Another addition of JEA in Windows PowerShell is the user drive. Even if the filesystem provider is not visible to the user, it is possible to map each connecting user a personal drive. It is possible to copy data to and from the personal drive, to, for example, use it as input for a cmdlet:
# The user drive
$sessionConfigurationOptions = @{
Path = '.SessionConfig.pssc'
SessionType = 'RestrictedRemoteServer'
TranscriptDirectory = 'C:Transcripts'
RunAsVirtualAccount = $true
LanguageMode = 'ConstrainedLanguage'
MountUserDrive = $true
UserDriveMaximumSize = 50MB
}
New-PSSessionConfigurationFile @sessionConfigurationOptions
Register-PSSessionConfiguration -Name WithUserDrive -Path .SessionConfig.pssc
# Copying files simply works.
# Working with Cmdlets like Set-Content requires a wrapper function
$session = New-PSSession -ComputerName localhost -ConfigurationName WithUserDrive
'it just works' | Set-Content .JeaTest.file
Copy-Item -ToSession $session -Path .JeaTest.file -Destination user:JeaTest.file
Copy-Item -FromSession $session -Path user:JeaTest.file -Destination .JeaTestFromConstrainedSession.file
The user drives are located at $env:LOCALAPPDATAMicrosoftWindowsPowerShellDriveRootsDOMAIN_USER, and all files are stored plainly on disk. Keep this in mind when handling sensitive data: