Windows Operations

Windows operations documentation for engineers who live in Linux but work in hybrid environments. PowerShell as a tool, not a lifestyle.

Quick Navigation

Certificates Coming Soon

Certificate Store Navigation

PowerShell Fundamentals

WSL Trust Store Integration

Active Directory Queries

WSL Setup & Configuration

Philosophy

PowerShell is a tool. Use it when Windows is the problem domain. Return to your terminal when done.

This documentation exists because:

  • Corporate environments are hybrid (AD, Windows endpoints, Linux servers)

  • WSL bridges both worlds - you need to move certificates, fix SSL, manage SSH

  • Cisco Umbrella and corporate proxies break things - you need to fix them

  • Some tasks are genuinely easier in PowerShell (AD queries, cert stores, GPO)

Core Use Cases

Certificate Operations

Export certificates from Windows trust store for Linux consumption:

# Find corporate CA certs
Get-ChildItem Cert:\LocalMachine\Root | Where-Object { $_.Subject -match "Umbrella|Corporate" }

# Export to PEM for WSL
$cert = Get-ChildItem Cert:\LocalMachine\Root | Where-Object { $_.Subject -match "Umbrella" }
[System.IO.File]::WriteAllText("C:\temp\corp-ca.crt", `
    "-----BEGIN CERTIFICATE-----`n" + `
    [Convert]::ToBase64String($cert.RawData, 'InsertLineBreaks') + `
    "`n-----END CERTIFICATE-----")

Then in WSL:

sudo cp /mnt/c/temp/corp-ca.crt /etc/ca-certificates/trust-source/anchors/
sudo update-ca-trust

WSL SSH Agent

When WSL doesn’t have systemd, SSH agent needs manual start:

# In ~/.zshrc or ~/.config/fish/config.fish
if [[ ! -S "$XDG_RUNTIME_DIR/ssh-agent.socket" ]]; then
    eval "$(ssh-agent -s)" > /dev/null
    ssh-add ~/.ssh/id_ed25519_github 2>/dev/null
fi

Content Structure

Certificate Management

Export, import, trust store navigation - focus on Linux integration.

PowerShell Fundamentals (Planned)

Core syntax, pipeline, providers - enough to be dangerous.

WSL Integration (Planned)

Bridging Windows and Linux - SSH, certificates, networking.

Active Directory (Planned)

Queries, Kerberos, troubleshooting - what you need for hybrid auth.

Related Components

  • Linux Operations (linux-ops) - The primary home

  • Identity Operations (identity-ops) - Identity & SSO

  • ISE Linux (ise-linux) - 802.1X EAP-TLS for Linux

  • Secrets Management (secrets-ops) - dsec and secrets ops

Origin

Created 2026-02-17 during WSL Arch troubleshooting session. Corporate Cisco Umbrella SSL inspection was breaking git clone. The fix required exporting Windows certificates to WSL trust store via PowerShell.

Sometimes you have to use Windows to fix Linux problems.