Test-FileCatalog | Taking on PowerShell one cmdlet at a time | Weekly Blog

Share this post:

This is a part of an on-going blog series written by Adam Gordon. Each week, Adam will walk you through a PowerShell command, showing you when and how to use each one. This week, Adam covers Test-FileCatalog.

When to use Test-FileCatalog?

Test-FileCatalog validates the authenticity of files by comparing the file hashes of a catalog file (.cat) with the hashes of actual files on disk.

If it detects any mismatches, it returns the status as ValidationFailed.

Users can retrieve all this information by using the -Detailed parameter.

It also displays signing status of catalog in Signature property which is equivalent to calling Get-AuthenticodeSignature cmdlet on the catalog file.

Users can also skip any file during validation by using the -FilesToSkip parameter.

NOTE: This cmdlet is only supported on Windows.

What version of PowerShell am I using for this blog?

Get the PowerShell Version from your machine:

$PSVersionTable

This command shows you the PowerShell version information on your machine.

How to use Test-FileCatalog?

Create and validate a file catalog:

Line #1:   New-FileCatalog -Path $PSHOME\Modules\Microsoft.PowerShell.Utility -CatalogFilePath \temp\Microsoft.PowerShell.Utility.cat -CatalogVersion 2.0

Line #2:  Test-FileCatalog -CatalogFilePath \temp\Microsoft.PowerShell.Utility.cat -Path “$PSHome\Modules\Microsoft.PowerShell.Utility\”

Line #1 uses the New-FileCatalog cmdlet to create a new file catalog. It uses the -Path parameter to specify a folder or array of files that should be validated against the catalog file. The -CatalogFilePath parameter is used to specify a path to a catalog file (.cat) that contains the hashes to be used for validation.

The -CatalogVersion parameter Accepts 1.0 or 2.0 as possible values for specifying the catalog version. 1.0 should be avoided whenever possible, as it uses the insecure SHA-1 hash algorithm, while 2.0 uses the secure SHA-256 algorithm. However, 1.0 is the only supported algorithm on Windows 7 and Server 2008R2.

Line #2 uses the Test-FileCatalog cmdlet with the -CatalogFilePath parameter to specify a path to a catalog file (.cat) that contains the hashes to be used for validation. It uses the -Path parameter to specify a folder or array of files that should be validated against the catalog file.

Validate a file catalog with detailed output:

Test-FileCatalog -CatalogFilePath \temp\Microsoft.PowerShell.Utility.cat -Path “$PSHome\Modules\Microsoft.PowerShell.Utility\” -Detailed

The Test-FileCatalog cmdlet uses the -CatalogFilePath parameter to specify a path to a catalog file (.cat) that contains the hashes to be used for validation. It uses the -Path parameter to specify a folder or array of files that should be validated against the catalog file. The -Detailed parameter is used to return a more detailed CatalogInformation object that contains the files tested, their expected/actual hashes, and an Authenticode signature of the catalog file if it’s signed.

Learn last week’s command: New-PSDrive.

Need PowerShell training? Check out ITProTV’s PowerShell online IT training courses.

Leave a Reply

Your email address will not be published. Required fields are marked *