Lab 7: Working in

Windows Powershell
Lab Instructions
In this lab you will practice using the command line interface for the Windows operating
system. This command shell is known as PowerShell. PowerShell allows you to execute
various commands. You will use the Microsoft Server Virtual Machine you have been
provided in the Bellevue virtual environment which you have used in previous labs.
The article, Introduction to the Windows Command Line with PowerShell will help you to
complete this lab.
The tasks you complete in this lab will be very similar to the tasks you complete in the
Linux Command Line lab later, but in this lab, you are working with PowerShell. You may
even see that some of the same commands work in both systems. This helps you easily
move back and forth between operating systems.
Answers to prompts should be provided on the separate lab answer sheet provided in
this module’s Blackboard lab. Prompts will occur in red text.

Convention
From your reading and videos, you will recall that PowerShell commands are known as
cmdlets and are in a Verb-Noun format. For example, the cmdlet Get-EventLog is used
to retrieve log items. ‘Get’ is the verb and ‘EventLog’ is the noun that is acted upon by
the verb. This structure makes it possible for you to more easily remember cmdlets, or
even make a good guess as to a cmdlet. For example, you will note that many cmdlets
that result in the retrieval of some information begin with the verb ‘Get.’
You should also note that cmdlets do not have spaces and although they are formatted
using CamelCase (no spaces but each word starts with a capital letter) the cmdlets are
not case sensitive. You can enter everything as lower case although using CamelCase
format makes your code easier to read.
In this lab cmdlets and parameters will appear in bold text. Values will be in standard
font.
Get-EventLog -LogName audit -Newest 10
This command instructs PowerShell to retrieve and display the ten most recent entries
from the audit log.
Get-Event is a cmdlet
-LogName and -Newest are parameters
audit and 10 are values.
If any item in a command is enclosed in angle brackets <example> this indicates this is
a value you should provide. When providing the value the <> characters should not be
included.

Set Up
 This lab should be accomplished within the Windows Server virtual machine
provided in the Bellevue virtual environment which you have been using in
previous modules.

Getting Started and getting help

Start and logon to your Windows Server virtual machine using the student account,
password student. We will be running PowerShell with administrative privileges due
to some of the actions we wish to take.
 Type PowerShell into the search field and, right-click on ‘Windows PowerShell’
and select ‘Run as administrator.’

 If prompted accept the warning message about changes to your system.

PowerShell has a built-in help system which you can use if you have questions about
a particular command.

Get-Help
 Run the Get-Help command. Without any parameters information about how
to use help is displayed.
You can search on a specific term or cmdlet by adding that term after the Get-
Help cmdlet.
 Enter ‘Get-Help set-location’ to gain information on one of the next
commands we will be using.
o Provide a screenshot of the help entry for this command
Creating Directories and Files
Get-Location and Set-Location
With these two command you can see how the Verb-Noun format of cmdlets helps to
understand what a cmdlet does.
 Enter ‘Get-Location’ and note the information displayed. This is your current
working directory.

We would now like to change our current working directory to our home directory.
 In the command shell, Type Set-Location ~
NOTE: "~" is called a tilde. This character can be used to change or set the directory
to your home directory. What's a home directory? That is the default location to save a
user's work. After entering the command you will see your command prompt change to
reflect your new working directory. You can also use the Get-Location cmdlet to show
your new working directory, or path.
 Use the Get-Location cmdlet to display your current path and provide a screen
shot.
o Provide a screen shot of the cmdlet and results

Creating subdirectories with New-Item

Let's create three subdirectories under your home directory. reference: Learn Microsoft
PowerShell: New-Item Command
In your home directory:
 Type, New-Item -Path 'C:\Users\student\directory1' -ItemType
Directory
 Type, New-Item -Path 'C:\Users\student\directory2' -ItemType
Directory
 Type, New-Item -Path 'C:\Users\student\directory3' -ItemType
Directory

Confirm the three directories were created in your home directory using the Get-
ChildItem cmdlet. Get-ChildItem displays contents and attributes of several OS
objects. It this case we will use it to list the contents of a directory.
 Type Get-ChildItem
o Provide a screen shot of the cmdlet and results
If the New-Item cmdlet was successful you should see your three created
directories in the list displayed. If you do not see the three new directories go back
and make sure you entered the commands correctly. PowerShell displays error
 messages in red text. If you receive an error message read it carefully, it will often
tell you exactly what needs to be fixed or give you sufficient information to better
research the problem.
PowerShell is very flexible in that you can use many of the legacy MS-DOS
commands as well as Linux commands. The MS-DOS command to get a directory
listing is dir and the Linux command to do the same action is ls.
 Enter both the dir and ls commands in the PowerShell terminal and compare the
output from the Get-ChildItem, dir, and ls commands. Do the three command
display the same or different results?
o Record your answer for the above question.

Creating Files with New-Item

Earlier we created directories with the New-Item cmdlet, we can also use that cmdlet
to create files. Let's add a file, temp.txt, to each directory just created. This time rather
than type the full file path from the root ‘C:’ we will only use the name of the directories
we created. We can do this as our current working directory is ‘C:\Users\student.’
Specifying a path from the root is known as an ‘absolute’ path. Specifying a path from
your current working directory is known as a ‘relative’ path.
Another shortcut we will use this time is using '*' which is a wildcard expression in
PowerShell. In the command we are building we need PowerShell to find directory1,
directory2 and directory3. By substituting, an * for the characters 1, 2 and 3,
PowerShell matched anything with the word 'directory' and any additional characters
after the word 'directory'. This will allow us to use a single command to create an empty
text file in each directory rather than having to enter that command three times, once
for each directory.
To Read about wildcard expressions in PowerShell: Learn Microsoft PowerShell:
Wildcard Expressions
 Type, New-Item -Path directory* -Name temp.txt -ItemType File
o Provide a screen shot of the cmdlet and results
The above command created three empty text files, notice the 0 byte length, one in
each directory.

Moving and Copying Files

In this section of the lab, we will use cmdlets to move and copy files in and between
directories. Moving and copying files, and even entire directories, is a very common task
you will need to do when utilizing PowerShell to maintain and secure an operating
system.
 Use the appropriate command you learned earlier to change your working
directory to the subdirectory, ‘directory1,’ which you created earlier.
 Use another command you learned earlier to display your current working
directory.
o Provide a screen shot of the cmdlets used to change and show your
working directory along with the results of those commands
Move-Item and Copy-Item
We can use the cmdlet Move-Item to move an item, such as a file, from one directory
location to another. The Move-Item cmdlet can also be used to rename an item.
Likewise, the cmdlet Copy-Item can be used to make a copy of an item in another
location or with a different name. Resource: Learn Microsoft PowerShell: Move-item &
Learn Microsoft PowerShell: Copy-Item
Both Move-Item and Copy-Item have a similar format:
cmdlet -Path <source item> -Destination <destination item>
Examples of cmdlet use:
To move a file from one directory to another:
 Move-Item -Path C:\Users\student\directory2\temp.txt -Destination
C:\Users\student\directory3\temp2.txt
The above command will move the file ‘temp.txt’ from directory2, rename it temp2.txt,
and place it in directory3. After this operation is completed the file ‘temp.txt’ will no
longer be present in directory2. If the same source and destination directories used
were the file would have been simply renamed.
To copy a file from one directory to another:
 Copy-Item -Path C:\Users\student\directory2\temp.txt -Destination
C:\Users\student\directory1\temp2.txt
The above command will copy the file ‘temp.txt’ from directory2, and place the new
copy, named temp2.txt, in directory3. Note that after this operation is completed the
file ‘temp.txt’ will still reside in directory2.
Currently directory1, directory2, and directory3 each have a single text file in them
named temp.txt. Use the Move-Item and Copy-Item cmdlets to
 In directory1 rename temp.txt to temp1.txt
 Move temp.txt from directory2 to directory1, renaming it temp2.txt in the
process
 Copy temp.txt from directory3 to directory1, renaming it temp2.txt in the process
 Using the appropriate command list the files that now reside in directory1,
directory2, and directory3.
o Provide screen shots of the cmdlets used to do these actions as well as
the final directory content listings

Creating and Running a PowerShell Script

In addition to running PowerShell commands individually from the command line we can
combine commands in a file and run those as a script. Developing and utilizing scripts is
the key to automating many routine and complex tasks, saving time and reducing
errors.
We will develop a simple script to provide several details of the computer system upon
which it is executed. To write this script we will use PowerShell ISE, the integrated
scripting environment.
  Close or minimize your current PowerShell window
 Type PowerShell in the search field again and this time run PowerShell ISE as
administrator, acknowledging any warnings.

In the application window which displays click the down arrow next to the word ‘Script’
at the upper right of the PowerShell window.
This will display an additional script pane.

The top left pane is where we will write our script. The bottom left pane is where the
script will run. The right vertical pane is a help panel for PowerShell cmdlets.

Additional cmdlets
For this script you will be using two new cmdlets, Write-Output, and Get-
ComputerInfo
We will be using Write-Output to send text to the screen. For example, the command
Write-Output “Hello World” will print Hello World to the screen.
We will use Get-ComputerInfo to display several configuration items of the Windows
Server instance you are running. For example, the command
Get-ComputerInfo -Property CsName, CsUserName, OsLocalDateTime would output
to the screen the computers name, the name of the logged in user, and the current
local date/time on the system.
If we were to write a short program using those two commands in PowerShell ISE and
click the green play button you would get the below.

PowerShell scripts generally have a .ps1 extension. When writing your script, the
system will ask you to save your script when you run it for the first time. Use the default
location of C:\Users\student\Documents. Give you file an appropriate name with the .ps1
file extension.
The above was program was saved with the name ‘info.ps1.’ If we open a PowerShell
session and go to the C:\Users\student\Documents directory and list the contents we
see the below:
We can then run the script by typing on the command line
./info.ps1
Placing ‘./’ in front of the filename tells the system the file should be ran from the
current directory.
The below is the output of the command

NOTE: Windows systems are generally configured to restrict the execution of PowerShell
scripts. To modify the permissions to run a script the cmdlet Set-ExecutionPolicy is
used along with a parameter defining the new policy. Your system has been configured
to allow scripts to run but, in the future, should you find a system that isn’t allowing
scripts to be ran you will need to research the ExecutionPolicy on that system. If you run
into this problem in this lab, contact your instructor.

Your Script
Your final task in this lab is to use the above information to
 Write a script which will
o Output to the screen on separate lines
 Your name
 CYBR340
 The current date
 ------------------
 Computer Info
o Use the appropriate cmdlet to output to the screen
 All the below properties
 CsName
 CsUserName
 OsLocalDateTime
 At least three (you can do more) of the below
 CsProcessors
  OsName
 OsVersion
 BiosDescription
 OsLastBootUpTime
 OsSerialNumber
 TimeZone
 Write the script in PowerShell ISE correcting any bugs
 Run the script in PowerShell ISE
o Provide a screen shot of PowerShell ISE showing your code and the output
 Save the script as a .ps1 file and go to that file in a PowerShell terminal
o Provide a screen dump of the directory listing showing the script
o Provide a screen dump showing the script execution in PowerShell (not the
ISE)