Thanks to visit codestin.com
Credit goes to www.scribd.com

Scribd
Upload
189 views15 pages

Powershell Must Know

The document provides Windows PowerShell commands for performing various tasks on a computer such as locking the computer, logging off a session, restarting the computer, listing installed hotfixes, getting disk space, viewing processes, stopping processes, adding and removing printers, pinging computers, and configuring network and DHCP settings.

Uploaded by

Ash Kapoor
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as XLSX, PDF, TXT or read online on Scribd
189 views15 pages

Powershell Must Know

The document provides Windows PowerShell commands for performing various tasks on a computer such as locking the computer, logging off a session, restarting the computer, listing installed hotfixes, getting disk space, viewing processes, stopping processes, adding and removing printers, pinging computers, and configuring network and DHCP settings.

Uploaded by

Ash Kapoor
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as XLSX, PDF, TXT or read online on Scribd
You are on page 1/ 15

Use Command

Locking a Computer rundll32.exe user32.dll,LockWorkStation


Shutdown.exe -1 or (Get-WmiObject -Class
Win32_OperatingSystem
Logging Off the Current Session -ComputerName .).Win32Shutdown(0)
Restarting a Computer restart-computer
Use Command
Listing Desktop Get-CimInstance -ClassName Win32_Desktop -ComputerName . Or Get-CimInstance
Settings -ClassName Win32_Desktop -ComputerName . | Select-Object -ExcludeProperty "CIM*"
Listing BIOS Information
Get-CimInstance -ClassName Win32_BIOS -ComputerName .
Get-CimInstance -ClassName Win32_Processor -ComputerName . | Select-Object
-ExcludeProperty "CIM*" OR Get-CimInstance -ClassName Win32_ComputerSystem
Listing Processor Information
-ComputerName . | Select-Object -Property SystemType
Listing Computer
Manufacturer and
Model Get-CimInstance -ClassName Win32_ComputerSystem
Get-CimInstance -ClassName Win32_QuickFixEngineering -ComputerName . Or Get-
Listing Installed CimInstance -ClassName Win32_QuickFixEngineering -ComputerName . -Property
Hotfixes HotFixID
Listing Operating Get-CimInstance -ClassName Win32_OperatingSystem -ComputerName . | Select-
System Version Object -Property
Information BuildNumber,BuildType,OSType,ServicePackMajorVersion,ServicePackMinorVersion
Get-CimInstance -ClassName Win32_LogicalDisk -Filter "DriveType=3"
Getting Available Disk-ComputerName
Space .

Getting Logon SessionGet-CimInstance


Information -ClassName Win32_LogonSession -ComputerName .
Getting the User
Logged on to a Get-CimInstance -ClassName Win32_ComputerSystem -Property UserName
Computer -ComputerName .
Getting Local Time
from a Computer Get-CimInstance -ClassName
Get-CimInstance -ClassName Win32_LocalTime
Win32_Service -ComputerName
-ComputerName .
. | Select-Object
Displaying Service Status
-Property Status,Name,DisplayName

Use Command

Locking a Computer rundll32.exe user32.dll,LockWorkStation


Shutdown.exe -1 or (Get-WmiObject -Class Win32_OperatingSystem
Logging Off the Current
-ComputerName
Session .).Win32Shutdown(0)

Restarting a Computer
restart-computer

Use Command
Viewing Object
Structure (Get-
Member) Get-Process | Get-Member | Out-Host -Paging

Selecting Parts of Get-WmiObject -Class Win32_LogicalDisk | Select-Object -Property Name,FreeSpace OR


Objects (Select- Get-WmiObject -Class Win32_LogicalDisk | Select-Object -Property Name,FreeSpace |
Object) ForEach-Object -Process {$_.FreeSpace = ($_.FreeSpace)/1024.0/1024.0; $_}

Performing Simple Tests


1,2,3,4
with| Where-Object
Where-Object -FilterScript {$_ -lt 3}

Get-WmiObject -Class Win32_SystemDriver | Where-Object -FilterScript {$_.State -eq


Filtering Based on 'Running'} or Get-WmiObject -Class Win32_SystemDriver | Where-Object -FilterScript
Object Properties {$_.State -eq "Running"} | Where-Object -FilterScript {$_.StartMode -eq "Auto"}
Get-ChildItem | Sort-Object -Property LastWriteTime, Name | Format-Table -Property
Basic sorting LastWriteTime, Name
Get-ChildItem | Sort-Object -Property LastWriteTime, Name -Descending | Format-Table
descending sort -Property LastWriteTime, Name
Get-ChildItem | Sort-Object -Property @{ Expression = 'LastWriteTime'; Descending =
$true }, @{ Expression = 'Name'; Ascending = $true } | Format-Table -Property
Using hash tables LastWriteTime, Name

Repeating a Task for


Multiple Objects PS> Get-WmiObject -Class Win32_LogicalDisk | ForEach-Object -Process
(ForEach-Object) {($_.FreeSpace)/1024.0/1024.0}

Using New-Object
for Event Log Access New-Object -TypeName System.Diagnostics.EventLog

$ie = New-Object -ComObject InternetExplorer.Application


$ie.Visible = $true
$ie.Navigate("http://www.microsoft.com/technet/scriptcenter/default.mspx")
$ie.Document.Body.InnerText
$ie.Quit()
Using Internet Explorer
Remove-Variable
from WindowsiePowerShell

Get-WmiObject -Class Win32_OperatingSystem -Namespace root/cimv2


-ComputerName . | Get-Member -MemberType Property

Get-WmiObject -Class Win32_OperatingSystem -Namespace root/cimv2


-ComputerName . | Format-Table -Property
TotalVirtualMemorySize,TotalVisibleMemorySize,FreePhysicalMemory,FreeVirtualMemo
Displaying WMI Classry,FreeSpaceInPagingFiles
Details

Use Command

Get-Process -Name PowerShell -ComputerName localhost, Server01, Server01 | Format-


Table -Property ID, ProcessName, MachineName

or

Get-Process powershell -ComputerName localhost, Server01, Server02 |


Format-Table -Property Handles,
@{Label="NPM(K)";Expression={[int]($_.NPM/1024)}},
@{Label="PM(K)";Expression={[int]($_.PM/1024)}},
@{Label="WS(K)";Expression={[int]($_.WS/1024)}},
@{Label="VM(M)";Expression={[int]($_.VM/1MB)}},
Getting Processes @{Label="CPU(s)";Expression={if ($_.CPU -ne $()){$_.CPU.ToString("N")}}},
(Get-Process) Id, ProcessName, MachineName -auto
Get-Process -Name BadApp | Where-Object -FilterScript {$_.SessionId -neq 0} | Stop-
Stopping Processes (Stop-Process)
Process

Get-Process -Name powershell | Where-Object -FilterScript {$_.Id -ne $PID} | Stop-


Stopping All Other Windows
Process PowerShell
-PassThru Sessions
New-PSDrive -Name Office -PSProvider FileSystem -Root "C:\Program Files\Microsoft
Adding New WindowsOffice\OFFICE11"
PowerShell Drives (New-PSDrive)

Deleting Windows PowerShell


Remove-PSDrive
Drives (Remove-PSDrive)
-name Office

Listing Printer Connections


Get-WmiObject -Class Win32_Printer
(New-Object -ComObject
Adding a Network Printer
WScript.Network).AddWindowsPrinterConnection("\\Printserver01\Xerox5")
(Get-WmiObject -ComputerName . -Class Win32_Printer -Filter "Name='HP LaserJet
Setting a Default Printer
5Si'").SetDefaultPrinter()
(New-Object -ComObject
Removing a Printer Connection
WScript.Network).RemovePrinterConnection("\\Printserver01\Xerox5")

Get-WmiObject -Class Win32_NetworkAdapterConfiguration -Filter IPEnabled=$true


-ComputerName . | Format-Table -Property IPAddress or Get-WmiObject -Class
Win32_NetworkAdapterConfiguration -Filter IPEnabled=$true -ComputerName . | Get-
Listing IP Addresses Member -Name IPAddress
for a Computer
Get-WmiObject -Class Win32_NetworkAdapterConfiguration -Filter IPEnabled=$true
isting IP Configuration-ComputerName
Data .

Get-WmiObject -Class Win32_PingStatus -Filter "Address='127.0.0.1'" -ComputerName .


Or Get-WmiObject -Class Win32_PingStatus -Filter "Address='127.0.0.1'"
-ComputerName . | Format-Table -Property Address,ResponseTime,StatusCode
-Autosize Or '127.0.0.1','localhost','research.microsoft.com' | ForEach-Object -Process
{Get-WmiObject -Class Win32_PingStatus -Filter ("Address='" + $_ + "'")
Pinging Computers -ComputerName .} | Select-Object -Property Address,ResponseTime,StatusCode
Retrieving Network
Adapter Properties Get-WmiObject -Class Win32_NetworkAdapter -ComputerName .

Get-WmiObject -Class Win32_NetworkAdapterConfiguration -Filter IPEnabled=$true


-ComputerName . | ForEach-Object -Process { $_. SetDNSDomain('fabrikam.com') } or
Assigning the DNS Get-WmiObject -Class Win32_NetworkAdapterConfiguration -ComputerName . |
Domain for a Where-Object -FilterScript {$_.IPEnabled} | ForEach-Object -Process
Network Adapter {$_.SetDNSDomain('fabrikam.com')}
1.Determining DHCP-Enabled Adapters:
Get-WmiObject -Class Win32_NetworkAdapterConfiguration -Filter
"DHCPEnabled=$true" -ComputerName .
2.Retrieving DHCP Properties
Get-WmiObject -Class Win32_NetworkAdapterConfiguration -Filter
"DHCPEnabled=$true" -ComputerName . | Format-Table -Property DHCP*
3.Enabling DHCP on Each Adapter
Get-WmiObject -Class Win32_NetworkAdapterConfiguration -Filter IPEnabled=$true
-ComputerName . | ForEach-Object -Process {$_.EnableDHCP()}
4.Releasing and Renewing DHCP Leases on Specific Adapters
Get-WmiObject -Class Win32_NetworkAdapterConfiguration -Filter "IPEnabled=$true
and DHCPEnabled=$true" -ComputerName . | Where-Object -FilterScript
{$_.DHCPServer -contains '192.168.1.254'} | ForEach-Object -Process
{$_.ReleaseDHCPLease()}
5.Releasing and Renewing DHCP Leases on All Adapters
Get-WmiObject -List | Where-Object -FilterScript {$_.Name -eq
'Win32_NetworkAdapterConfiguration'}
( Get-WmiObject -List | Where-Object -FilterScript {$_.Name -eq
'Win32_NetworkAdapterConfiguration'} ).ReleaseDHCPLeaseAll()
( Get-WmiObject -List | Where-Object -FilterScript {$_.Name -eq
Performing DHCP Configuration
'Win32_NetworkAdapterConfiguration'}
Tasks ).RenewDHCPLeaseAll()
Creating a Network (Get-WmiObject -List -ComputerName . | Where-Object -FilterScript {$_.Name -eq
Share 'Win32_Share'}).Create('C:\temp','TempShare',0,25,'test share of the temp folder')
Removing a (Get-WmiObject -Class Win32_Share -ComputerName . -Filter
Network Share "Name='TempShare'").Delete() or net share tempshare /delete

(New-Object -ComObject WScript.Network).MapNetworkDrive('B:', '\\FPS01\users') or


Connecting a Windows
netAccessible
use B: \\FPS01\users
Network Drive
Listing Windows
Installer Get-CimInstance -Class Win32_Product | Where-Object Name -eq "Microsoft .NET Core
Applications Runtime - 2.1.2 (x64)" | Format-List -Property *

New-PSDrive -Name Uninstall -PSProvider Registry -Root


Listing All HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
Uninstallable $UninstallableApplications = Get-ChildItem -Path Uninstall:
Applications $UninstallableApplications | ForEach-Object -Process { $_.GetValue('DisplayName') }
Installing Invoke-CimMethod -ClassName Win32_Product -MethodName Install -Arguments
Applications @{PackageLocation='\\AppSrv\dsp\NewPackage.msi'}

Removing Get-ChildItem -Path Uninstall: | Where-Object -FilterScript { $_.GetValue('DisplayName')


Applications -like 'Win*'} | ForEach-Object -Process { $_.GetValue('UninstallString') }
Upgrading Windows Get-CimInstance -Class Win32_Product -Filter "Name='OldAppName'" | Invoke-
Installer CimMethod -MethodName Upgrade -Arguments
Applications @{PackageLocation='\\AppSrv\dsp\OldAppUpgrade.msi'}

Use Command
Get-Item -Path
Listing Registry Registry::HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion |
Entries Select-Object -ExpandProperty Property
Get-ItemProperty -Path HKLM:\Software\Microsoft\Windows\CurrentVersion -Name
DevicePath or reg query HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion /v
Getting a Single Registry
DevicePath
Entry
$value = Get-ItemProperty -Path HKCU:\Environment -Name Path
$newpath = $value.Path += ";C:\src\bin\"
Setting a Single Registry
Set-ItemProperty
Entry -Path HKCU:\Environment -Name Path -Value $newpath
Creating New New-ItemProperty -Path HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion -Name
Registry Entries PowerShellPath -PropertyType String -Value $PSHome

Renaming Registry Rename-ItemProperty -Path HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion


Entries -Name PowerShellPath -NewName PSHome -passthru
Deleting Registry Remove-ItemProperty -Path HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion
Entries -Name PSHome
Use
Viewing Object Structure (Get-Member)

Selecting Parts of Objects (Select-Object)


Performing Simple Tests with Where-Object

Filtering Based on Object Properties


Basic sorting

descending sort

Using hash tables


Repeating a Task for Multiple Objects
(ForEach-Object)
Using New-Object for Event Log Access

Using Internet Explorer from Windows PowerShell

Displaying WMI Class Details


Command
Get-Process | Get-Member | Out-Host -Paging
Get-WmiObject -Class Win32_LogicalDisk | Select-Object -Property Name,FreeSpace OR Get-WmiObject -Class
Win32_LogicalDisk | Select-Object -Property Name,FreeSpace | ForEach-Object -Process {$_.FreeSpace =
($_.FreeSpace)/1024.0/1024.0; $_}
1,2,3,4 | Where-Object -FilterScript {$_ -lt 3}
Get-WmiObject -Class Win32_SystemDriver | Where-Object -FilterScript {$_.State -eq 'Running'} or Get-WmiObject -Class
Win32_SystemDriver | Where-Object -FilterScript {$_.State -eq "Running"} | Where-Object -FilterScript {$_.StartMode -eq
"Auto"}
Get-ChildItem | Sort-Object -Property LastWriteTime, Name | Format-Table -Property LastWriteTime, Name

Get-ChildItem | Sort-Object -Property LastWriteTime, Name -Descending | Format-Table -Property LastWriteTime, Name
Get-ChildItem | Sort-Object -Property @{ Expression = 'LastWriteTime'; Descending = $true }, @{ Expression = 'Name';
Ascending = $true } | Format-Table -Property LastWriteTime, Name

PS> Get-WmiObject -Class Win32_LogicalDisk | ForEach-Object -Process {($_.FreeSpace)/1024.0/1024.0}


New-Object -TypeName System.Diagnostics.EventLog

$ie = New-Object -ComObject InternetExplorer.Application


$ie.Visible = $true
$ie.Navigate("http://www.microsoft.com/technet/scriptcenter/default.mspx")
$ie.Document.Body.InnerText
$ie.Quit()
Remove-Variable ie

Get-WmiObject -Class Win32_OperatingSystem -Namespace root/cimv2 -ComputerName . | Get-Member -MemberType


Property

Get-WmiObject -Class Win32_OperatingSystem -Namespace root/cimv2 -ComputerName . | Format-Table -Property


TotalVirtualMemorySize,TotalVisibleMemorySize,FreePhysicalMemory,FreeVirtualMemory,FreeSpaceInPagingFiles
Use

Getting Processes (Get-Process)


Stopping Processes (Stop-Process)
Stopping All Other Windows PowerShell Sessions
Adding New Windows PowerShell Drives (New-PSDrive)
Deleting Windows PowerShell Drives (Remove-PSDrive)
Listing Printer Connections
Adding a Network Printer
Setting a Default Printer
Removing a Printer Connection

Listing IP Addresses for a Computer


isting IP Configuration Data

Pinging Computers
Retrieving Network Adapter Properties
Assigning the DNS Domain for a Network Adapter

Performing DHCP Configuration Tasks

Creating a Network Share

Removing a Network Share


Connecting a Windows Accessible Network Drive

Listing Windows Installer Applications

Listing All Uninstallable Applications


Installing Applications

Removing Applications

Upgrading Windows Installer Applications


Command

Get-Process -Name PowerShell -ComputerName localhost, Server01, Server01 | Format-Table -Property ID, ProcessName,
MachineName

or

Get-Process powershell -ComputerName localhost, Server01, Server02 |


Format-Table -Property Handles,
@{Label="NPM(K)";Expression={[int]($_.NPM/1024)}},
@{Label="PM(K)";Expression={[int]($_.PM/1024)}},
@{Label="WS(K)";Expression={[int]($_.WS/1024)}},
@{Label="VM(M)";Expression={[int]($_.VM/1MB)}},
@{Label="CPU(s)";Expression={if ($_.CPU -ne $()){$_.CPU.ToString("N")}}},
Id, ProcessName, MachineName -auto
Get-Process -Name BadApp | Where-Object -FilterScript {$_.SessionId -neq 0} | Stop-Process
Get-Process -Name powershell | Where-Object -FilterScript {$_.Id -ne $PID} | Stop-Process -PassThru
New-PSDrive -Name Office -PSProvider FileSystem -Root "C:\Program Files\Microsoft Office\OFFICE11"
Remove-PSDrive -name Office
Get-WmiObject -Class Win32_Printer
(New-Object -ComObject WScript.Network).AddWindowsPrinterConnection("\\Printserver01\Xerox5")
(Get-WmiObject -ComputerName . -Class Win32_Printer -Filter "Name='HP LaserJet 5Si'").SetDefaultPrinter()
(New-Object -ComObject WScript.Network).RemovePrinterConnection("\\Printserver01\Xerox5")

Get-WmiObject -Class Win32_NetworkAdapterConfiguration -Filter IPEnabled=$true -ComputerName . | Format-Table


-Property IPAddress or Get-WmiObject -Class Win32_NetworkAdapterConfiguration -Filter IPEnabled=$true
-ComputerName . | Get-Member -Name IPAddress

Get-WmiObject -Class Win32_NetworkAdapterConfiguration -Filter IPEnabled=$true -ComputerName .

Get-WmiObject -Class Win32_PingStatus -Filter "Address='127.0.0.1'" -ComputerName . Or Get-WmiObject -Class


Win32_PingStatus -Filter "Address='127.0.0.1'" -ComputerName . | Format-Table -Property
Address,ResponseTime,StatusCode -Autosize Or '127.0.0.1','localhost','research.microsoft.com' | ForEach-Object -Process
{Get-WmiObject -Class Win32_PingStatus -Filter ("Address='" + $_ + "'") -ComputerName .} | Select-Object -Property
Address,ResponseTime,StatusCode
Get-WmiObject -Class Win32_NetworkAdapter -ComputerName .
Get-WmiObject -Class Win32_NetworkAdapterConfiguration -Filter IPEnabled=$true -ComputerName . | ForEach-Object
-Process { $_. SetDNSDomain('fabrikam.com') } or Get-WmiObject -Class Win32_NetworkAdapterConfiguration
-ComputerName . | Where-Object -FilterScript {$_.IPEnabled} | ForEach-Object -Process
{$_.SetDNSDomain('fabrikam.com')}

1.Determining DHCP-Enabled Adapters:


Get-WmiObject -Class Win32_NetworkAdapterConfiguration -Filter "DHCPEnabled=$true" -ComputerName .
2.Retrieving DHCP Properties
Get-WmiObject -Class Win32_NetworkAdapterConfiguration -Filter "DHCPEnabled=$true" -ComputerName . | Format-
Table -Property DHCP*
3.Enabling DHCP on Each Adapter
Get-WmiObject -Class Win32_NetworkAdapterConfiguration -Filter IPEnabled=$true -ComputerName . | ForEach-Object
-Process {$_.EnableDHCP()}
4.Releasing and Renewing DHCP Leases on Specific Adapters
Get-WmiObject -Class Win32_NetworkAdapterConfiguration -Filter "IPEnabled=$true and DHCPEnabled=$true"
-ComputerName . | Where-Object -FilterScript {$_.DHCPServer -contains '192.168.1.254'} | ForEach-Object -Process
{$_.ReleaseDHCPLease()}
5.Releasing and Renewing DHCP Leases on All Adapters
Get-WmiObject -List | Where-Object -FilterScript {$_.Name -eq 'Win32_NetworkAdapterConfiguration'}
( Get-WmiObject -List | Where-Object -FilterScript {$_.Name -eq
'Win32_NetworkAdapterConfiguration'} ).ReleaseDHCPLeaseAll()
( Get-WmiObject -List | Where-Object -FilterScript {$_.Name -eq
'Win32_NetworkAdapterConfiguration'} ).RenewDHCPLeaseAll()
(Get-WmiObject -List -ComputerName . | Where-Object -FilterScript {$_.Name -eq
'Win32_Share'}).Create('C:\temp','TempShare',0,25,'test share of the temp folder')
(Get-WmiObject -Class Win32_Share -ComputerName . -Filter "Name='TempShare'").Delete() or net share tempshare
/delete
(New-Object -ComObject WScript.Network).MapNetworkDrive('B:', '\\FPS01\users') or net use B: \\FPS01\users
Get-CimInstance -Class Win32_Product | Where-Object Name -eq "Microsoft .NET Core Runtime - 2.1.2 (x64)" | Format-
List -Property *

New-PSDrive -Name Uninstall -PSProvider Registry -Root HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall


$UninstallableApplications = Get-ChildItem -Path Uninstall:
$UninstallableApplications | ForEach-Object -Process { $_.GetValue('DisplayName') }
Invoke-CimMethod -ClassName Win32_Product -MethodName Install -Arguments
@{PackageLocation='\\AppSrv\dsp\NewPackage.msi'}
Get-ChildItem -Path Uninstall: | Where-Object -FilterScript { $_.GetValue('DisplayName') -like 'Win*'} | ForEach-Object
-Process { $_.GetValue('UninstallString') }
Get-CimInstance -Class Win32_Product -Filter "Name='OldAppName'" | Invoke-CimMethod -MethodName Upgrade
-Arguments @{PackageLocation='\\AppSrv\dsp\OldAppUpgrade.msi'}
Use Command
Get-Item -Path
Registry::HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersi
Listing Registry Entries on | Select-Object
-Name -ExpandProperty
DevicePath or reg query Property
Getting a Single Registry Entry HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion /v DevicePath
$value = Get-ItemProperty -Path HKCU:\Environment -Name Path
$newpath = $value.Path += ";C:\src\bin\"
Setting a Single Registry Entry Set-ItemProperty -Path HKCU:\Environment -Name Path -Value $newpath

New-ItemProperty -Path HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion


Creating New Registry Entries -Name PowerShellPath -PropertyType String -Value $PSHome
Rename-ItemProperty -Path
HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion -Name PowerShellPath
Renaming Registry Entries -NewName PSHome -passthru
Remove-ItemProperty -Path
Deleting Registry Entries HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion -Name PSHome

You might also like