
Delegated Scripts - Specific scripts that run with elevated permissions
The following walkthrough demonstrates with an out-of-the-box feature called Elevated Unlock, used to help provide a group of users access to unlock items, an action they would not normally have rights to perform.
Navigate in Content Editor to where delegated access configurations are stored and use the insert option.
Name the new item "Elevated Unlock".
Enter the role that contains the lower-privileged users who should have delegated access.
Field: Requester Role
Example Values:
sitecore\Elevated Unlock - Custom role for editors
Why use roles instead of users?
Easier to manage
Follows role-based access control (RBAC) best practices
Changes apply to all role members automatically
Enter the user account whose permissions will be used when scripts execute.
Field: Impersonated User
Example Values:
sitecore\Admin - Full administrative access
sitecore\PowerUser - Custom account with specific elevated permissions
Security Consideration: The impersonated user should have the minimum permissions needed for the delegated scripts. Don't always use sitecore\Admin - create dedicated service accounts with specific permissions instead.
Choose which scripts and libraries should run with delegated access and ensure the appropriate rules are configured.
See the Security Management script module for more examples:
/sitecore/system/Modules/PowerShell/Script Library/SPE/Tools/Security Management
This can be configured identical to the Gutter script.
What to include:
Scripts that should run with elevated permissions
Script libraries containing those scripts
Scripts with rules that check for delegated access
Multilist Field: Select from available PowerShell scripts and script libraries.
Check the "Enabled" field to activate the delegated access configuration.
Field: Enabled (checkbox)
Important: Test thoroughly before enabling in production. Delegated access grants powerful permissions to lower-privileged users.
The final version of the configuration item may look something like the following:
The selected items should reflect scripts and libraries that have rules associated to limit access to users. For example, if a script library for reports have no rules associated, then all of its content will be visible to users.
All delegated access operations are logged to the SPE log file.
Log Entry Format:
Log Components:
Timestamp: When the script executed
Script ID: Unique identifier for the script
Context User: The actual logged-in user
Impersonated User: The elevated account used for execution
Regular log review should include:
✅ Monitor for:
Unexpected impersonation attempts
Scripts running as admin that shouldn't
Failed delegated access attempts
Unusual patterns (same user repeatedly, odd times)
Example log analysis query:
✅ Do:
Use dedicated service accounts instead of sitecore\Admin when possible
Limit delegated scripts to specific, necessary operations
Regularly audit who has delegated access (review role membership)
Monitor SPE logs for delegated access usage
Test delegated access configurations in non-production first
Document why each delegated access configuration exists
Use confirmation dialogs in delegated scripts for destructive operations
Implement input validation in all delegated scripts
Set appropriate item-level security on delegated access items
❌ Don't:
Grant delegated access to broad roles like "Everyone"
Always impersonate sitecore\Admin - use least privilege
Allow arbitrary code execution in delegated scripts
Forget to enable logging in delegated scripts
Skip user confirmations for destructive operations
Create delegated access "just in case" - only when needed
Allow users to modify delegated access configurations
Delegate scripts that can modify security or create users
Impersonated User
Dedicated service account
Easier to audit, limited permissions
Requester Role
Specific, narrow role
Limits who can use delegation
Script Scope
Single, focused operation
Reduces risk of abuse
Logging
Always log delegated actions
Audit trail for compliance
When writing scripts for delegated access:
Validate All Input:
Limit Scope:
Confirm Destructive Operations:
Log Actions:
Possible causes:
Delegated access item is not enabled
User is not in the requester role
Script is not selected in the delegated scripts field
Script library containing the script is not selected or enabled.
Solution: Verify all configuration fields and ensure the user is in the correct role.
Cause: Script or script library not included in delegated scripts selection.
Solution: Add both the script AND its parent library to the delegated scripts field.
Cause: Insert options not configured or user lacks permissions.
Solution: Verify insert options are configured on the parent item and user has write access.
Cause: Impersonated user account lacks necessary Sitecore permissions.
Solution: Grant the impersonated user account the required Sitecore roles and item permissions.
Privilege Escalation Abuse
Limit scripts to specific operations, validate input
Over-Privileged Impersonation
Use dedicated accounts with minimal required permissions
Broad Role Assignment
Only grant delegated access to specific, trusted roles
Script Modification
Protect script items with item-level security
Logging Gaps
Ensure all delegated operations are logged
Layer multiple security controls:
Role Membership - Only trusted users in requester role
Script Security - Item-level security on delegated scripts
Input Validation - Scripts validate and limit operations
Confirmations - User must confirm destructive actions
Logging - All operations logged
Auditing - Regular log review
Least Privilege - Impersonated users have minimum permissions
Security Policies - Understand SPE security model
Session Elevation - Additional authentication layer
User and Role Management - Managing Sitecore roles
Logging and Monitoring - Audit delegated access usage
GitHub Issue #1283 - Feature introduction
The Index Viewer report provides a great example at how to build a generic report that queries against the Sitecore index. By navigating to Sitecore -> Toolbox -> Index Viewer you can conveniently launch the report.
First you will be prompted with a dialog to select the index to search.
Next you will be prompted with a variety of buttons and knobs to narrow down the search results.
Finally the report is shown. Each row has an option to show more field results.
The Show Full Info link will then returns the additional fields not shown in the report.
The Authorable Reports module has a few points of interest.
The script library Internal/List View/Ribbon/SearchResultItem instructs the report to show the action scripts when the row contains an entry with the typename SearchResultItem.
The script library Toolbox/Index Viewer represents the shortcut.
Examples:
The Content Reports module includes other reports used for auditing. Below are some examples on how to create your own. You can control the report menu with the Enable and Show rules. This can be helpful if you want to secure specific reports with security roles.
The rules engine can be used the control the report export and action commands. Use the Enable and Show rules to make the necessary changes.
Examples:
Content extracted from Turn Your Sitecore Powershell Reports into Applications with Action Scripts article written by Adam.
Actions are simply commands powered by scripts and with visibility dependent on certain conditions like the .Net class of the object that is displayed or perhaps other session settings.
You define an action as a script located in an SPE script library and appears in the Actions panel. In the simplest scenario the action would appear when the script library name matches the .Net class name of the items displayed. In the above scenario the actions are placed under /Platform/Internal/List View/Ribbon/Item/ where Platform is the module and Item is a script library. Let's take a look at the script here /Platform/Internal/List View/Ribbon/Item/Open
The variable $selectedData is provided to the script automatically by SPE in context of the content of the results on Show-ListView.
When your action script is executed the environment is initialized with a number of variables at your disposal as seen below:
$selectedData – the selected objects in the list view (the same will be passed to the $resultSet variable for compatibility with older scripts)
$allData – all objects passed to the list view using the -Data parameter.
$filteredData – all objects displayed after filtering is performed with the search criteria entered by the user in the ribbon.
$exportData – same as $filteredData, however in this case the objects will have additional properties to support easy display with properties processed as text.
$actionData – any object that was passed to Show-ListView using the -ActionData parameter. Useful when you need additional context that the Show-ListView command does not explicitly know about. It’s your custom data.
$formatProperty – the content of the –Property parameter when running the command.
$title – window title of the list view.
$infoTitle – info title of the list view.
$infoDescription – info title of the list view.
Consequently you get the full state of the report the user sees in the UI and you can act upon it.
You can have multiple actions defined with dynamic visibility. The actions are generally only relevant in the context of your report. This is done on two levels. The first level happens based on the location of the script and .Net object type you are displaying in the report. The second level is based on Sitecore rules. For the action to appear all of the following conditions must be met:
All scripts visible in the report should be located in an enabled module.
The action script should be within the path /Internal/List View/Ribbon/[Object type]. The [Object type] is the name of the .Net class for which the action is valid. For example, if you want your action to be visible for Sitecore.Data.Items.Item then save the script at the path /Internal/List View/Ribbon/Item.
If the action script has no rules defined in the "Show if rules are met or not defined" field it will appear for all objects passed to Show-ListView that are of the type based on location. Rules will provide more granular control and allow for rule-based conditions that determine action visibility.
Rules add the full power of the Sitecore rules engine – similarly to what you can do on context menu items or ribbon actions in Content Editor. Some examples where this can be useful include only enabling or disabling the action for items located under a specific branch of the tree or if a persistent session exists.
The following screenshot shows how to create an action that only appears in reports that list objects of type Item that are of template Schedule.
For specific reports this global state might not always be enough. You can narrow down the rules further by using the report name. Name your report by providing an additional parameter to Show-ListView.
Consider the following script:
The output of the report will be like any other unnamed report but adds support for additional rules. Let's say I want my action to open a new report that lists all the children of the selected items in the report "ListChildren". After running the action my script should display the new report with the children and close the "ListChildren" report. Not very useful but illustrates the point.
Now I need to save my script in the proper Script Library in my enabled module:
At this point my action will show on all reports what list Item objects. But now that my script is saved I can modify its rules to narrow it down only to Show for reports named "ListChildren". For this I can click the Runtime button in the ISE ribbon and edit the Show if rules are met or not defined field.
Now you can specify that you want the action to only appear when the report is named "ListChildren".
Confirm the save on all dialogs to persist your changes. Now our action appears when we run this script in ISE.
The action does not appear if no view name is provided to the -ViewName parameter. Running the script below will produce a report with the action not shown:
The above action works just fine but will close the previous report and open a new report window in the Sitecore desktop. That's not a great user experience. What if you want to update the content of the report in place using the action? That's possible using the Update-ListView command. Consider the following script:
In this case we're not closing the existing report but rather updating the list in place, all you need to do is send the new data to the Update-ListView command.
One last thing that you might wonder is if the Write-Progress command works as it does in case of ISE or the dialog that runs scripts from Content Editor context menu. Let’s copy the following script into your action:
And you will see the following output:
The action runs fully asynchronously so you’re free to show any of the power of the provided commands. This means that you can ask for additional input using the Read-Variable command or Show alert using the Show-Alert command or do just about anything possible otherwise from the context menu, ribbon or other interactive integration points.
The Show-ListView command has one more useful parameter named -ActionData which I mentioned above but is worth mentioning again. Anything passed using this parameter will be set as the $actionData variable – this means your report and actions can pass custom data in them it can be as simple as an object or as complex as a hashtable so there is really no hard limit on what can progress from a report to report. Any object that was passed to Show-ListView using the -ActionData parameter will be available to your action.
The persistent session ID will be respected and your script will run in that persistent session if it's already in memory or create a persistent session if it's not.
Alternatively you can elect to simply freeze the session the initial script that generated report was running in and run actions in that same frozen session by using the -ActionsInSession parameter.
The Show-ListView command provides the Hide parameter to control visibility of the UI elements.
Add parameter -Hide with one or more of the following options:
AllExport - hides all export scripts (left-most ribbon panel)
NonSpecificExport - hides export filters that are not specific to this view as specified by -ViewName (left-most ribbon panel)
Filter - hides filter panel
PagingWhenNotNeeded - hides paging when list is shorter than the page specified
AllActions - hides all actions (right-most ribbon panel)
NonSpecificActions - hides actions that are not specific to this view as specified by -ViewName (right-most ribbon panel)
StatusBar - hides status bar.
Example: The following example all of the UI elements in the report.
Active Commerce for Sitecore product has published reports on Github that you can checkout here.
Removes Language/Version from a single item or a branch of items
Removes Language/Version from a an Item either sent from pipeline or defined with Path or ID. A single language or a list of languages can be defined using the Language parameter. Language parameter supports globbing so you can delete whole language groups using wildcards.
© 2010-2019 Adam Najmanowicz, Michael West. All rights reserved. Sitecore PowerShell Extensions
The following abbreviations are aliases for this cmdlet:
Remove-ItemLanguage
Deleted language versions from the item and all of its children.
Language(s) that should be deleted form the provided item(s). A single language or a list of languages can be defined using the parameter. Language parameter supports globbing so you can delete whole language groups using wildcards.
Version(s) that should be deleted form the provided item(s). A single version or a list of versions can be defined using the parameter. Version parameter supports globbing so you can delete whole version groups using wildcards.
Language(s) that should NOT be deleted form the provided item(s). A single language or a list of languages can be defined using the parameter. Language parameter supports globbing so you can delete whole language groups using wildcards.
If Language parameter is not is not specified but ExcludeLanguage is provided, the default value of "*" is assumed for Language parameter.
If provided - trims the selected language to value specified by this parameter.
The item/version to be processed. You can pipe a specific version of the item for it to be removed.
Path to the item to be processed - can work with Language parameter to narrow the publication scope.
Id of the item to be processed - can work with Language parameter to narrow the publication scope.
Database containing the item to be processed - can work with Language parameter to narrow the publication scope.
Specifying this switch will move the items to the archive rather than recycle bin.
The input type is the type of the objects that you can pipe to the cmdlet.
Sitecore.Data.Items.Item
Help Author: Adam Najmanowicz, Michael West
Remove Polish and Spanish language from /sitecore/content/home item in the master database
Remove all english based languages defined in /sitecore/content/home item and all of its children in the master database
Remove all languages except those that are "en" based defined in /sitecore/content/home item and all of its children in the master database
Trim all languages to 3 latest versions for /sitecore/content/home item and all of its children in the master database
The following moves the specified item version to the archive.
Remove-Item
Session Elevation provides a User Account Control (UAC) layer for SPE, similar to Windows UAC. This security feature requires users to reauthenticate or confirm before accessing powerful SPE features, even if they already have the necessary role permissions.
Session Elevation adds a time-based authentication layer on top of Sitecore's role-based security. This provides defense in depth by requiring users to:
Have the appropriate Sitecore role (e.g., sitecore\Developer
# Test file system access
Test-Path "C:\Windows\System32" -PathType Container
Test-Path "C:\inetpub\wwwroot" -PathType Container
# Check current identity
[System.Security.Principal.WindowsIdentity]::GetCurrent().Name
# Verify HOME directory
$HOME# This respects Sitecore security
Get-Item -Path "master:\content\home"
# This also respects Sitecore security
Get-User -Identity "sitecore\testuser"# This bypasses Sitecore security
New-UsingBlock (New-Object Sitecore.SecurityModel.SecurityDisabler) {
# Code here runs with full Sitecore permissions
Get-Item -Path "master:\content\home"
}# Get current user
$user = Get-User -Current
Write-Host "Current User: $($user.Name)"
# Check if user is in a role
$user.IsInRole("sitecore\Developer")
# List all roles for current user
$user.Roles | ForEach-Object { $_.Name }
# Test item access
$item = Get-Item -Path "master:\content\home"
$item.Access.CanRead()
$item.Access.CanWrite()
$item.Access.CanDelete()# /sitecore/system/modules/powershell/script library/spe rocks/functions/get-datemessage
function Get-DateMessage {
"The current date and time is: $(Get-Date)"
}# /sitecore/system/modules/powershell/script library/spe rocks/alerts/show-datemessage
Import-Function -Name Get-DateMessage
Show-Alert (Get-DateMessage)<#
.SYNOPSIS
Report to find all Script and Script Library items with Show Rules or Enable Rules
.DESCRIPTION
This report searches for all items based on Script and Script Library templates
and identifies those that have Show Rule or Enable Rule fields populated.
#>
function Render-RuleField {
param(
$Field
)
$renderer = New-Object Sitecore.Shell.Applications.Rules.RulesRenderer ($Field)
$sw = New-Object System.IO.StringWriter
$renderer.Render($sw)
$sw.ToString()
}
# Define the template IDs for Script and Script Library
$scriptTemplateId = "{DD22F1B3-BD87-4DB2-9E7D-F7A496888D43}"
$scriptLibraryTemplateId = "{AB154D3D-1126-4AB4-AC21-8B86E6BD70EA}"
# Initialize results collection
$results = @()
# Get all Script items
Write-Host "Searching for Script and Script Library items..." -ForegroundColor Green
$scriptItems = Get-ChildItem -Path "master:\sitecore\system\Modules\PowerShell" -Recurse |
Where-Object { $_.TemplateID -eq $scriptTemplateId -or $_.TemplateID -eq $scriptLibraryTemplateId } |
Where-Object { ($_.ShowRule -and $_.ShowRule -ne "<ruleset />") -or ($_.EnableRule -and $_.EnableRule -ne "<ruleset />") }
# Display results
if($scriptItems.Count -gt 0) {
$scriptItems | Show-ListView -Property @(
@{Label="Item Name"; Expression={$_.Name}},
@{Label="Template"; Expression={$_.Template.Name}},
@{Name="ShowRule";Expression={Render-Rule -Rule $_.ShowRule}},
@{Name="EnableRule";Expression={Render-Rule -Rule $_.EnableRule}},
@{Label="Item Path"; Expression={$_.ItemPath}},
@{Label="Item ID"; Expression={$_."Item ID"}}
) -Title "Scripts and Script Libraries with Show/Enable Rules" `
-InfoTitle "Found $($results.Count) item(s)" `
-InfoDescription "Script and Script Library items that have Show Rule or Enable Rule configured"
} else {
Show-Alert "No items found with Show Rule or Enable Rule configured."
}if ([string]::IsNullOrWhiteSpace($itemPath)) {
Show-Alert "Invalid item path"
return
}# Only allow operations under /sitecore/content/Home
if (-not $item.Paths.FullPath.StartsWith("/sitecore/content/Home")) {
Show-Alert "Operation not allowed for this item"
return
}$result = Show-Confirm "This will delete $($items.Count) items. Continue?"
if ($result -ne "yes") { return }Write-Log "Delegated access: $([Sitecore.Context]::User.Name) published $($item.Paths.FullPath)"1. Content Author (limited permissions) clicks report
2. SPE checks for delegated access configuration
3. If found, script executes as Administrator
4. Script can access/modify content beyond author's permissions
5. Actions are logged showing both identities2304 14:02:32 INFO [Gutter] Executing script {CFE81AF6-2468-4E62-8BF2-588B7CC60F80} for Context User sitecore\contentauthor as sitecore\Admin.# Find all delegated access operations
$logfiles = Get-ChildItem -Path $SitecoreLogFolder -Filter "SPE.log.*"
foreach($logfile in $logfiles) {
$logEntries = Get-Content -Path $logfile.FullName | Where-Object {
$_ -match "Executing script .* for Context User .* as .*"
}
$logEntries | ForEach-Object {
if ($_ -match "Context User (?<context>\S+) as (?<impersonated>\S+)") {
[PSCustomObject]@{
ContextUser = $matches['context']
ImpersonatedUser = $matches['impersonated']
LogLine = $_
}
}
}
}foreach($item in $selectedData){
# Run Sheer application on Desktop
Show-Application `
-Application "Content Editor" `
-Parameter @{id ="$($item.ID)"; fo="$($item.ID)";
la="$($item.Language.Name)"; vs="$($item.Version.Number)";
sc_content="$($item.Database.Name)"}
}Get-ChildItem master:\ | Show-ListView -ViewName ListChildrenGet-ChildItem master:\ | Show-ListView -ViewName ListChildren -Property Name, ProviderPathGet-ChildItem master:\ | Show-ListView -Property Name, ProviderPathfor($i = 0; $i -le 10; $i++){
Write-Progress -Activity "I need to do something important for 5 seconds" `
-Status "I'm quite on track..." `
-PercentComplete ($i*10) -SecondsRemaining (5-$i/2) `
-CurrentOperation "Trying to look busy.";
Start-Sleep -m 500
}
Write-Progress -Activity "Now I'm doing something else..." `
-Status "Should take me about 3 seconds but I'm not quite sure...";
Start-Sleep -s 3;
for($i = 0; $i -le 10; $i++){
Write-Progress -Activity "Ok let me revisit one more thing..." `
-Status "Just 5 more seconds" `
-PercentComplete ($i*10) -SecondsRemaining (5-$i/2) `
-CurrentOperation "Just making sure.";
Start-Sleep -m 500;
}
Write-Progress -Completed -Activity "Done."Get-ChildItem master:\ |
Show-ListView `
-Hide AllActions, AllExport, Filter, PagingWhenNotNeeded, StatusBar `
-Property Name, DisplayName, ProviderPath, __Updated, "__Updated By"Remove-ItemVersion -Language <String[]> [-Version <String[]>] [-ExcludeLanguage <String[]>] [-Path] <String> [-Recurse] [-MaxRecentVersions <Int32>]
Remove-ItemVersion -Language <String[]> [-Version <String[]>] [-ExcludeLanguage <String[]>] -Id <String> [-Database <String>] [-Recurse] [-MaxRecentVersions <Int32>]
Remove-ItemVersion [-Language <String[]>] [-Version <String[]>] [-ExcludeLanguage <String[]>] [-Item] <Item> [-Recurse] [-MaxRecentVersions <Int32>]
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
true
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
true
Position?
1
Default Value
Accept Pipeline Input?
true (ByValue, ByPropertyName)
Accept Wildcard Characters?
false
Required?
true
Position?
1
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
true
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Remove-ItemVersion -Path master:\content\home -Language "pl-pl", "es-es"Remove-ItemVersion -Path master:\content\home -Language "en-*" -RecurseRemove-ItemVersion -Path master:\content\home -ExcludeLanguage "en*" -RecurseRemove-ItemVersion -Path master:\content\home -Language * -MaxRecentVersions 3 -Recurse$itemId = "{72EB19F8-E62A-4B99-80A3-63E03F4FD036}"
Get-Item -Path "master:" -ID $itemId -Version 2 | Remove-ItemVersion -ArchiveAND provide additional authentication or confirmation
This protects against:
Hijacked sessions being used to execute malicious scripts
Accidental execution of dangerous operations
Unauthorized access when a user leaves their workstation unlocked
Session Elevation consists of three key components:
Entry points where scripts enter Sitecore through built-in interfaces.
Built-in Gates:
Console - PowerShell Console application
ISE - Integrated Scripting Environment
ItemSave - Saving PowerShell script items in Content Editor
Each gate can reference a token that controls its elevation requirements.
Configuration objects that define elevation behavior and session lifetime.
Token Attributes:
name
Unique identifier referenced by gates
String (e.g., "Console", "ISE")
expiration
How long an elevated session lasts
Timespan (hh:mm:ss)
elevationAction
What happens when elevation is needed
Allow, Block, Password, Confirm
The behavior when a user attempts to access a gate without an active elevated session.
Use Case: Development environments only
Always allows access without prompting. The session runs elevated immediately.
Never use Allow in production! This completely disables session elevation and should only be used on local development machines.
Use Case: Completely disable a feature
Always blocks access. The gate cannot be used at all.
When to use:
Disable the Console entirely in production
Prevent script editing via Content Editor
Lock down specific gates for security compliance
Use Case: Standard authentication (recommended for most environments)
Prompts the user to enter their password to elevate the session.
How it works:
User attempts to access the Console/ISE
If no elevated session exists or it has expired, a password prompt appears
User enters their Sitecore password
Upon successful authentication, session is elevated for the expiration duration
During the expiration window, no further prompts appear
Best for:
Standard Sitecore authentication
Production environments
QA and staging environments
Environments with local user accounts
Use Case: Single Sign-On (SSO) and federated authentication
Prompts the user to confirm (click a button) to elevate the session. No password is entered.
When to use:
Azure AD authentication
ADFS/SAML authentication
Any SSO provider where password re-entry isn't possible
Identity Server configurations
Why Confirm instead of Password: When using federated authentication, users don't have a password stored in Sitecore. The Confirm action provides a "speed bump" to prevent accidental operations without requiring credentials that don't exist.
When accessing the Console without an elevated session:
Password prompt appears (if using Password action)
Enter credentials to elevate
Console becomes accessible for the token expiration duration
Before Elevation:
The ISE displays a warning banner:
After Elevation:
The warning changes to show the session is elevated with a "Drop" option:
Users can manually drop the elevated session if they finish working early.
Before Elevation:
When editing PowerShell Module, Script Library, or Script items, sensitive fields are hidden and a warning appears:
Click "Elevate session" to authenticate and reveal the fields.
After Elevation:
Fields become editable with an option to drop the session:
Relaxed settings for local development:
Strict settings with password requirement:
Settings for federated authentication:
Lock down the Console while allowing ISE access:
Multiple gates can share the same token. When a user elevates through one gate, all gates sharing that token are also elevated.
Example: Share a single token across all gates:
Each gate can have its own token for fine-grained control:
Development
30-60 minutes
Minimize interruptions during active development
QA/Staging
10-15 minutes
Balance security with testing needs
Production
3-5 minutes
Maximum security, minimal exposure window
Local Dev
Allow
Convenience for solo developers
Shared Dev
Password
Prevent unauthorized access
QA/Staging
Password
Match production security
Production (Standard Auth)
Password
✅ Do:
Use short expiration times in production (5 minutes or less)
Require Password or Confirm in all non-dev environments
Test your configuration in each environment
Train users on the "Drop session" functionality
Document your elevation strategy
❌ Don't:
Use Allow in production
Set expiration times longer than 15 minutes in production
Forget to configure all three gates (Console, ISE, ItemSave)
Ignore the difference between Password and Confirm for SSO
Possible causes:
Token elevationAction is set to Allow
Gate is not configured to use a token
Configuration patch is not being applied
Solution: Verify configuration and check Sitecore logs.
Cause: Configuration shows Password instead of Confirm.
Solution: Change to elevationAction="Confirm" for SSO environments.
Cause: Expiration time is too short.
Solution: Increase the expiration attribute (but keep it under 15 minutes in production).
Cause: Session elevation is set to Block or user doesn't complete elevation.
Solution: Check configuration and verify elevation action is appropriate.
Configure Web Services Security for external access
Learn about Delegated Access for controlled privilege escalation
Review User and Role Management
Complete the Security Checklist
Testing
Test in QA first
Catch security issues before production
Review
Quarterly access review
Remove unused delegations
Creates a version of the item in a new language based on an existing language version.
Creates a new version of the item in a specified language based on an existing language/version. Based on parameters you can make the command bahave differently when a version in the target language already exists and define which fields if any should be copied over from the original language.
© 2010-2020 Adam Najmanowicz, Michael West. All rights reserved. Sitecore PowerShell Extensions
The following abbreviations are aliases for this cmdlet:
Add-ItemLanguage
Process the item and all of its children.
Default value is Append. Accepts one of 3 values:
Append - [Default] if language version exists create a new version with values copied from the original language
Skip - if language version exists don't do anything
OverwriteLatest - if language version exists overwrite the last version with values copied from the original language
Default value is Skip. Accepts one of 2 values:
Skip - [Default] if the source item has no versions don't do anything
Add - if the source item has no versions create a version without any copied values
Language or a list of languages that should be created
Creates a new version in the target language but does not copy field values from the original language
List of fields that should not be copied over from original item. As an example, use "__Security" if you don't want the new version to have the same restrictions as the original version.
In addition to the fields in -IgnoredFields the following fields are ignored as configured in Spe.config file in the following location: configuration/sitecore/powershell/translation/ignoredFields.
Fields ignored out of the box include:
__Archive date
__Archive Version date
__Lock
__Owner
Language that will be used as source language. If not specified the current user language will be used.
The item / version to be processed.
Path to the item to be processed - additionally specify Language parameter to fetch different item language than the current user language.
Id of the item to be processed - additionally specify Language parameter to fetch different item language than the current user language.
Database containing the item to be processed - can work with Language parameter to narrow the publication scope.
The input type is the type of the objects that you can pipe to the cmdlet.
Sitecore.Data.Items.Item
The output type is the type of the objects that the cmdlet emits.
Sitecore.Data.Items.Item
Help Author: Adam Najmanowicz, Michael West
Translate the Home Item from English to US and Polish leaving the "Title" field blank. If a version exists don't do anything
Translate the children of Home item (but only those of Template Name "Sample Item") from English to US and Polish. If a version exists create a new version for that language. Display results in a table listing item name, language and created version number.
New-Item
<token name="Console">
<patch:attribute name="elevationAction">Allow</patch:attribute>
</token><token name="Console">
<patch:attribute name="elevationAction">Block</patch:attribute>
</token><token name="Console">
<patch:attribute name="elevationAction">Password</patch:attribute>
<patch:attribute name="expiration">00:05:00</patch:attribute>
</token><token name="Console">
<patch:attribute name="elevationAction">Confirm</patch:attribute>
<patch:attribute name="expiration">00:05:00</patch:attribute>
</token><configuration xmlns:patch="https://www.sitecore.net/xmlconfig/">
<sitecore>
<powershell>
<userAccountControl>
<tokens>
<token name="Console">
<patch:attribute name="expiration">01:00:00</patch:attribute>
<patch:attribute name="elevationAction">Allow</patch:attribute>
</token>
<token name="ISE">
<patch:attribute name="expiration">01:00:00</patch:attribute>
<patch:attribute name="elevationAction">Allow</patch:attribute>
</token>
<token name="ItemSave">
<patch:attribute name="expiration">01:00:00</patch:attribute>
<patch:attribute name="elevationAction">Allow</patch:attribute>
</token>
</tokens>
</userAccountControl>
</powershell>
</sitecore>
</configuration><configuration xmlns:patch="https://www.sitecore.net/xmlconfig/">
<sitecore>
<powershell>
<userAccountControl>
<tokens>
<token name="Console">
<patch:attribute name="expiration">00:05:00</patch:attribute>
<patch:attribute name="elevationAction">Password</patch:attribute>
</token>
<token name="ISE">
<patch:attribute name="expiration">00:05:00</patch:attribute>
<patch:attribute name="elevationAction">Password</patch:attribute>
</token>
<token name="ItemSave">
<patch:attribute name="expiration">00:05:00</patch:attribute>
<patch:attribute name="elevationAction">Password</patch:attribute>
</token>
</tokens>
</userAccountControl>
</powershell>
</sitecore>
</configuration><configuration xmlns:patch="https://www.sitecore.net/xmlconfig/">
<sitecore>
<powershell>
<userAccountControl>
<tokens>
<token name="Console">
<patch:attribute name="expiration">00:05:00</patch:attribute>
<patch:attribute name="elevationAction">Confirm</patch:attribute>
</token>
<token name="ISE">
<patch:attribute name="expiration">00:05:00</patch:attribute>
<patch:attribute name="elevationAction">Confirm</patch:attribute>
</token>
<token name="ItemSave">
<patch:attribute name="expiration">00:05:00</patch:attribute>
<patch:attribute name="elevationAction">Confirm</patch:attribute>
</token>
</tokens>
</userAccountControl>
</powershell>
</sitecore>
</configuration><configuration xmlns:patch="https://www.sitecore.net/xmlconfig/">
<sitecore>
<powershell>
<userAccountControl>
<tokens>
<token name="Console">
<patch:attribute name="elevationAction">Block</patch:attribute>
</token>
<token name="ISE">
<patch:attribute name="expiration">00:10:00</patch:attribute>
<patch:attribute name="elevationAction">Password</patch:attribute>
</token>
<token name="ItemSave">
<patch:attribute name="expiration">00:10:00</patch:attribute>
<patch:attribute name="elevationAction">Password</patch:attribute>
</token>
</tokens>
</userAccountControl>
</powershell>
</sitecore>
</configuration><userAccountControl>
<gates>
<gate name="Console" token="SharedToken" />
<gate name="ISE" token="SharedToken" />
<gate name="ItemSave" token="SharedToken" />
</gates>
<tokens>
<token name="SharedToken">
<patch:attribute name="expiration">00:10:00</patch:attribute>
<patch:attribute name="elevationAction">Password</patch:attribute>
</token>
</tokens>
</userAccountControl><userAccountControl>
<gates>
<gate name="Console" token="ConsoleToken" />
<gate name="ISE" token="ISEToken" />
<gate name="ItemSave" token="ItemSaveToken" />
</gates>
<tokens>
<token name="ConsoleToken">
<patch:attribute name="expiration">00:03:00</patch:attribute>
<patch:attribute name="elevationAction">Password</patch:attribute>
</token>
<token name="ISEToken">
<patch:attribute name="expiration">00:15:00</patch:attribute>
<patch:attribute name="elevationAction">Password</patch:attribute>
</token>
<token name="ItemSaveToken">
<patch:attribute name="expiration">00:05:00</patch:attribute>
<patch:attribute name="elevationAction">Confirm</patch:attribute>
</token>
</tokens>
</userAccountControl>Add-ItemVersion [-Item] <Item> [-Recurse] [-IfExist <Append | Skip | OverwriteLatest>] [-TargetLanguage <String[]>] [-DoNotCopyFields] [-IgnoredFields <String[]>] [-Language <String[]>]
Add-ItemVersion [-Path] <String> [-Recurse] [-IfExist <Append | Skip | OverwriteLatest>] [-TargetLanguage <String[]>] [-DoNotCopyFields] [-IgnoredFields <String[]>] [-Language <String[]>]
Add-ItemVersion -Id <String> [-Database <String>] [-Recurse] [-IfExist <Append | Skip | OverwriteLatest>] [-TargetLanguage <String[]>] [-DoNotCopyFields] [-IgnoredFields <String[]>] [-Language <String[]>]Require reauthentication
Production (SSO/Azure AD)
Confirm
Provide confirmation step
__Page Level Test Set Definition
__Reminder date
__Reminder recipients
__Reminder text
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
true
Position?
1
Default Value
Accept Pipeline Input?
true (ByValue, ByPropertyName)
Accept Wildcard Characters?
false
Required?
true
Position?
1
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
true
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
PS master:\> Add-ItemVersion -Path "master:\content\home" -Language "en" -TargetLanguage "pl-pl", "en-us" -IfExist Skip -IgnoredFields "Title"Add a Japanese version to /sitecore/content/home item in the master database based on itself
PS master:\> Add-ItemVersion -Path "master:\content\home" -Language ja-JP -IfExist AppendGet-ChildItem "master:\content\home" -Language "en" -Recurse | `
Where-Object { $_.TemplateName -eq "Sample Item" } | `
Add-ItemVersion -TargetLanguage "pl-pl" -IfExist Append | `
Format-Table Name, Language, Version -auto
Shows a dialog to users allowing to upload files to either server file system or items in media library.
Receive-File [-Description <String>] [-ParentItem] <Item> [-Title <String>] [-CancelButtonName <String>] [-OkButtonName <String>] [-Versioned] [-Language <String>] [-Overwrite] [-Unpack] [-Width <Int32>] [-Height <Int32>]
Receive-File [-Description <String>] [-Path] <String> [-Title <String>] [-CancelButtonName <String>] [-OkButtonName <String>] [-Overwrite] [-Unpack] [-Width <Int32>] [-Height <Int32>]
Receive-File [-ParentItem] <Item> -AdvancedDialog [-Width <Int32>] [-Height <Int32>]
Executing this command with file path on the server (provided as -Path parameter) provides script users with means to upload a file from their computer. Executing it for an Item located in Sitecore Media library (provided as -ParentItem) allows the user to upload the file as a child to that item. If the file has been uploaded the dialog returns path to the file (in case of file system storage) or Item that has been created if the file was uplaoded to media library.
© 2010-2019 Adam Najmanowicz, Michael West. All rights reserved. Sitecore PowerShell Extensions
Dialog description displayed below the dialog title.
The item under which the uploaded media items should be stored.
Path to the folder where uploaded file should be stored.
Dialog title - shown at the top of the dialog.
Text shown on the cancel button.
Text shown on the OK button.
Indicates that the Media item should be created as a Versioned media item.
Specifies the language in which the media item should be created. if not specified - context language is selected.
indicates that the upload should overwrite a file or a media item if that one exists. Otherwise a file with a non-confilicting name or a sibling media item is created.
Indicates that the uplaod is expected to be a ZIP file which should be unpacked when it's received.
Shows advanced dialog where user can upload multiple media items and select if the uploaded items are versioned, overwritten and unpacked.
Dialog width.
Dialog width.
The input type is the type of the objects that you can pipe to the cmdlet.
Sitecore.Data.Items.Item
System.String
The output type is the type of the objects that the cmdlet emits.
Sitecore.Data.Items.Item
System.String
Help Author: Adam Najmanowicz, Michael West
Upload text.txt file to server disk drive. A new file is created with a non-conflicting name and the path to it is returned
Upload text.txt file to media library under the 'master:\media library\Files' item A new media item is created and returned
Upload text.txt file to media library under the 'master:\media library\Files' item using advanced dialog. A new media item is created but "undetermined" is returned as the dialog does not return the results.
Upload text.txt file to media library under the 'master:\media library\Files' item. A new versioned media item in Danish language is created and returned. If the media item existed - it will be overwritten.
Comprehensive logging and monitoring are essential for detecting security incidents, troubleshooting issues, and maintaining compliance. This guide covers how to configure and use SPE logging for security purposes.
SPE provides logging capabilities that record:
Script execution
User authentication and authorization
Session elevation events
Delegated access usage
Web service calls
Errors and exceptions
Security Best Practice: Enable comprehensive logging in all non-development environments to create an audit trail.
SPE logs are written to:
Typically resolves to:
SPE supports standard log4net levels:
Edit your log4net configuration (typically in App_Config\Sitecore.config or a patch file):
Recommended Settings:
Format:
Format:
Format:
Includes:
Script ID
Context user (actual logged-in user)
Impersonated user (elevated account)
This is critical for audit trails showing privilege escalation.
Format:
Logged Events:
Remoting connections
File uploads/downloads
RESTful API calls
Authorization failures
Format:
Logged Events:
Successful authentication
Failed authentication
Authorization denials
Format:
Includes:
Exception details
Stack traces
User context
Operation being performed
Create a scheduled task to analyze logs daily:
IIS logs provide additional context for web service access:
Location:
Find SPE web service requests:
Find failed authentication (401) to SPE services:
Create alerts for critical security events:
Run this script via Task Scheduler every 5 minutes.
For enterprise environments, integrate SPE logs with your Security Information and Event Management (SIEM) system.
Common SIEM Solutions:
Splunk
ELK Stack (Elasticsearch, Logstash, Kibana)
Azure Sentinel
ArcSight
Different compliance frameworks have different retention requirements:
Note: The requirements may have changed since the publishing of this document. Please confirm with your organization and legal team as to the requirements you must meet.
The configuration of log retention will be dependent on your solution.
The archival strategy implementation will be dependent on your solution.
Track these metrics for security monitoring:
✅ Do:
Enable INFO level logging in production
Monitor logs daily for suspicious activity
Set up alerts for critical security events
Retain logs per compliance requirements
❌ Don't:
Disable logging in production
Ignore failed authentication attempts
Delete logs prematurely
Log sensitive data (passwords, tokens)
Possible causes:
log4net configuration incorrect
File permissions prevent writing
Disk space full
SPE logger disabled
Solution: Check log4net config, verify permissions, ensure disk space.
Cause: DEBUG level in production or high activity.
Solution: Change to INFO or WARN level, implement log rotation.
Cause: Log rotation moved old logs or logs were deleted.
Solution: Check archived logs, adjust retention period.
- Includes logging validation
- Monitoring delegated access usage
- Monitoring web service security
- IIS log integration
Your Sitecore implementation may require vendor-specific documentation as log4net is bundled/compiled in the Sitecore libraries.
We've provided a few commands to interact with the user through dialogs.
Simple in the sense that the dialogs present the user with a short message and one or two buttons.
The Alert dialog is a way to notify the user of important information with an "OK" button.
Example: The following display a modal dialog.
No return value.
The Confirmation dialog is a way to verify with the user before proceeding.
Example: The following displays a modal dialog with an OK or Cancel confirmation.
Example: The following displays an input dialog for text.
Example: The following displays an input dialog with a error validation message.
The Read-Variable command provides a way to prompt the user for information and then generate variables with those values.
Example: The following displays a dialog with a dropdown.
Note: The name selectedOption will result in a variable that contains the selected option.
Supported Parameter Values
Editor Types
bool
check
date
date time
The Confirmation Choice dialog allows for multiple combinations like that seen with a "Yes, Yes to all, No, No to all" scenario.
Example: The following displays a modal dialog with choices.
Note: The hashtable keys should be incremented like btn_0, btn_1, and so on. The return value is the key name.
The Upload dialog provides a way to upload files from a local filesystem to the media library or server filesystem.
Example: The following displays an advanced upload dialog.
No return value.
The Download dialog provides a way to download files from the server to a local filesystem.
Example: The following displays a download dialog.
The Field Editor dialog offers a convenient way to present the user with fields to edit.
Example: The following displays a field editor dialog.
The File Browser is an obvious choice when you need to upload, download, or delete files.
Example: The following displays a file browser dialog for installation packages.
Example: The following displays a simple file browser dialog.
Example: The following displays a Sheer UI control without any additional parameters.
The "Data List" is essentially a report viewer which supports custom actions, exporting, and filtering.
Example: The following displays a list view dialog with the child items under the Sitecore tree.
The Results dialog resembles the Console but does not provide a prompt to the user. This is useful for when logging messages.
Example: The following displays a dialog with the all the information written to the ScriptSession output buffer.
Publishes a Sitecore item.
Publish-Item [-Item] <Item> [-Recurse] [-Target <String[]>] [-PublishMode <Unknown | Full | Incremental | SingleItem | Smart>] [-PublishRelatedItems] [-RepublishAll] [-CompareRevisions] [-FromDate <DateTime>] [-AsJob] [-Language <String[]>]
Publish-Item [-Path] <String> [-Recurse] [-Target <String[]>] [-PublishMode <Unknown | Full | Incremental | SingleItem | Smart>] [-PublishRelatedItems] [-RepublishAll] [-CompareRevisions] [-FromDate <DateTime>] [-AsJob] [-Language <String[]>]
Publish-Item -Id <String> [-Database <String>] [-Recurse] [-Target <String[]>] [-PublishMode <Unknown | Full | Incremental | SingleItem | Smart>] [-PublishRelatedItems] [-RepublishAll] [-CompareRevisions] [-FromDate <DateTime>] [-AsJob] [-Language <String[]>]
The Publish-Item command publishes the Sitecore item and optionally subitems. Allowing for granular control over languages and modes of publishing.
© 2010-2019 Adam Najmanowicz, Michael West. All rights reserved. Sitecore PowerShell Extensions
Specifies that subitems should also get published with the root item.
Specifies one or many publishing targets. The default target database is "web".
Specified the Publish mode. Valid values are:
Full
Incremental
SingleItem
Smart
Turns publishing of related items on. Works only on Sitecore 7.2 or newer
Republishes all items provided to the publishing job.
Turns revision comparison on.
Publishes items newer than the date provided only.
The Sitecore API called to perform the publish is different with this switch. You may find that events fire as expected using this.
Language of the item that should be published. Supports globbing/wildcards. Allows for more than one language to be provided at once. e.g. "en*", "pl-pl"
Path to the item that should be published - can work with Language parameter to narrow the publication scope.
Id of the item that should be published - can work with Language parameter to narrow the publication scope.
The input type is the type of the objects that you can pipe to the cmdlet.
Sitecore.Data.Items.Item
The output type is the type of the objects that the cmdlet emits.
None.
Help Author: Michael West, Adam Najmanowicz
Publish to many databases
Adding security at the IIS (Internet Information Services) level provides an additional layer of protection for SPE web services. This creates defense in depth by blocking unauthorized access before requests even reach the Sitecore application.
IIS-level security complements Sitecore-level security by:
Denying anonymous access to SPE services
SPE provides several web services for external access and automation. By default, most services are disabled to minimize the attack surface. This guide explains each service and how to secure them when enabled.
Web services enable powerful capabilities like:
Remote script execution (SPE Remoting)
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
true
Position?
1
Default Value
Accept Pipeline Input?
true (ByValue)
Accept Wildcard Characters?
false
Required?
true
Position?
1
Default Value
Accept Pipeline Input?
true (ByValue, ByPropertyName)
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
true
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
FATAL
Critical errors
Always enabled
cs-User-Agent
User agent string
Identify automation vs browsers
File Upload Attempts
File upload failures
Monitor for patterns
Script Errors
Script execution errors
Monitor trends
Archive old logs securely
Integrate with SIEM if available
Document your monitoring procedures
Review delegated access usage regularly
Track failed authentication patterns
Monitor web service usage for anomalies
Forget to monitor IIS logs too
Ignore ERROR and WARN messages
Let log files consume all disk space
Quarterly Report
Quarterly
Executive summary
DEBUG
Detailed diagnostic information
Development and troubleshooting
INFO
Informational messages
Production (recommended)
WARN
Warning messages
Production (recommended)
ERROR
Error messages
Always enabled
Development
DEBUG
Maximum detail for troubleshooting
QA/Staging
INFO
Balance detail and volume
Production
INFO or WARN
Important events without excessive detail
c-ip
Client IP address
Identify source of requests
cs-username
Authenticated username
Track who accessed services
cs-uri-stem
Requested URI
Identify which services were called
sc-status
HTTP status code
PCI-DSS
1 year (3 months online)
HIPAA
6 years
SOC 2
1+ years
GDPR
Varies by data type
Failed Auth Rate
Failed authentications per hour
Alert if > 10
Elevation Denials
Session elevation denials
Alert if > 5
Delegated Access
Delegated access usage
Monitor trends
Web Service 401/403
Unauthorized web service calls
Alert if > 20
Real-time Alerts
Continuous
Automated scripts/SIEM
Daily Review
Daily
Automated summary email
Weekly Analysis
Weekly
Manual review of trends
Monthly Audit
Monthly
Comprehensive security review
Find authorization failures (401, 403)
Tooltip (optional)
string
Short description or tooltip
"Check to run quietly
Tab (optional)
string
Tab title
"Simple"
Placeholder (optional)
string
Textbox placeholder
"Search text..."
Lines (optional)
int
Line count
3
Editor (optional)
string
Control type
"date time"
Domain (optional)
string
Domain name for security editor
"sitecore"
Options (optional)
string OrderedDictionary Hashtable
Data for checklist or dropdown
@{"Monday"=1;"Tuesday"=2}
Columns
int string
Number between 1 and 12 and string 'first' or 'last'
6 first
droplist
droptree
groupeddroplink
groupeddroplist
info
item
link
marquee
multilist
multilist search
multiple user
multiple user role
multiple role
multitext
number
pass
radio
rule
rule action
tree
treelist
tristate
time
OK
yes
Cancel
no
OK
< user input >
Cancel
$null
OK
ok
Cancel
cancel
< variables >
< selection >
Name
string
Variable name
isSilent
Value
bool string int float datetime Item
Default value
$true
Title
string
Header or Label
< first button >
btn_0
< second button >
btn_1
< third button >
btn_2
OK
ok
Cancel
cancel
OK
< selected file >
Cancel
undetermined
OK
< selected file >
Cancel
undetermined
"Proceed Silently
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
true
Position?
1
Default Value
Accept Pipeline Input?
true (ByValue, ByPropertyName)
Accept Wildcard Characters?
false
Required?
true
Position?
1
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
true
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Requiring Windows Authentication
Blocking access at the web server level
Protecting against attacks before they reach Sitecore
Defense in Depth: Even if Sitecore security is bypassed, IIS security provides a second barrier.
SPE web services are located in:
Key Files:
web.config - IIS configuration for the services directory
RemoteAutomation.asmx - Remoting service
RemoteScriptCall.ashx - RESTful and file services
PowerShellWebService.asmx - Client service (Console/ISE)
The most basic IIS security is denying anonymous users.
Edit sitecore modules\PowerShell\Services\web.config:
Anonymous
?
Denied
Authenticated
*
Allowed (by default)
Effect:
All anonymous requests are blocked with 401 Unauthorized
Users must authenticate with Sitecore credentials
Protects web services from unauthenticated access
✅ Always use this configuration unless you have a specific reason not to.
Scenarios where you might not:
Public API endpoints (rare and dangerous)
Authentication handled by a different layer
For environments using Windows/Active Directory authentication, you can require Windows credentials at the IIS level.
Open IIS Manager
Navigate to sitecore modules\PowerShell\Services\
Open "Authentication" feature
Disable "Anonymous Authentication"
Enable "Windows Authentication"
Optionally add explicit deny rule:
When using Windows Authentication, SPE Remoting commands require the Credential parameter:
Best for:
Internal corporate networks
Environments with Active Directory
Servers requiring domain authentication
High-security environments
Not suitable for:
Internet-facing servers (which shouldn't have SPE anyway)
Environments without Active Directory
Mixed authentication scenarios
Restrict access to specific Windows users or roles.
Rules are evaluated top to bottom. First match wins.
Example:
Limit access to specific IP addresses or ranges using IIS IP Address and Domain Restrictions.
Open IIS Manager
Navigate to sitecore modules\PowerShell\Services\
Open "IP Address and Domain Restrictions"
Click "Add Allow Entry..." or "Add Deny Entry..."
Enter IP address or range
Allow specific IPs:
Deny specific IPs:
Best for:
Limiting access to build servers
Allowing only internal network ranges
Blocking known malicious IPs
CI/CD automation from specific servers
Example Use Case: Only allow remoting from build server at 10.0.0.100:
Require HTTPS for all SPE web service access.
SSL Flags:
Ssl
Require SSL/TLS connection
SslNegotiateCert
Negotiate client certificate
SslRequireCert
Require client certificate
Ssl128
Require 128-bit SSL
For maximum security, require client certificates:
Use IIS URL Rewrite module to block or redirect requests.
Use IIS Request Filtering to block dangerous requests.
Strict security with deny anonymous:
Allow only build server, require HTTPS:
Require Windows auth with specific roles:
Multiple layers of protection:
✅ Do:
Always deny anonymous access (minimum requirement)
Require HTTPS for all external access
Use IP restrictions for CI/CD scenarios
Implement request filtering to block dangerous patterns
Layer multiple security controls (defense in depth)
Test authentication requirements before deploying
Document your IIS security configuration
Review IIS logs for unauthorized access attempts
❌ Don't:
Allow anonymous access unless absolutely necessary
Use HTTP for sensitive operations
Open access to all IPs without restriction
Forget to configure both IIS and Sitecore security
Assume IIS security alone is sufficient
Deploy without testing authentication workflows
Local Dev
Minimal (allow anonymous for convenience)
Shared Dev
Deny anonymous
QA/Staging
Deny anonymous + HTTPS
Production
Deny anonymous + HTTPS + IP restrictions + request filtering
CI/CD
IP restrictions + HTTPS + specific user/role
Combine multiple security layers:
Network - Firewall rules, VPN requirements
IIS - Authentication, IP restrictions, HTTPS
Sitecore - Role-based authorization, web service controls
SPE - Session elevation, file upload restrictions
Monitoring - Log analysis, alerting
Possible causes:
Denied anonymous but using anonymous access
Windows Authentication not configured correctly
User not in allowed users/roles list
Solution: Verify authentication method and user permissions.
Possible causes:
IP address not in allowed list
SSL required but using HTTP
Client certificate required but not provided
Solution: Check IP restrictions, URL protocol, and certificate configuration.
Possible causes:
Windows Authentication not enabled in IIS
Browser not configured for Windows Auth
User in same domain (auto-authentication)
Solution: Check IIS authentication settings and browser configuration.
Possible causes:
IP restrictions blocking remote IP
Firewall blocking access
Authentication failing for remote user
Solution: Check IP restrictions and firewall rules.
Web Services Security - Sitecore-level web service configuration
Security Policies - Understanding SPE security model
Security Checklist - Validate your complete security configuration
Logging and Monitoring - Monitor for unauthorized access attempts
PS master:\> Receive-File -Path "C:\temp\upload"
C:\temp\upload\text_029.txtPS master:\> Receive-File -ParentItem (get-item "master:\media library\Files")
Name Children Languages Id TemplateName
---- -------- --------- -- ------------
text False {en} {7B11CE12-C0FC-4650-916C-2FC76F3DCAAF} FilePS master:\> Receive-File (get-item "master:\media library\Files") -AdvancedDialog
undeterminedPS master:\> Receive-File -ParentItem (get-item "master:\media library\Files") -Overwrite -Language "da" -Versioned
Name Children Languages Id TemplateName
---- -------- --------- -- ------------
text False {en, da} {307BCF7D-27FD-46FC-BE83-D9ED640CB09F} File$SitecoreLogFolder\SPE.log.{date}.txtC:\inetpub\wwwroot\App_Data\logs\SPE.log.20260101.txt<configuration>
<log4net>
<appender name="PowerShellExtensionsFileAppender" type="log4net.Appender.SitecoreLogFileAppender, Sitecore.Logging">
<file value="$(dataFolder)/logs/SPE.log.{date}.txt"/>
<appendToFile value="true"/>
<layout type="log4net.Layout.PatternLayout">
<conversionPattern value="%4t %d{ABSOLUTE} %-5p %m%n"/>
</layout>
<encoding value="utf-8"/>
</appender>
<logger name="Spe" additivity="false">
<level value="INFO"/>
<appender-ref ref="PowerShellExtensionsFileAppender"/>
</logger>
</log4net>
</configuration>INFO Arbitrary script execution in ISE by user: 'sitecore\Admin'WARN Session state elevated for 'ISE' by user: sitecore\AdminINFO [Gutter] Executing script {CFE81AF6-2468-4E62-8BF2-588B7CC60F80} for Context User sitecore\test as sitecore\Admin.INFO A request to the remoting service was made from IP 10.0.0.27
INFO A request to the mediaUpload service was made from IP 10.0.0.27
WARN A request to the mediaUpload service could not be completed because the provided credentials are invalid.INFO [Runner] Executing script {BD07C7D1-700D-450C-B79B-8526C6643BF3} for Context User sitecore\test2 as sitecore\Admin.# TODO# Tail the SPE log file
# Note that the SPE Console doesn't exit when using -Wait
Get-Content -Path "$($SitecoreLogFolder)\SPE.log.20251201.txt" -Tail 10# Tail the latest SPE log file dynamically
Get-ChildItem -Path $SitecoreLogFolder -Filter "SPE.log.*.txt" | Sort-Object -Descending -Property LastWriteTime | Select-Object -First 1 | ForEach-Object { Get-Content -Path $_.FullName -Tail 10}# Watch for tasks
Get-Content "$SitecoreLogFolder\SPE.log.20251201.txt" | Where-Object { $_ -match "\[Task\]" }# Watch for warnings
Get-Content "$SitecoreLogFolder\SPE.log.20251201.txt" | Where-Object { $_ -match "WARN" }$logPath = "$SitecoreLogFolder\SPE.log.20251201.txt"
$failedAuth = Get-Content $logPath |
Where-Object { $_ -match "credentials are invalid" } |
ForEach-Object {
if ($_ -match "(\d{2}:\d{2}:\d{2}).*WARN\s*(\S+)") {
[PSCustomObject]@{
Timestamp = $matches[1]
User = $matches[2]
LogLine = $_
}
}
}
$failedAuth
# Timestamp User LogLine
# --------- ---- -------
# 11:20:23 A 1508 11:20:23 WARN A request to the mediaUpload service could not be completed because the provided credentials are invalid.$logPath = "$SitecoreLogFolder\SPE.log.20251201.txt"
$delegated = Get-Content $logPath |
Where-Object { $_ -match "Executing script" } |
ForEach-Object {
if ($_ -match "(?<time>\d{2}:\d{2}:\d{2}).*Runner\s*.*Context User\s(?<user>[0-9a-zA-Z\\]*)\sas\s(?<impersonated>[0-9a-zA-Z\\]*).*") {
[PSCustomObject]@{
Timestamp = $matches["time"]
ContextUser = $matches["user"]
ImpersonatedAs = $matches["impersonated"]
LogLine = $_
}
}
}
$delegated | Group-Object ContextUser |
Select-Object Name, Count |
Sort-Object Count -Descending
# Name Count
# ---- -----
# sitecore\test2 1$logPath = "$SitecoreLogFolder\SPE.log.20251201.txt"
$unauthorized = Get-Content $logPath |
Where-Object { $_ -match "credentials are invalid" }
$unauthorized | ForEach-Object {
Write-Host $_ -ForegroundColor Red -BackgroundColor White
}
# 1508 11:20:23 WARN A request to the mediaUpload service could not be completed because the provided credentials are invalid.$logPath = "$SitecoreLogFolder\SPE.log.20251201.txt"
$webServiceCalls = Get-Content $logPath |
Where-Object { $_ -match "remoting" }
# Group by IP address
$webServiceCalls | ForEach-Object {
if ($_ -match "IP\s*(?<ip>[\d\.]+)") {
[PSCustomObject]@{
IP = $matches['ip']
LogLine = $_
}
}
} | Group-Object IP |
Select-Object Name, Count |
Sort-Object Count -Descending
# Name Count
# ---- -----
# 10.0.0.27 105# TODO: Example using Send-MailMessageC:\inetpub\logs\LogFiles\W3SVC1\# TODO Inspect IIS Logs# TODO Inspect IIS Logs# TODO Example with Send-MailMessageShow-Alert -Title "SPE is great!"Show-Confirm -Title "Click OK to acknowledge SPE is great!"Show-Input "Please provide 5 characters at most" -MaxLength 5$inputProps = @{
Prompt = "Enter a new name for the item:"
Validation = [Sitecore.Configuration.Settings]::ItemNameValidation
ErrorMessage = "'`$Input' is not a valid name."
MaxLength = [Sitecore.Configuration.Settings]::MaxItemNameLength
}
Show-Input @inputProps$options = @{
"A"="a"
"B"="b"
}
$props = @{
Parameters = @(
@{Name="selectedOption"; Title="Choose an option"; Options=$options; Tooltip="Choose one."}
)
Title = "Option selector"
Description = "Choose the right option."
Width = 300
Height = 300
ShowHints = $true
}
Read-Variable @propsShow-ModalDialog -Control "ConfirmChoice" -Parameters @{btn_0="Yes - returns btn_0"; btn_1="No - returns btn_1"; btn_2="returns btn_2"; te="Have you downloaded SPE?"; cp="Important Questions"} -Height 120 -Width 650Receive-File (Get-Item "master:\media library\Files") -AdvancedDialogGet-Item -Path "master:\media library\Files\readme" | Send-FileGet-Item "master:\content\home" | Show-FieldEditor -Name "*" -PreserveSectionsShow-ModalDialog -HandleParameters @{
"h"="Create an Anti-Package";
"t" = "Select a package that needs an anti-package";
"ic"="People/16x16/box.png";
"ok"="Pick";
"ask"="";
"path"= "packPath:$SitecorePackageFolder";
"mask"="*.zip";
} -Control "Installer.Browse"Show-ModalDialog -HandleParameters @{
"h"="FileBrowser";
} -Control "FileBrowser" -Width 500Show-ModalDialog -Control "SetIcon"Get-Item -Path master:\* | Show-ListView -Property Name, DisplayName, ProviderPath, TemplateName, Languagefor($i = 0; $i -lt 10; $i++) {
Write-Verbose "Index = $($i)" -Verbose
}
Show-Result -TextPS master:\> Publish-Item -Path master:\content\home -Target InternetPS master:\> Get-Item -Path master:\content\home | Publish-Item -Recurse -PublishMode IncrementalPS master:\> Get-Item -Path master:\content\home | Publish-Item -Recurse -Language "en*"PS master:\> $targets = [string[]]@('web','internet')
PS master:\> Publish-Item -Path master:\content\home -Target $targetssitecore modules\PowerShell\Services\<configuration>
<system.web>
<authorization>
<deny users="?" />
</authorization>
</system.web>
</configuration><configuration>
<system.web>
<authorization>
<deny users="?" />
</authorization>
</system.web>
</configuration># Create credential object
$credential = Get-Credential
# Create session with Windows credentials
$session = New-ScriptSession `
-Username "sitecore\sitecore-user" `
-Password "password" `
-ConnectionUri "https://sitecore.local" `
-Credential $credential
# Or use credential parameter directly
$session = New-ScriptSession `
-ConnectionUri "https://sitecore.local" `
-Credential (Get-Credential)<configuration>
<system.web>
<authorization>
<deny users="?" />
<allow users="DOMAIN\username1, DOMAIN\username2" />
<deny users="*" />
</authorization>
</system.web>
</configuration><configuration>
<system.web>
<authorization>
<deny users="?" />
<allow roles="DOMAIN\Sitecore Administrators" />
<deny users="*" />
</authorization>
</system.web>
</configuration><authorization>
<!-- 1. Deny anonymous -->
<deny users="?" />
<!-- 2. Allow specific users -->
<allow users="DOMAIN\username1" />
<!-- 3. Allow specific roles -->
<allow roles="DOMAIN\Sitecore Administrators" />
<!-- 4. Deny everyone else -->
<deny users="*" />
</authorization><configuration>
<system.webServer>
<security>
<ipSecurity allowUnlisted="false">
<add ipAddress="10.0.0.1" allowed="true" />
<add ipAddress="10.0.0.2" allowed="true" />
<add ipAddress="192.168.1.0" subnetMask="255.255.255.0" allowed="true" />
</ipSecurity>
</security>
</system.webServer>
</configuration><configuration>
<system.webServer>
<security>
<ipSecurity allowUnlisted="true">
<add ipAddress="203.0.113.1" allowed="false" />
<add ipAddress="198.51.100.0" subnetMask="255.255.255.0" allowed="false" />
</ipSecurity>
</security>
</system.webServer>
</configuration><system.webServer>
<security>
<ipSecurity allowUnlisted="false">
<add ipAddress="10.0.0.100" allowed="true" />
</ipSecurity>
</security>
</system.webServer><configuration>
<system.webServer>
<security>
<access sslFlags="Ssl, SslNegotiateCert" />
</security>
</system.webServer>
</configuration><system.webServer>
<security>
<access sslFlags="Ssl" />
</security>
</system.webServer><system.webServer>
<security>
<access sslFlags="Ssl, SslRequireCert" />
</security>
</system.webServer><configuration>
<system.webServer>
<rewrite>
<rules>
<!-- Block requests with suspicious query strings -->
<rule name="Block Malicious Query Strings" stopProcessing="true">
<match url=".*" />
<conditions>
<add input="{QUERY_STRING}" pattern="(eval|exec|system|cmd\.exe)" />
</conditions>
<action type="CustomResponse" statusCode="403" statusReason="Forbidden" />
</rule>
</rules>
</rewrite>
</system.webServer>
</configuration><rewrite>
<rules>
<rule name="Force HTTPS" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="^OFF$" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/{R:1}" redirectType="Permanent" />
</rule>
</rules>
</rewrite><configuration>
<system.webServer>
<security>
<requestFiltering>
<fileExtensions>
<add fileExtension=".exe" allowed="false" />
<add fileExtension=".dll" allowed="false" />
<add fileExtension=".bat" allowed="false" />
<add fileExtension=".cmd" allowed="false" />
</fileExtensions>
</requestFiltering>
</security>
</system.webServer>
</configuration><system.webServer>
<security>
<requestFiltering>
<!-- Max 10MB requests -->
<requestLimits maxAllowedContentLength="10485760" />
</requestFiltering>
</security>
</system.webServer><system.webServer>
<security>
<requestFiltering>
<verbs>
<add verb="TRACE" allowed="false" />
<add verb="TRACK" allowed="false" />
<add verb="OPTIONS" allowed="false" />
</verbs>
</requestFiltering>
</security>
</system.webServer><configuration>
<system.web>
<authorization>
<!-- Deny anonymous access -->
<deny users="?" />
</authorization>
</system.web>
<system.webServer>
<security>
<!-- Require HTTPS -->
<access sslFlags="Ssl" />
<!-- Request filtering -->
<requestFiltering>
<requestLimits maxAllowedContentLength="10485760" />
<fileExtensions>
<add fileExtension=".exe" allowed="false" />
<add fileExtension=".dll" allowed="false" />
</fileExtensions>
</requestFiltering>
</security>
</system.webServer>
</configuration><configuration>
<system.web>
<authorization>
<deny users="?" />
</authorization>
</system.web>
<system.webServer>
<security>
<!-- Require HTTPS -->
<access sslFlags="Ssl" />
<!-- Only allow build server -->
<ipSecurity allowUnlisted="false">
<add ipAddress="10.0.0.100" allowed="true" />
</ipSecurity>
</security>
</system.webServer>
</configuration><configuration>
<system.web>
<authorization>
<deny users="?" />
<allow roles="DOMAIN\Sitecore Administrators, DOMAIN\Sitecore Developers" />
<deny users="*" />
</authorization>
</system.web>
<system.webServer>
<security>
<access sslFlags="Ssl" />
</security>
</system.webServer>
</configuration><configuration>
<system.web>
<authorization>
<deny users="?" />
<allow users="DOMAIN\sitecore-admin" />
<deny users="*" />
</authorization>
</system.web>
<system.webServer>
<security>
<!-- Require HTTPS and client certificate -->
<access sslFlags="Ssl, SslRequireCert" />
<!-- IP restriction to internal network -->
<ipSecurity allowUnlisted="false">
<add ipAddress="10.0.0.0" subnetMask="255.0.0.0" allowed="true" />
</ipSecurity>
<!-- Request filtering -->
<requestFiltering>
<requestLimits maxAllowedContentLength="5242880" />
<verbs>
<add verb="TRACE" allowed="false" />
<add verb="OPTIONS" allowed="false" />
</verbs>
</requestFiltering>
</security>
<!-- URL rewrite to block patterns -->
<rewrite>
<rules>
<rule name="Block Suspicious Patterns" stopProcessing="true">
<match url=".*" />
<conditions>
<add input="{QUERY_STRING}" pattern="(eval|exec|cmd)" />
</conditions>
<action type="CustomResponse" statusCode="403" />
</rule>
</rules>
</rewrite>
</system.webServer>
</configuration>RESTful API access
File and media uploads/downloads
Report exports
Security Warning: Only enable web services you specifically need. Each enabled service increases your attack surface. Never enable services on internet-facing servers.
Services are configured in App_Config\Include\Spe\Spe.config:
Service File: PowerShellWebService.asmx
Purpose: Powers the SPE Console and ISE user interfaces.
Required For:
PowerShell Console
PowerShell ISE (Integrated Scripting Environment)
Security Considerations:
Required for basic SPE functionality
Access controlled by Sitecore user permissions
Protected by Session Elevation (UAC)
Should you disable it? No - this breaks the Console and ISE.
Service File: Various pipeline integrations
Purpose: Checks if users have permission to run SPE applications.
Required For:
Download File dialogs
PowerShell Script Runner
Content Editor integrations (Context Menu, Insert Options, Ribbon)
Security Considerations:
Authorization check service
Does not execute arbitrary code
Validates permissions before allowing access
Should you disable it? No - this breaks SPE integration points.
Service File: RemoteScriptCall.ashx
Purpose: Enables file downloads through the Sitecore interface.
Required For:
Out-Download command
Report exports (CSV, Excel, etc.)
ISE script exports
Security Considerations:
Only works for authenticated users
Requires active Sitecore session
Downloads are temporary and time-limited
Should you disable it? Only if you never need to download files from SPE (rare).
Service File: RemoteAutomation.asmx
Purpose: Allows external clients to execute PowerShell scripts remotely.
Required For:
SPE Remoting module
Automated CI/CD scripts
External automation tools
Security Considerations:
⚠️ HIGH RISK - enables remote code execution
Must be protected with role-based authorization
Should require HTTPS
Ideal for CI/CD environments with proper security
Example Use Case: Automated content deployment from build servers.
Enable with HTTPS requirement:
Restrict to specific users:
Load Balancer Note: When using requireSecureConnection behind a load balancer that handles TLS termination, you may receive 403 errors. The backend server receives HTTP traffic and .NET doesn't recognize it as secure. Consider network-level security instead.
Service File: RemoteScriptCall.ashx
Purpose: Execute scripts via RESTful URLs with all parameters in the URL.
Required For:
PowerShell Web API
RESTful script endpoints
External integrations
Security Considerations:
⚠️ MEDIUM-HIGH RISK - exposes script execution via HTTP
URL-based parameters may be logged
Should require HTTPS
Should use POST instead of GET when possible
Example Use Case: Providing a web API for external systems to query Sitecore content.
Service File: RemoteScriptCall.ashx
Purpose: Download files from the server file system via URL.
Required For:
SPE Remoting file downloads
External file retrieval
Security Considerations:
⚠️ MEDIUM RISK - exposes file system
Restricted by file type and location configuration
Only works with allowed paths
Should you enable it? Only if using SPE Remoting and need file downloads.
Service File: RemoteScriptCall.ashx
Purpose: Upload files to the server file system via URL.
Required For:
SPE Remoting file uploads
External file deployment
Security Considerations:
⚠️ HIGH RISK - allows writing to file system
Restricted by file type and location configuration
Can be used to deploy malicious files if misconfigured
Must be carefully controlled
Should you enable it? Only if absolutely necessary, with strict restrictions.
See File Upload Restrictions for detailed configuration.
Service File: RemoteScriptCall.ashx
Purpose: Download media library items via URL.
Required For:
SPE Remoting media downloads
External media retrieval
Security Considerations:
⚠️ LOW-MEDIUM RISK - exposes media library
Respects Sitecore security
May expose sensitive media items
Should you enable it? Only if using SPE Remoting and need media downloads.
Service File: RemoteScriptCall.ashx
Purpose: Upload files as media library items via URL.
Required For:
SPE Remoting media uploads
External media deployment
Security Considerations:
⚠️ MEDIUM RISK - allows media library uploads
Restricted by file type configuration
Can bloat media library if misused
Should you enable it? Only if using SPE Remoting and need media uploads.
Service File: RemoteScriptCall.ashx
Purpose: Legacy RESTful API from early SPE versions.
Security Considerations:
⚠️ DEPRECATED - avoid using
Use RESTful v2 instead
Should you enable it? No - migrate to v2.
Default configuration - only services needed for Console and ISE:
Enable remoting for build automation, with strict security:
Enable RESTful v2 for web API endpoints:
Enable all remoting capabilities (use with caution):
Restrict remoting access to specific roles or users.
By default, these roles can use remoting (when enabled):
Remove default roles and add your own:
Grant access to individual users:
Add an additional security layer by configuring IIS authentication.
Edit sitecore modules\PowerShell\Services\web.config:
This denies all anonymous users from accessing SPE web services.
For environments with Windows Authentication:
Disable Anonymous Authentication in IIS for sitecore modules\PowerShell\Services\
Enable Windows Authentication
Use the Credential parameter in remoting commands:
✅ Do:
Only enable services you specifically need
Require HTTPS for all external services (requireSecureConnection="true")
Use role-based authorization to limit access
Deny anonymous access at the IIS level
Regularly audit which services are enabled
Use dedicated service accounts for automation
Monitor web service access logs
Disable services in Content Delivery (CD) environments
❌ Don't:
Enable all services "just in case"
Allow HTTP for remoting or file upload
Grant broad role access (e.g., "Everyone")
Use administrator accounts for automation
Enable services on internet-facing servers
Forget to configure authorization when enabling remoting
Leave default passwords on service accounts
Local Dev
All enabled (if needed)
Convenience for development and testing
Shared Dev
handleDownload, client, execution
Only UI features
QA/Staging
Match production
Test with production security
Production CM
handleDownload, client, execution
client
Using Console/ISE (always)
Sitecore user auth + Session Elevation
execution
Using SPE features (always)
Sitecore user auth
handleDownload
Need to download reports/files (usually)
Sitecore user auth
remoting
Need external automation
Cause: Load balancer terminates TLS and forwards HTTP to backend.
Solution:
Configure network-level security instead
Remove requireSecureConnection and secure at network/firewall level
Or configure load balancer to forward HTTPS
Possible causes:
User/role not in authorization list
IIS denies anonymous access but credentials not provided
User doesn't exist or password is incorrect
Solution: Check configuration and verify credentials.
Cause: File type or location not allowed.
Solution: Configure file upload restrictions (see File Upload Restrictions).
File Upload Restrictions - Configure allowed file types and paths
IIS Security - Additional IIS-level hardening
Remoting - Using SPE Remoting features
Web API - Building RESTful APIs with SPE
© 2010-2019 Adam Najmanowicz, Michael West. All rights reserved. Sitecore PowerShell Extensions
Specifies the variables that value should be provided by the user. Each variable definition can have the following structure:
Name - the name of the PowerShell variable - without the $ sign
Value - the initial value of the variable - if the variable have not been created prior to launching the dialog - this will be its value unless the user changes it. if Value is not specified - the existing variable name will be used.
Title - The title for the variable shown above the variable editor.
Tooltip - The hint describing the parameter further - if the -ShowHints parameter is provided this value will show between the Variable Title and the variable editor.
Editor - If the default editor selected does not provide the functionality expected - you can specify this value to customize it (see examples)
Tab - if this parameter is specified on any Variable the multi-tab dialog will be used instead of a simple one. Provide the tab name on which the variable editor should appear.
Variable type specific:
Root - for some Item selecting editors you can provide this to limit the selection to only part of the tree
Source - for some Item selecting editors you can provide this to parametrize the item selection editor. (Refer to examples for some sample usages)
Lines - for String variable you can select this parameter if you want to present the user with the multiline editor. The for this parameter is the number of lines that the editor will be configured with.
Domain - for user and role selectors you can limit the users & roles presented to only the domain - specified)
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Dialog description displayed below the dialog title.
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Text shown on the cancel button.
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Text shown on the OK button.
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Specifies whether the variable hints should be displayed. Hints are shown below each the variable title but above the variable editing control.
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Dialog title - shown at the top of the dialog.
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Dialog width.
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
Dialog width.
Required?
false
Position?
named
Default Value
Accept Pipeline Input?
false
Accept Wildcard Characters?
false
The input type is the type of the objects that you can pipe to the cmdlet.
Sitecore.Data.Items.Item
The output type is the type of the objects that the cmdlet emits.
System.String
Help Author: Adam Najmanowicz, Michael West
The following provides a dialog with a dropdown of options, and how to read the selected value.
Following is an example of a simple dialog asking user for various variable types.
The type of some of the controls displayed to the user are iferred from the variable type (like the $item variable or DateTime) The editors for some other are set by providing the "editor" value
Following is an example of a multi tabbed dialog asking user for various variable types.
The type of some of the controls displayed to the user are inferred from the variable type (like the $item variable or DateTime) The editors for some other are set by providing the "editor" value
Use this checklist to validate your SPE security configuration before deploying to any environment. Each section corresponds to a security layer that should be properly configured.
STOP: If any of the above are not true, DO NOT proceed with SPE installation.
Review App_Config\Include\Spe\Spe.config (via patch file):
Services Status:
If Remoting is Enabled:
Documentation:
Token Configuration:
Quick Test:
Documentation:
Sitecore Security:
Application Pool Account:
Documentation: ,
Configuration:
Quick Test:
Documentation:
Web.config Configuration (sitecore modules\PowerShell\Services\web.config):
Additional IIS Security:
Quick Test:
Documentation:
If Using Delegated Access:
If NOT Using Delegated Access:
Documentation:
For Sitecore 9.1+ with Identity Server:
Documentation:
For CI/CD Environments:
Documentation:
As Non-Administrator User:
As Administrator User (without elevated session):
As Administrator User (with elevated session):
Web Services (if enabled):
Attack Surface:
Privilege Escalation:
Logging Configuration:
Monitoring:
Documentation:
Required Documentation:
Organizational Requirements:
Regulatory Compliance (if applicable):
Deployment Approval:
Approved By:
Within 24 Hours:
Within 1 Week:
Monthly:
Minimum Requirements:
Optional:
IP restrictions
Strict session timeouts
HTTPS enforcement
Must Match Production:
Strictest Security:
Automation-Focused:
- Initial security setup
- Understanding the security model
- UAC configuration
- Web service security
If you suspect a security breach:
Immediate Actions:
Disable all SPE web services
Block access at firewall level
Review recent logs for suspicious activity
To immediately lock down SPE:
Add to Services\web.config:
Track when security reviews were completed:
Last Updated: {{DATE}} Next Review: {{DATE + 3 months}}
Sitecore PowerShell Extensions (SPE) is a powerful administrative tool that requires proper security configuration. This guide provides comprehensive security documentation to help you secure your SPE installation.
Critical Warning: SPE is a powerful tool that should NEVER be installed on Content Delivery (CD) instances or internet-facing servers. Always implement security best practices and follow the principle of least privilege.
New to SPE security? Start here:
- Essential security setup for new installations
- Understand the SPE security model
- Validate your deployment before going live
Understand the two-layer security model that governs SPE:
Application Pool Service Account (OS-level access)
Sitecore User Account (API-level access)
Application and menu item security
Best practices for both security contexts
Configure User Account Control to require reauthentication:
How Session Elevation works
Elevation actions (Allow, Block, Password, Confirm)
Token configuration and expiration
Environment-specific recommendations
Control external access to SPE through web services:
Service descriptions and security implications
Enable/disable individual services
HTTPS and requireSecureConnection
Role-based authorization
Prevent malicious file uploads:
File type restrictions (extensions and MIME types)
Upload location restrictions
Dangerous file types to never allow
Configuration examples
Grant controlled privilege escalation:
How delegated access works
Configuration steps
Use cases (publishing, reports, bulk operations)
Script implementation patterns
Add defense in depth at the web server level:
Deny anonymous access
Windows Authentication
IP address restrictions
SSL/TLS requirements
Manage Sitecore users and roles:
Bulk user operations
Role queries and management
Item Access Control Lists (ACL)
Active Directory integration
Deploy only what's needed for CI/CD:
Required files for web services only
Disable UI components
Configuration for automation scenarios
Security best practices
Track security events and detect incidents:
What gets logged
Log levels and configuration
Real-time monitoring strategies
Log analysis examples
Comprehensive validation before deployment:
Pre-deployment validation
Configuration checklist
Testing procedures
Environment-specific checklists
Priority: Productivity with basic security
Recommendations:
Session Elevation: Relaxed (Allow or long timeouts)
Web Services: Enable as needed for testing
Logging: DEBUG level for troubleshooting
IP Restrictions: Not required
Start here:
Priority: Match production security for testing
Recommendations:
Session Elevation: Password or Confirm (5-15 minute timeout)
Web Services: Match production configuration
Logging: INFO level
IP Restrictions: Optional
Start here:
Priority: Maximum security
Recommendations:
Session Elevation: Password or Confirm (3-5 minute timeout)
Web Services: Only handleDownload, client, execution (disable remoting)
Logging: INFO or WARN level
IP Restrictions: Recommended
Start here:
Priority: Automation with strict access control
Recommendations:
Minimal Deployment: Use minimal package
Remoting: Enabled with IP restrictions
Web Services: Only required services
Logging: INFO level with monitoring
Start here:
SPE security uses multiple layers for comprehensive protection:
Each layer provides additional protection. If one layer is compromised, others provide continued security.
Goal: Secure SPE for production content management server
Steps:
Review to understand the model
Configure with 5-minute Password timeout
Disable unnecessary
Configure to deny anonymous access
Goal: Enable remote automation from build servers
Steps:
Use package
Enable Remoting in with specific user
Configure with IP restrictions to build servers
Configure for packages only
Goal: Allow content authors to run administrative reports and tools
Steps:
Understand concepts
Create delegated access configuration for tooling or reporting role
Configure impersonated user with read-only administrative access
Test tool or report access as content author
Goal: Configure SPE with Sitecore Identity Server
Steps:
Enable Spe.IdentityServer.config
Configure with Confirm action (not Password)
Test Console and ISE with federated authentication
Configure if needed
Always deny anonymous access at IIS level
Always use Session Elevation (UAC) in production
Always require HTTPS for any enabled web services
Always follow principle of least privilege
Never install SPE on Content Delivery (CD) servers
Never expose SPE to internet-facing servers
Never use elevationAction="Allow" in production
Never
New to SPE Security? Start with
Deploying to production? Use the
Setting up automation? See
Need to debug? Check
GitHub Issues:
Slack: #module-spe on Sitecore Community Slack
Documentation:
If you suspect a security breach:
Immediately lock down SPE using
Review logs using guidance
Document the incident
Contact your security team
- Initial SPE installation
- Console, ISE, and Interactive Dialogs
- Using SPE Remoting for automation
- Integration points and features
Enable the Identity Server configuration:
File: App_Config\Include\Spe\Spe.IdentityServer.config
Purpose: Prevents infinite loop in SPE Console
Use elevationAction="Confirm" instead of "Password"
Consult the latest SPE documentation for XM Cloud-specific security configurations.
Remember: Security is not a one-time configuration. Regular reviews, monitoring, and updates are essential to maintaining a secure SPE installation.
Last Updated: 2025 Maintained By: SPE Community
Beginner's guide to working with PowerShell and SPE.
The world renowned Sitecore PowerShell Extensions module has so much to offer, but sometimes those new to the module may find it difficult to know where to start. The following book should provide you with enough information to use and be productive with SPE.
Don't worry, you will be able to use it without having to write any code.
We have a video series available to help walk you through the module .
We also maintain a comprehensive list of links to to help you on your journey to SPE awesomeness. Happy coding!
<sitecore>
<powershell>
<services>
<restfulv1 enabled="false" />
<restfulv2 enabled="false" />
<remoting enabled="false" />
<fileDownload enabled="false" />
<fileUpload enabled="false" />
<mediaDownload enabled="false" />
<mediaUpload enabled="false" />
<handleDownload enabled="true" />
<client enabled="true" />
<execution enabled="true" />
</services>
</powershell>
</sitecore><configuration xmlns:patch="https://www.sitecore.net/xmlconfig/">
<sitecore>
<powershell>
<services>
<remoting>
<patch:attribute name="enabled">true</patch:attribute>
<patch:attribute name="requireSecureConnection">true</patch:attribute>
<authorization>
<add Permission="Allow" IdentityType="Role" Identity="sitecore\PowerShell Extensions Remoting" />
</authorization>
</remoting>
</services>
</powershell>
</sitecore>
</configuration><remoting>
<patch:attribute name="enabled">true</patch:attribute>
<patch:attribute name="requireSecureConnection">true</patch:attribute>
<authorization>
<add Permission="Allow" IdentityType="User" Identity="sitecore\automation-user" />
</authorization>
</remoting><configuration xmlns:patch="https://www.sitecore.net/xmlconfig/">
<sitecore>
<powershell>
<services>
<restfulv2>
<patch:attribute name="enabled">true</patch:attribute>
</restfulv2>
</services>
</powershell>
</sitecore>
</configuration><services>
<restfulv1 enabled="false" />
<restfulv2 enabled="false" />
<remoting enabled="false" />
<fileDownload enabled="false" />
<fileUpload enabled="false" />
<mediaDownload enabled="false" />
<mediaUpload enabled="false" />
<handleDownload enabled="true" />
<client enabled="true" />
<execution enabled="true" />
</services><configuration xmlns:patch="https://www.sitecore.net/xmlconfig/">
<sitecore>
<powershell>
<services>
<remoting>
<patch:attribute name="enabled">true</patch:attribute>
<patch:attribute name="requireSecureConnection">true</patch:attribute>
<authorization>
<patch:delete />
</authorization>
<authorization>
<add Permission="Allow" IdentityType="User" Identity="sitecore\build-automation" />
</authorization>
</remoting>
<fileDownload>
<patch:attribute name="enabled">true</patch:attribute>
</fileDownload>
</services>
</powershell>
</sitecore>
</configuration><configuration xmlns:patch="https://www.sitecore.net/xmlconfig/">
<sitecore>
<powershell>
<services>
<restfulv2>
<patch:attribute name="enabled">true</patch:attribute>
</restfulv2>
</services>
</powershell>
</sitecore>
</configuration><configuration xmlns:patch="https://www.sitecore.net/xmlconfig/">
<sitecore>
<powershell>
<services>
<remoting>
<patch:attribute name="enabled">true</patch:attribute>
<patch:attribute name="requireSecureConnection">true</patch:attribute>
</remoting>
<fileDownload>
<patch:attribute name="enabled">true</patch:attribute>
</fileDownload>
<fileUpload>
<patch:attribute name="enabled">true</patch:attribute>
</fileUpload>
<mediaDownload>
<patch:attribute name="enabled">true</patch:attribute>
</mediaDownload>
<mediaUpload>
<patch:attribute name="enabled">true</patch:attribute>
</mediaUpload>
</services>
</powershell>
</sitecore>
</configuration><authorization>
<add Permission="Allow" IdentityType="Role" Identity="sitecore\PowerShell Extensions Remoting" />
</authorization><authorization>
<patch:delete />
</authorization>
<authorization>
<add Permission="Allow" IdentityType="Role" Identity="sitecore\Automation" />
<add Permission="Allow" IdentityType="Role" Identity="sitecore\Developers" />
</authorization><authorization>
<add Permission="Allow" IdentityType="User" Identity="sitecore\ci-user" />
<add Permission="Allow" IdentityType="User" Identity="sitecore\deployment-user" />
</authorization><authorization>
<add Permission="Allow" IdentityType="Role" Identity="sitecore\PowerShell Extensions Remoting" />
<add Permission="Allow" IdentityType="User" Identity="sitecore\admin" />
<add Permission="Allow" IdentityType="User" Identity="sitecore\build-agent" />
</authorization><configuration>
<system.web>
<authorization>
<deny users="?" />
</authorization>
</system.web>
</configuration>$session = New-ScriptSession -Username "domain\user" -Password "password" -ConnectionUri "https://sitecore.local"Read-Variable [-Parameters <Object[]>] [-Description <String>] [-CancelButtonName <String>] [-OkButtonName <String>] [-ShowHints] [-Validator <ScriptBlock>] [-Title <String>] [-Width <Int32>] [-Height <Int32>]$options = @{
"A"="a"
"B"="b"
}
$props = @{
Parameters = @(
@{Name="selectedOption"; Title="Choose an option"; Options=$options; Tooltip="Choose one."}
)
Title = "Option selector"
Description = "Choose the right option."
Width = 300
Height = 300
ShowHints = $true
}
$result = Read-Variable @props
if($result -eq "ok")
{
Write-Host "You chose: $($selectedOption)"
}$item = Get-Item master:\content\home
$result = Read-Variable -Parameters `
@{ Name = "someText"; Value="Some Text"; Title="Single Line Text"; Tooltip="Tooltip for singleline"; Placeholder="You see this when text box is empty"},
@{ Name = "multiText"; Value="Multiline Text"; Title="Multi Line Text"; lines=3; Tooltip="Tooltip for multiline"; Placeholder="You will see this when text box is empty"},
@{ Name = "from"; Value=[System.DateTime]::Now.AddDays(-5); Title="Start Date"; Tooltip="Date since when you want the report to run"; Editor="date time"},
@{ Name = "user"; Value=$me; Title="Select User"; Tooltip="Tooltip for user"; Editor="user multiple"},
@{ Name = "item"; Title="Start Item"; Root="/sitecore/content/"} `
-Description "This Dialog shows less editors, it doesn't need tabs as there is less of the edited variables" `
-Title "Initialise various variable types (without tabs)" -Width 500 -Height 480 -OkButtonName "Proceed" -CancelButtonName "Abort"$item = Get-Item master:\content\home
$result = Read-Variable -Parameters `
@{ Name = "silent"; Value=$true; Title="Proceed Silently"; Tooltip="Check this if you don't want to be interrupted"; Tab="Simple"},
@{ Name = "someText"; Value="Some Text"; Title="Text"; Tooltip="Just a single line of Text"; Tab="Simple"; Placeholder="You see this when text box is empty"},
@{ Name = "multiText"; Value="Multiline Text"; Title="Longer Text"; lines=3; Tooltip="You can put multi line text here"; Tab="Simple"; Placeholder="You see this when text box is empty"},
@{ Name = "number"; Value=110; Title="Integer"; Tooltip="I need this number too"; Tab="Simple"},
@{ Name = "fraction"; Value=1.1; Title="Float"; Tooltip="I'm just a bit over 1"; Tab="Simple"},
@{ Name = "from"; Value=[System.DateTime]::Now.AddDays(-5); Title="Start Date"; Tooltip="Date since when you want the report to run"; Editor="date time"; Tab="Time"},
@{ Name = "fromDate"; Value=[System.DateTime]::Now.AddDays(-5); Title="Start Date"; Tooltip="Date since when you want the report to run"; Editor="date"; Tab="Time"},
@{ Name = "item"; Title="Start Item"; Root="/sitecore/content/"; Tab="Items"},
@{ Name = "items"; Title="Bunch of Templates";
Source="DataSource=/sitecore/templates&DatabaseName=master&IncludeTemplatesForDisplay=Node,Folder,Template,Template Folder&IncludeTemplatesForSelection=Template";
editor="treelist"; Tab="Items"},
@{ Name = "items2"; Title="Bunch of Templates";
Source="DataSource=/sitecore/templates&DatabaseName=master&IncludeTemplatesForDisplay=Node,Folder,Template,Template Folder&IncludeTemplatesForSelection=Template";
editor="multilist"; Tab="More Items"},
@{ Name = "items3"; Title="Pick One Template";
Source="DataSource=/sitecore/templates&DatabaseName=master&IncludeTemplatesForDisplay=Node,Folder,Template,Template Folder&IncludeTemplatesForSelection=Template";
editor="droplist"; Tab="More Items"},
@{ Name = "user"; Value=$me; Title="Select User"; Tooltip="Tooltip for user"; Editor="user multiple"; Tab="Rights"},
@{ Name = "role"; Title="Select Role"; Tooltip="Tooltip for role"; Editor="role multiple"; Domain="sitecore"; Tab="Rights"}, `
@{ Name = "userOrRole"; Title="Select User or Role"; Tooltip="Tooltip for role"; Editor="user role multiple"; Domain="sitecore"; Tab="Rights" } `
-Description "This Dialog shows all available editors in some configurations, the properties are groupped into tabs" `
-Title "Initialise various variable types (with tabs)" -Width 600 -Height 640 -OkButtonName "Proceed" -CancelButtonName "Abort" -ShowHints
if($result -ne "ok")
{
Exit
}Only UI features unless remoting needed
Production CD
None - don't install SPE
CD servers should not have SPE
HTTPS + role auth + IIS deny anonymous
restfulv2
Building web APIs
HTTPS + script-level security
fileDownload
Using SPE Remoting file operations
HTTPS + role auth + path restrictions
fileUpload
Using SPE Remoting file operations
HTTPS + role auth + strict file/path restrictions
mediaDownload
Using SPE Remoting media operations
HTTPS + role auth
mediaUpload
Using SPE Remoting media operations
HTTPS + role auth + file type restrictions
restfulv1
Never (deprecated)
N/A - don't use
fileUpload - Disabled (unless SPE Remoting is used)
Console elevationAction is configured
Dev: Allow (acceptable) ✓
QA/Prod: Password or Confirm ✓
Upload paths do NOT include web root or bin folder
Sitecore Security
Core DB items
Role permissions
Remoting Auth
Spe.config (via patch)
Authorization roles/users
IIS Security - IIS-level protection
File Upload Restrictions - Upload security
Delegated Access - Controlled privilege escalation
Logging and Monitoring - Audit and monitoring
Users and Roles - User management
Document the incident
Investigation:
Check IIS logs for unauthorized access
Check SPE logs for unusual script execution
Review user activity
Identify scope of incident
Remediation:
Change service account passwords
Review and tighten security configuration
Apply security patches if needed
Re-deploy with validated security
Recovery:
Restore from backup if necessary
Re-enable services with enhanced security
Monitor closely for 48 hours
Document lessons learned
Web Services
Spe.config (via patch)
Services enabled/disabled
Session Elevation
Spe.config (via patch)
Token expiration and action
File Upload
Spe.config (via patch)
Allowed types and locations
IIS Auth
Services\web.config
YYYY-MM-DD
Name
Production
✓ Pass
Initial deployment
YYYY-MM-DD
Name
QA
✓ Pass
Quarterly review
Deny anonymous
<!-- Add to config patch to disable all external access -->
<configuration xmlns:patch="https://www.sitecore.net/xmlconfig/">
<sitecore>
<powershell>
<services>
<remoting enabled="false" />
<restfulv1 enabled="false" />
<restfulv2 enabled="false" />
<fileDownload enabled="false" />
<fileUpload enabled="false" />
<mediaDownload enabled="false" />
<mediaUpload enabled="false" />
</services>
<userAccountControl>
<tokens>
<token name="Console">
<patch:attribute name="elevationAction">Block</patch:attribute>
</token>
<token name="ISE">
<patch:attribute name="elevationAction">Block</patch:attribute>
</token>
</tokens>
</userAccountControl>
</powershell>
</sitecore>
</configuration><authorization>
<deny users="*" />
</authorization>Interface behaviors (Console, ISE, Content Editor)
Security metrics and dashboards
Emergency procedures
HTTPS: Required
HTTPS: Required
Enable Logging and Monitoring
Complete the Security Checklist
Set up Logging and Monitoring for automation activity
Test with Security Checklist - CI/CD
Monitor usage via Logging and Monitoring
Always monitor logs for suspicious activity
Only enable web services you specifically need
Use short session elevation timeouts in production (3-5 minutes)
Restrict SPE access to trusted administrators only
Configure file upload restrictions when upload service is enabled
Regular security audits and role membership reviews
Document your security configuration
Test security in non-production before deploying
Never grant broad role access (e.g., "Everyone")
Never allow dangerous file types (.exe, .dll, .ps1, .bat)
Don't skip Session Elevation configuration
Don't ignore failed authentication attempts in logs
Don't use administrator accounts for automation
Don't forget to configure authorization when enabling remoting
Configuring a specific feature? See topic-specific guides below
Appendix - Security Cmdlets - PowerShell security commands
App_Config\Include\Spe\Spe.config
Core SPE configuration
App_Config\Include\Spe\Spe.IdentityServer.config
Identity Server integration
App_Config\Include\Spe\Custom\*.config
Your security patches
All topics
sitecore modules\PowerShell\Services\web.config
IIS-level security
Application Visibility
core:\content\Applications\PowerShell
Menu Item Security
core:\content\Applications\Content Editor\Context Menues\Default\
Script Library Security
Item-level security on scripts
Delegated Access
SPE configuration items
sitecore\Developer
Console, ISE
Keep restricted to developers only
sitecore\Sitecore Client Users
ListView, Runner
Appropriate for content authors
sitecore\Sitecore Client Authoring
Reports
Appropriate for content authors
sitecore\PowerShell Extensions Remoting
Remoting (when enabled)
Use custom role instead
PowerShell is built on the Microsoft .Net technology; you will find that most APIs in your libraries can be accessed from within the PowerShell runtime. In this section we will see similarities between the C# and PowerShell syntax.
Use the table below to aid in translating from C# to PowerShell. Some of the examples below are not "exact" translations, but should give you a good idea on what it would look like. For example, creating a new dynamic list in C# is often written as a fixed dimensional array recreated with every new addition.
Note: Variables in PowerShell are denoted by the $ character followed by the name. You will see this through the examples below.
// Perform simple math in C#
var total = 1 + 1;
total += 2;# Perform simple math in PowerShell
$total = 1 + 1
$total += 2Working with Dynamic and Fixed dimensional arrays.
/*
Create a new dynamic list of strings in C#
*/
var names = new List<string>();
names.Add("Michael");
names.Add("Adam");<#
Create a new fixed list of strings in PowerShell
#>
[string[]]$names = @()
$names += "Michael"
$names += "Adam"Working with hashtables.
// Create a hashtable of data in C#
var table = new Hashtable();
table["Name"] = "Michael";
table["Age"] = 33;# Create a new hashtable of data in PowerShell
$table = @{}
$table["Name"] = "Michael"
$table["Age"] = 33Working with dictionaries.
Escape double quotes in string. Alternatively you can use a single quote.
As you can see in the table above, the language syntax is not all that different between C# and PowerShell. Within a few minutes you might even be able to translate code from your library classes into SPE scripts.
You may find yourself trying to optimize your scripts. A few things that might help include the following.
Example: The following demonstrates the use of an ArrayList. Performs much better than purely using @().
Example: The following demonstrates the use of List<string>. This is ideal when statically typed arrays are required.
Example: The following demonstrates the use of HashSet. Use when a distinct list of items is needed. Performs like a Dictionary but without the requirement for a key.
Example: The following demonstrates the use of HashSet where the casing of the items are ignored.
Example: The following demonstrates how to replace the use of Compare-Object with HashSet. This is useful and important when the collection size is large and you are working with simple data like strings. Compare-Object does offer a way to compare specific properties.
Example: The following demonstrates the use of Queue. A Sitecore Stack Exchange answer to may be helpful.
Example: The following measures code execution time using Measure-Command.
Example: The following measures code execution time using a Stopwatch.
Example: The following terminates the output.
Checklist of performance tuning ideas:
Use dynamic arrays to avoid the use of +=
Suppress output with > $null instead of Out-Null
Use hashtables as lookup tables for data
Learning PowerShell begins with running your first command. In this section we learn about the basic command syntax, and some common ones you should learn.
Example: The following provides an example syntax for a fake command.
PowerShell commands follow a Verb-Noun syntax. Notice that all properly named commands start with a verb such as Get, Set, or Remove and end with a noun such as Item, User, or Role.
The verbs are considered “approved” if they align with those that Microsoft recommends. See the following URL https://msdn.microsoft.com/en-us/library/ms714428(v=vs.85).aspx for a list of approved verbs and a brief explanation on why they were chosen. They are intended to be pretty generic so they apply for multiple contexts like the filesystem, registry, and even Sitecore!
The parameters follow the command and usually require arguments. In our example above we have a parameter called SomeParameter followed by an argument of type SomeType. The final parameter SomeSwitch is called a switch. The switch is like a flag that enables or disables behavior for the command.
Example: The following provides possible permutations for the fake command.
Allow scripts to be written with the full command and parameter names
Avoid relying on positional or optional parameters.
Avoid abbreviating parameter names.
Avoid using command aliases (e.g. dir, cd).
Some of the most useful commands to learn can be seen in the table below. These come with vanilla PowerShell.
Get-Item
Returns an object at the specified path.
Get-ChildItem
Returns children at the specified path. Supports recursion.
Get-Help
Returns the help documentation for the specified command or document.
Get-Command
Returns a list of commands.
ForEach-Object
Enumerates over the objects passed through the pipeline.
Where-Object
Enumerates over the objects passed through the pipeline and filters objects.
PowerShell supports chaining of commands through a feature called "Pipelines" using the pipe "|". Similar to Sitecore in that you can short circuit the processing of objects using Where-Object. Let’s have a look at a few examples.
Example: The following queries a Sitecore item and removes it.
PowerShell also comes with a set of useful commands for filtering and sorting. Let’s see those in action.
Example: The following queries a tree of Sitecore items and returns only those that meet the criteria. The item properties are reduced and then sorted.
Example: The following demonstrates how commands can be written clearly with little confusion on the intent, then how aliases and abbreviations can get in the way. Always think about the developer that comes after you to maintain the code.
Windows PowerShell is bundled with a ton of documentation that could not possibly be included with this book; we can however show you how to access it.
Example: The following examples demonstrate ways to get help…with PowerShell.
The provider architecture in PowerShell enables a developer to make a command like Get-Item interact with the filesystem files and folders, and then interact with the Sitecore CMS items.
The SPE module implements a new provider that bridges the Windows PowerShell platform with the Sitecore API. The following table demonstrates the use of Get-Item for a variety of providers.
Alias
Alias
Get-Item -Path alias:\dir
CmsItemProvider
core, master, web
Get-Item -Path master:\
Environment
Env
Get-Item -Path env:\HOMEPATH
FileSystem
C, D, F, H
The default provider used by the PowerShell Console and ISE is the CmsItemProvider with the drive set to the master database.
Example: The following demonstrates switching between providers using the function cd, an alias for Set-Location, while in the Console.
You may have noticed that the C drive is the only path in which a backslash was used before changing drives. Leaving off the backslash will result in the path changing to C:\windows\system32\inetsrv. This similar behavior can be experienced while in the Windows PowerShell Console, where the path is changed to C:\Windows\System32.
1. Network Security
- Firewall rules
- VPN/private network
- Not internet-facing
2. IIS-Level Security
- Deny anonymous access
- IP restrictions
- HTTPS requirements
- Request filtering
3. Sitecore User Security
- Role-based access control
- Application-level permissions
- Item-level security
4. SPE Security Hardening
- Session Elevation (UAC)
- Web service controls
- File upload restrictions
- Delegated access controls
5. Logging and Monitoring
- Comprehensive logging
- Real-time alerting
- Regular audit reviews
- SIEM integration<configuration xmlns:patch="http://www.sitecore.net/xmlconfig/" xmlns:role="http://www.sitecore.net/xmlconfig/role/" xmlns:security="http://www.sitecore.net/xmlconfig/security/">
<sitecore role:require="Standalone or ContentManagement or XMCloud" security:require="Sitecore">
<pipelines>
<owin.cookieAuthentication.validateIdentity>
<processor type="Sitecore.Owin.Authentication.Pipelines.CookieAuthentication.ValidateIdentity.ValidateSiteNeutralPaths, Sitecore.Owin.Authentication">
<siteNeutralPaths hint="list">
<!-- This entry corrects the infinite loop of ExecuteCommand in the SPE Console -->
<path hint="spe">/sitecore%20modules/PowerShell</path>
</siteNeutralPaths>
</processor>
</owin.cookieAuthentication.validateIdentity>
</pipelines>
</sitecore>
</configuration>// Ordered Dictionary in C#
var od = new OrderedDictionary();
od.Add("z","Last Letter");
od.Add("a","First Letter");# Ordered Dictionary in PowerShell
$od = [ordered]@{}
$od.Add("z","Last Letter")
$od.Add("a","First Letter")// Check if the string is null or empty using a static method in C#
if(string.IsNullOrEmpty(name)) {
...
}
else {
...
}# Check if the string is null or empty using a static method in PowerShell
if([string]::IsNullOrEmpty($name)) {
...
} else {
...
}// Compare values in C#
name == "Michael"
total <= 3 names.Count() > 2 && name[0] != "Adam"# Compare values in PowerShell
$name -eq "Michael"
# case-insensitive
$total -le 3 $names.Count -gt 2 –and $name[0] -ne "Adam"// Negate value in C#
var isTrue = !false;# Negate value in PowerShell
$isTrue = !$false
$isTrue = -not $false// String interpolation in C#
var message = $"Hello, {name}";# String interpolation in PowerShell
$message = "Hello, $($name)"// Escape characters in C#
string message = "They said to me, \"SPE is the greatest!\".";
message = 'I said, "Thanks!"';
message = "We celebrated together, 'Go SPE!'";# Escape characters in PowerShell
$message = "They said to me, `"SPE is the greatest!`"."
$message = 'I said, "Thanks!".'
$message = "We celebrated together, 'Go SPE!'."// Access static property in C#
var today = DateTime.Today;# Access static property in PowerShell
$today = [datetime]::Today# Use ArrayList to append items rather than creating new fixed dimensional arrays
$names = [System.Collections.ArrayList]@()
$names.Add("Michael") > $null
$names.Add("Adam") > $null# Optionally create static static typed arrays
$names = [System.Collections.Generic.List[string]]@()
$names.Add("Michael") > $null
$names.Add("Adam") > $null# HashSet when only values are needed
$nameLookup = New-Object System.Collections.Generic.HashSet[string]
$nameLookup.Add("Michael") > $null# Case insensitive lookup
$nameLookup = New-Object System.Collections.Generic.HashSet[string]([StringComparer]::OrdinalIgnoreCase)
$nameLookup.Add("Michael") > $null
if($nameLookup.Contains("michael")) {
Write-Host "Found it!" -ForegroundColor Green
} else {
Write-Host "No esta aqui :-(" -ForegroundColor White -BackgroundColor Red
}# Instead of using Compare-Object to compare two datasets, such as for strings or integeters, consider using HashSet instead.
# Populate collection
$referenceIds = [System.Collections.Generic.List[string]]@()
# Populate collection
$differenceIds = [System.Collections.Generic.List[string]]@()
<#
$leftOnlyObjects = Compare-Object -ReferenceObject $referenceIds -DifferenceObject $differenceIds |
Where-Object { $_.SideIndicator -eq "<=" } | Select-Object -ExpandProperty InputObject
#>
$referenceHash = New-Object 'System.Collections.Generic.HashSet[String]'
$referenceHash.UnionWith($referenceIds)
$differenceHash = New-Object 'System.Collections.Generic.HashSet[String]'
$differenceHash.UnionWith($differenceIds)
$leftOnlyHash = New-Object 'System.Collections.Generic.HashSet[String]'($referenceHash)
$leftOnlyHash.ExceptWith($differenceHash)
$leftOnlyObjects = $leftOnlyHashGet-Something [[-SomeParameter] <sometype[]>] [-AnotherParameter <anothertype>] [-SomeSwitch]<#
All of the parameters in the command are surrounded by square brackets
indicating they are optional.
#>
Get-Something<#
SomeParameter has double brackets around the parameter name and argument
indicating the name is optional and when an argument is passed the name
can be skipped.
#>
Get-Something "data"<#
AnotherParameter has single brackets indicating that the parameter is
optional. If the argument is used so must the name. The same reasoning
can be applied to the switch.
#>
Get-Something "data","data2" -AnotherParameter 100 –SomeSwitch# Splat parameters to command
$props = @{
"SomeParameter" = @("data","data2")
"AnotherParameter" = 100
"SomeSwitch" = $true
}
Get-Something @props# The remove command accepts pipeline input.
Get-Item -Path "master:\content\home\sample item" | Remove-Item
# If multiple items are passed through the pipeline each are removed individually.
$items | Remove-Item# Use variables for parameters such as paths to make scripts easier to read.
$path = "master:\content\home\"
Get-ChildItem -Path $path -Recurse |
Where-Object { $_.Name -like "*Sitecore*" } |
Select-Object -Property ID,Name,ItemPath
Sort-Object -Property Name# Longhand - recommended
Get-Command -Name ForEach-Object –Type cmdlet | Select-Object -ExpandProperty ParameterSets
# Shorthand - not recommend
gcm -na foreach-object -ty cmdlet | select -exp parametersets# Displays all of the about help documents.
help about_*
# Displays help documentation on the topic of Splatting.
help about_Splatting
# Displays help documentation on the specified command.
help Get-MemberPS master:\> cd c:\
PS C:\> cd hklm:
PS HKLM:\> cd env:
PS Env:\>Select-Object
Returns objects from the pipeline with the specified properties and filters objects.
Sort-Object
Sorts the pipeline objects with the specified criteria; usually a property name.
Get-Member
Returns the methods and properties for the specified object.
Get-Item -Path c:\Windows
Function
Function
Get-Item -Path function:\prompt
Registry
HKLM, HKCU
Get-Item -Path hklm:\SOFTWARE
Variable
Variable
Get-Item -Path variable:\PSVersionTable
# Queue when ... a queue is needed
$queue = New-Object System.Collections.Queue
$queue.Enqueue("{GUID}")
$queue.Dequeue()Measure-Command -Expression {
Get-Item -Path "master:" > $null
} | Select-Object -ExpandProperty TotalMilliseconds$watch = [System.Diagnostics.Stopwatch]::StartNew()
Get-Item -Path "master:" > $null
$watch.Stop()
$watch.ElapsedMilliseconds# Slow but functional
$builder = New-Object System.Text.StringBuilder
$builder.Append("Hello World!") | Out-Null
$builder.ToString()
# Much faster
$builder = New-Object System.Text.StringBuilder
$builder.Append("Hello World!") > $null
$builder.ToString()The majority of scripts written with SPE contain one or more of the following commands:
Use this to retrieve a single item. Throws an error if the item does not exist.
Use when Sitecore query: or fast: is required. May return more than 1 item.
Use to return an item's children and grandchildren.
Use to create an item based on a specified data template.
Use to delete or recycle an item.
Accepts items returned by Get-Item and Get-ChildItem.
Use to transfer an item from one location to another.
Use to duplicate an item from one location to another.
The following commands provide you with the core methods needed to manage your content. Due to the nature of Windows PowerShell, commands such as these are extended with custom parameters and switches using . These parameters are then added to the command at the time of use and only appear when the conditions are right. We've provided this table to help you discover the hidden gems within each command.
Legend: "–" - not applicable; "✓" - available.
Below we will show how to use each command with the Windows PowerShell syntax followed by some examples of the common C# equivalent.
If you have retrieved your items directly using the Sitecore API you can still add the nice wrapper. You can do that by piping them through the Initialize-Item command. We'll show an of this later.
Example: The following will retrieve the item based on the Sitecore path.
As you may have noticed, the /sitecore portion of the path is unnecessary. This is because the Sitecore item is represented by the root item of the drive master: and is therefore optional.
Let's have a look at the equivalent code in C#.
The above will return the latest version of the item in your current language. But what if you want the item in another language? No problem!
Example: The following will retrieve the Danish version of the Home item.
I've formatted the output above to show you that indeed the right language was returned. The command supports wildcards for both -Language and -Version parameters. You may have also noticed that the forward and backward slashes can be used interchangeably.
Example: The following retrieves the latest version for all languages of an item.
Notice that the item with language en-US at its third version.
Example: The following retrieves the item in all languages and versions.
You can see that specifying the language and version using the wildcard will retrieve all possible variants of an item. The wildcard can also include a partial match like en-*. The use of that filter would return all items in the English language, ignoring the region.
Example: The following retrieves the child items in all languages and versions.
It's not always most efficient to operate on items by traversing the tree using Get-ChildItem. This is especially true if you need to work on large trees but need to select only a few items (e.g. a specific template). For this we’ve introduced support for the Sitecore query within our provider.
Important to note that the query format sometimes requires the use of a
#before and after paths when they contain reserved keywords or spaces.Workaround found .
Example: The following retrieves all items beneath the path /sitecore/content/ with the template of Sample Item.
Example: The following retrieves all items beneath the path /sitecore/content/ with the template of Sample Item in all versions and languages.
Example: The following retrieves items matching the query with a specified ISO date and present in a report dialog.
Example: The following returns items with a specific template under a given root using Fast query.
The setup is not exactly like you would find in the XPath Builder but should get the job done. Read more about it .
Example: The following retrieves items matching an XPath query.
Example: The following retrieves an item by id.
The Uri encodes the language and version within the path.
Example: The following retrieves an item by uri.
In all the examples you'll notice we specified the database. Windows PowerShell needs to know which provider to execute within. This also signals to SPE to show the dynamic parameters. Other examples of providers include the following:
HKLM: - The registry provider for HKEY_LOCAL_MACHINE.
C: - The filesystem provider for the C drive.
The following examples make use of custom PropertySet for the command Select-Object.
Example: The following uses the PSSecurity PropertySet.
Example: The following uses the PSTemplate PropertySet.
Example: The following uses the PSImage PropertySet.
Example: The following uses the PSSchedule PropertySet.
Example: The following accesses the Image field casted to the type Sitecore.Data.Fields.ImageField.
Note: You can use ._ and .PSFields to gain access to the typed field.
Example: The following accesses the Link field casted to the type Sitecore.Data.Fields.LinkField. From there you can see all of the available properties.
Example: The following finds all of the TextFields and outputs to the console.
We often see the following two ways of accessing and changing fields used in scripts. One uses Set-ItemProperty and the other is more natural to a Sitecore developer.
Example: The following sets the title property using Set-ItemProperty.
Example: The following sets the title and clears the branch id using .Editing.BeginEdit and .Editing.EndEdit methods.
Note: The above example may also be written in the ISE where no console prompt is visible.
The previous examples work but are not the most efficient ways to change item content. The items returned by the provider expose the Sitecore item fields as automatic PowerShell properties.
Example: The following sets the title property using the automated PowerShell property.
Example: The following changes the display name of the item.
This technique may be used for a wide variety of property types.
Example:
There are a other hidden gems in automated PowerShell properties. For example, if we detect that the field is a Date or Datetime field, we will return System.DateTime typed value from a field rather than the System.String Sitecore stores internally.
Example: The following gets the created date.
Example: The following assigns a System.DateTime value to the PowerShell automated property.
Great we've just changed it! Our property handlers take care of all the necessary usages of .Editing.BeginEdit and .Editing.EndEdit. This method can be applied for a variety of field types such as GeneralLink and Image.
To provide an example – I’ve extended my home with additional fields as follows:
Example: The following assigns an image to the Image field.
Easy enough, isn't it? Let SPE detect the field type for you and worry about what to call! Now let's assign a content item to GeneralLink.
Example: The following assigns a content item to a GeneralLink field.
What about fields that accept lists of items? We've got your back here as well.
Example: The following assigns all children of /sitecore/content/ item to the ItemList field.
Let's see how our item looks in the Content editor after all the assignments that we've just performed:
Great! Looks like it worked.
Those little improvements make your scripts much more succinct and understandable. Try it for yourself!
As with every rule there is an exception to this one. Those automated properties perform the $item.Editing.BeginEdit() and $item.Editing.EndEdit() every time which results in saving the item after every assignment. Assigning multiple properties on an item this way might be detrimental to the performance of your script. In such cases you might want to call $item.Editing.BeginEdit() yourself before modifying the item. Subsequently call the $item["field name"] = "new value" for each property modify. Finally end with the $item.Editing.EndEdit().
Choosing this way is situational and will usually only be required if you're working with a large volume of data. In those cases you might also want to introduce the Sitecore.Data.BulkUpdateContext technique.
Example: The following sets multiple properties while using the Sitecore.Data.BulkUpdateContext.
Example: The following generates a relative url to the specified site and assigns to a variable. Because the New-UsingBlock command creates a new closure, you need to return the data to use in a different scope.
Some other classes you may want to use with the New-UsingBlock function:
Sitecore.SecurityModel.SecurityDisabler
Sitecore.Data.BulkUpdateContext
Sitecore.Globalization.LanguageSwitcher
If you have reached this point, then you are clearly a nerd and want to access using the raw Sitecore API.
Example: The following queries all descendants of the media library, filters by size, and wraps with automatic properties.
You will find yourself one day in need of copying items on a small to large scale. The Copy-Item command will likely meet the need.
Example: The following copies the item to the specified path with a new ID.
Note: The item name will match just as you type it in the command. Lowercase name in the destination will result in an item with a lowercase name.
Example: The following transfers the item to the specified path with the same ID.
Example: The following copies an entire tree of items and maintains the tree structure.
There is a always a better way to do something. Moving items en masse is certainly one that you don't want to do by hand. If the destination item exists the moved item will be added as a child. If the destination item does not exist the source item will be renamed when moved.
Example: The following moves the item from one parent to another.
Example: The following gets an item and moves to a new parent node, along with all the children.
Example: The following creates a new item with the specified template.
Example: The following creates a new item with the specified template id and id.
Example: The following creates a new item as a child of the specified item.
Note: The New-Item command was passed to Format-Table -Autosize to improve the formatting.
Example: The following removes the item permanently. Proceed with caution.
The specified database will be used. Requires the ID to be set.
–
✓
–
–
–
–
DestinationItem
Parent item to receive the copied item.
✓
–
–
✓
–
–
FailSilently
Unauthorized access errors will be suppressed
✓
–
–
✓
–
✓
ForceId
Forces the new item to use a specified GUID
–
–
–
–
✓
–
ID
Matches the item by ID.
–
✓
✓
–
–
–
Item
Instance item.
✓
–
✓
✓
–
✓
Language
Specifies the languages to include.
–
✓
✓
–
✓
–
Parent
Specifies the parent item.
–
–
–
–
✓
–
Permanently
Specifies the item should be deleted rather than recycled.
–
–
–
–
–
✓
Query
Matches the items by an XPath query.
–
✓
–
–
–
–
StartWorkflow
Initiates the default workflow, if any.
–
–
–
–
✓
–
TransferOptions
Options flag used when copying from one database to another.
✓
–
–
✓
–
–
Uri
Matches the item by ItemUri.
–
✓
–
–
–
–
Version
Specifies the version to include.
–
✓
✓
–
–
–
WithParent
Specifies the command should include the parent item.
–
-
✓
–
–
–
Sitecore.Sites.SiteContextSwitcher
Sitecore.Data.DatabaseSwitcher
Sitecore.Security.Accounts.UserSwitcher
Sitecore.Data.Items.EditContext
Sitecore.Data.Proxies.ProxyDisabler
Sitecore.Data.DatabaseCacheDisabler
Sitecore.Data.Events.EventDisabler
Parameter Name
Description
Copy-Item
Get-Item
Get-ChildItem
Move-Item
New-Item
Remove-Item
AmbiguousPaths
More than one item matches the criteria so show them all.
–
✓
-
–
–
–
Get-Item -Path "master:\content\home"Get-ChildItem -Path "master:\content\home" -RecurseNew-Item -Path "master:\content\home" -Name "Demo" -ItemType "Sample/Sample Item"
# or
New-Item -Path "master:\content\home" -Name "Demo" -ItemType "{76036F5E-CBCE-46D1-AF0A-4143F9B557AA}"Get-Item -Path "master:\content\home\delete-me" | Remove-ItemMove-Item -Path "master:\content\home\Demo" -Destination "master:\content\home\Demo1"# Add -PassThru to output the new item
Copy-Item -Path "master:\content\home\Demo1" -Destination "master:\content\home\Demo2"Database
PS master:\> Get-Item -Path master:\content\home
Name Children Languages Id TemplateName
---- -------- --------- -- ------------
Home True {en, de-DE, es-ES, pt... {110D559F-DEA5-42EA-9C1C-8A5DF7E70EF9} Sample ItemSitecore.Data.Database master = Sitecore.Configuration.Factory.GetDatabase("master");
Sitecore.Data.Items.Item item = master.GetItem("/sitecore/content/home");PS master:\> Get-Item -Path master:/content/home -Language da | Format-Table -Property DisplayName, Language, Id, Version, TemplateName
DisplayName Language ID Version TemplateName
----------- -------- -- ------- ------------
Hjem da {110D559F-DEA5-42EA-9C1C-8A5DF7E70EF9} 1 Sample ItemPS master:\> Get-Item -Path master:/content/home -Language * | Format-Table -Property DisplayName, Language, Id, Version, TemplateName
DisplayName Language ID Version TemplateName
----------- -------- -- ------- ------------
Home en {110D559F-DEA5-42EA-9C1C-8A5DF7E70EF9} 1 Sample Item
Home de-DE {110D559F-DEA5-42EA-9C1C-8A5DF7E70EF9} 1 Sample Item
Home pl-PL {110D559F-DEA5-42EA-9C1C-8A5DF7E70EF9} 1 Sample Item
Home en-US {110D559F-DEA5-42EA-9C1C-8A5DF7E70EF9} 3 Sample Item
Home en-GB {110D559F-DEA5-42EA-9C1C-8A5DF7E70EF9} 1 Sample Item
Hjem da {110D559F-DEA5-42EA-9C1C-8A5DF7E70EF9} 1 Sample ItemPS master:\> Get-Item -Path master:/content/home -Language * -Version *| Format-Table -Property DisplayName, Language, Id, Version, TemplateName
DisplayName Language ID Version TemplateName
----------- -------- -- ------- ------------
Home en {110D559F-DEA5-42EA-9C1C-8A5DF7E70EF9} 1 Sample Item
Home de-DE {110D559F-DEA5-42EA-9C1C-8A5DF7E70EF9} 1 Sample Item
Home pl-PL {110D559F-DEA5-42EA-9C1C-8A5DF7E70EF9} 1 Sample Item
Home en-US {110D559F-DEA5-42EA-9C1C-8A5DF7E70EF9} 1 Sample Item
Home en-US {110D559F-DEA5-42EA-9C1C-8A5DF7E70EF9} 2 Sample Item
Home en-US {110D559F-DEA5-42EA-9C1C-8A5DF7E70EF9} 3 Sample Item
Home en-GB {110D559F-DEA5-42EA-9C1C-8A5DF7E70EF9} 1 Sample Item
Hjem da {110D559F-DEA5-42EA-9C1C-8A5DF7E70EF9} 1 Sample ItemPS master:\> Get-ChildItem -Path master:/content -Language * -Version * | Format-Table -Property DisplayName, Language, Id, Version, TemplateName
DisplayName Language ID Version TemplateName
----------- -------- -- ------- ------------
Home en {110D559F-DEA5-42EA-9C1C-8A5DF7E70EF9} 1 Sample Item
Home de-DE {110D559F-DEA5-42EA-9C1C-8A5DF7E70EF9} 1 Sample Item
Home pl-PL {110D559F-DEA5-42EA-9C1C-8A5DF7E70EF9} 1 Sample Item
Home en-US {110D559F-DEA5-42EA-9C1C-8A5DF7E70EF9} 1 Sample Item
Home en-US {110D559F-DEA5-42EA-9C1C-8A5DF7E70EF9} 2 Sample Item
Home en-US {110D559F-DEA5-42EA-9C1C-8A5DF7E70EF9} 3 Sample Item
Home en-GB {110D559F-DEA5-42EA-9C1C-8A5DF7E70EF9} 1 Sample Item
Hjem da {110D559F-DEA5-42EA-9C1C-8A5DF7E70EF9} 1 Sample ItemPS master:\> Get-Item -Path master: -Query "/sitecore/content//*[@@templatename='Sample Item']"
Name Children Languages Id TemplateName
---- -------- --------- -- ------------
Copy of Home True {en, de-DE, es-ES, pt... {503713E5-F9EE-4847-AEAF-DD13FD853004} Sample Item
Home True {en, de-DE, es-ES, pt... {110D559F-DEA5-42EA-9C1C-8A5DF7E70EF9} Sample ItemPS master:\> Get-Item -Path master: -Query "/sitecore/content//*[@@templatename='Sample Item']" -Language * -Version * | Format-Table -Property DisplayName, Language, Id, Version, TemplateName -AutoSize
DisplayName Language ID Version TemplateName
----------- -------- -- ------- ------------
Home de-DE {503713E5-F9EE-4847-AEAF-DD13FD853004} 1 Sample Item
Hjem da {503713E5-F9EE-4847-AEAF-DD13FD853004} 1 Sample Item
Home en {110D559F-DEA5-42EA-9C1C-8A5DF7E70EF9} 1 Sample Item
Home de-DE {110D559F-DEA5-42EA-9C1C-8A5DF7E70EF9} 1 Sample Item
Home pl-PL {110D559F-DEA5-42EA-9C1C-8A5DF7E70EF9} 1 Sample Item
Home en-US {110D559F-DEA5-42EA-9C1C-8A5DF7E70EF9} 1 Sample Item
Home en-US {110D559F-DEA5-42EA-9C1C-8A5DF7E70EF9} 2 Sample Item
Home en-US {110D559F-DEA5-42EA-9C1C-8A5DF7E70EF9} 3 Sample Item
Home en-GB {110D559F-DEA5-42EA-9C1C-8A5DF7E70EF9} 1 Sample Item
Hjem da {110D559F-DEA5-42EA-9C1C-8A5DF7E70EF9} 1 Sample Item$isoDate = [Sitecore.DateUtil]::ToIsoDate([datetime]::Today)
Get-Item -Path master: -Query "/sitecore/content/home//*[@__Publish > '$($isoDate)']" |
Show-ListView -Property ID,Name,ItemPath$rootItemId = "{839085D0-C279-47C6-83C9-9CC28E7C111E}"
$rootItem = Get-Item -Path "master:" -ID $rootItemId
$templateId = "{759BA7B1-A216-467E-A37C-2B8D7F1A713C}"
$query = "fast:$($rootItem.ItemPath)//*[@@templateid='$($templateId)']"
Get-Item -Path "master:" -Query $query$query = "ancestor-or-self::*[@@templatename='Sample Item']"
# Retrieve the items with Axes and a given context item.
$SitecoreContextItem.Axes.SelectItems($query)
# Retrieve the items using the Query class and context item.
# Retrieve the items by prepending the context path to the query.
Get-Item -Path "master:" -Query ("$($SitecoreContextItem.Paths.Path)/$query")PS master:\> Get-Item -Path master: -ID "{110D559F-DEA5-42EA-9C1C-8A5DF7E70EF9}"
Name Children Languages Id TemplateName
---- -------- --------- -- ------------
Home True {en, de-DE, es-ES, pt... {110D559F-DEA5-42EA-9C1C-8A5DF7E70EF9} Sample ItemPS master:\> Get-Item -Path master: -Uri "sitecore://master/{110D559F-DEA5-42EA-9C1C-8A5DF7E70EF9}?lang=en&ver=1"
Name Children Languages Id TemplateName
---- -------- --------- -- ------------
Home True {en, de-DE, es-ES, pt... {110D559F-DEA5-42EA-9C1C-8A5DF7E70EF9} Sample ItemPS master:\ >Get-Item -Path "master:\content\home" | Select-Object -Property PSSecurity
Name ID __Owner __Security
---- -- ------- ----------
Home {110D559F-DEA5-42EA-9C1C-8A5DF7E70EF9} sitecore\admin au|sitecore\michael|pe|+item:read|PS master:\> Get-Item -Path "/sitecore/media library/Images/SPE/kitten1" | Select-Object -Property PSTemplate
Name ID BaseTemplate
---- -- ------------
kitten1 {E58FA823-3CAF-43A1-A5ED-FBE24D3C21B4} {Image, File, Standard template, Media classification...}PS master:\> Get-Item -Path "/sitecore/media library/Images/SPE/kitten1" | Select-Object -Property PSImage
Name : kitten1
ID : {E58FA823-3CAF-43A1-A5ED-FBE24D3C21B4}
Alt : Yay
Width : 225
Height : 225
Extension : jpg
Size : 6593PS master:\> Get-Item -Path "/sitecore/system/Tasks/Schedules/Content Testing/Calculate Statistical Relevancy" | Select-Object -Property PSSchedule
Name : Calculate Statistical Relevancy
ID : {C7533E65-A1D6-4F99-9F12-0AB157299D80}
Schedule : 1900101|19000101|127|1.00:00
Last run : 1/1/0001 12:00:00 AM
Command : {6A79C206-0CD2-4DDD-9DFF-5BF21E002931}
Items :$item = Get-Item -Path "master:\content\home"
$item._.Image.AltPS master:\> $currentItem = Get-Item -Path 'master:\content\home\sample-item'
PS master:\> $currentItem.PSFields."LinkFieldName"
Anchor :
Class :
InternalPath : /sitecore/content/home/sample-item/
IsInternal : True
IsMediaLink : False
LinkType : internal
MediaPath :
QueryString :
Target :
TargetID : {263293D3-B1B3-4C2C-9A75-6BD418F376BC}
TargetItem : Sitecore.Data.Items.Item
Text : CLICK HERE
Title :
Url :
Root : link
Xml : #document
InnerField : <link linktype="internal" text="CLICK HERE" querystring="" target="" id="{263293D3-B1B3-4C2C-9A75-6BD418F376BC}" />
Value : <link linktype="internal" text="CLICK HERE" querystring="" target="" id="{263293D3-B1B3-4C2C-9A75-6BD418F376BC}" />$item = Get-Item -Path "master:\content\home"
foreach($field in $item.Fields) {
$item.PSFields."$($field.Name)" |
Where-Object { $_ -is [Sitecore.Data.Fields.TextField] }
}PS master:\> Set-ItemProperty -Path master:/content/home -Name "Title" -Value "New Title"$item = Get-Item master:/content/home
$item.Editing.BeginEdit()
$item["Title"] = "New Title"
$item.BranchId = [Guid]::Empty # or a new value if changing it
$item.Editing.EndEdit()$item = Get-Item -Path master:/content/home
$item.Title = "New Title"
$item."Closing Date" = [datetime]::Today$item = Get-Item -Path "master:" -ID "{110D559F-DEA5-42EA-9C1C-8A5DF7E70EF9}"
$item."__Display name" = "I Like Turtles"$item = Get-Item -Path "master:" -ID "{110D559F-DEA5-42EA-9C1C-8A5DF7E70EF9}"
$fieldName = "__Display name"
# All variations will work
Write-Host ($item.$fieldName)
Write-Host ($item."$fieldName")
Write-Host ($item."$($fieldName)")$item = Get-Item -Path "master:" -ID "{110D559F-DEA5-42EA-9C1C-8A5DF7E70EF9}"
$item.__Created
# Monday, April 07, 2008 1:59:00 PM$item = Get-Item -Path "master:" -ID "{110D559F-DEA5-42EA-9C1C-8A5DF7E70EF9}"
$item.__Created = [DateTime]::Now
$item.__Created
# Tuesday, March 17, 2020 12:00:00 PM$homeItem = Get-Item -Path "master:/content/home"
$homeItem.Image = Get-Item -Path "master:\media library\logo"$homeItem = Get-Item -Path "master:/content/home"
$homeItem.GeneralLink = Get-Item -Path "master:\content\home-away-from-home"$homeItem = Get-Item -Path "master:/content/home"
$homeItem.ItemList = Get-ChildItem -Path 'master:\content\'New-UsingBlock (New-Object Sitecore.Data.BulkUpdateContext) {
foreach($item in Get-ChildItem -Path "master:\content\home") {
$item.Editing.BeginEdit()
$item["Title"] = "Sample Item"
$item["Text"] = "Sample Item"
$item.Editing.EndEdit() > $null
}
}$site = [Sitecore.Sites.SiteContextFactory]::GetSiteContext("usa")
$relativeUrl = New-UsingBlock (New-Object Sitecore.Sites.SiteContextSwitcher $site) {
$pageItem = Get-Item -Path "master:" -Id "{50BE527C-7241-4613-A7A9-20D0217B264B}"
[Sitecore.Links.LinkManager]::GetItemUrl($pageItem)
}# Get the root node using Get-Item, then a call to Axes.
$mediaItemContainer = Get-Item -Path "master:/media library"
$items = $mediaItemContainer.Axes.GetDescendants() |
Where-Object { [int]$_.Fields["Size"].Value -gt 100000 } | Initialize-ItemCopy-Item -Path "master:\content\home\Sample Item\Sample Item 1" -Destination "master:\content\home\Sample Item\Sample Item 2"Copy-Item -Path master:\content\Home -Destination web:\content\home -TransferOptions 0$sourceId = "{AF27FAD3-2AF0-4682-9BF7-375197587579}"
$destinationId = "{53F94442-555B-4622-B813-A16ED2CAB01B}"
$children = Get-ChildItem -Path "master:" -ID $sourceId
foreach($child in $children) {
$child | Copy-Item -Destination $destinationId -Recurse
}Move-Item -Path "master:\content\home\sample item\Sample Item 1" -Destination "master:\content\home\sample item 2\"Get-Item -Path "master:" -ID "{65736CA0-7D69-452A-A16F-2F42264D21C5}" |
Move-Item -Destination "master:{DFDDF372-3AB7-45B1-9E7C-0D0B27350439}"$itemPath = "master:\content\home\sample item\Sample Item 3"
New-Item -Path $itemPath -ItemType "Sample/Sample Item"
Name Children Languages Id TemplateName
---- -------- --------- -- ------------
Sample Item 3 False {en} {F6F4F7B7-5E72-4C16-9294-218D80ED89E8} Sample Item$itemPath = "master:\content\home\sample item\Sample Item 4"
$templateId = "{76036F5E-CBCE-46D1-AF0A-4143F9B557AA}"
$itemId = "{9459ADDD-4471-4ED3-A041-D33E559BD321}"
New-Item -Path $itemPath -ItemType $templateId -ForceId $itemId
Name Children Languages Id TemplateName
---- -------- --------- -- ------------
Sample Item 4 False {en} {9459ADDD-4471-4ED3-A041-D33E559BD321} Sample Item$templateId = "{76036F5E-CBCE-46D1-AF0A-4143F9B557AA}"
$parentItem = Get-Item -Path "master:\" -ID "{110D559F-DEA5-42EA-9C1C-8A5DF7E70EF9}"
New-Item -Parent $parentItem -Name "Sample Item 3" -ItemType $templateId
Name Children Language Version Id TemplateName
---- -------- -------- ------- -- ------------
Sample Item 3 False en 1 {2F71043A-C731-4EC2-BFE4-0604D4D71652} Sample ItemRemove-Item -Path "master:\content\home\sample item\Sample Item 3" -Permanently
