Hi, would like to bring some useful commands every admin should know.
1: Get-Help
The first PowerShell cmdlet every administrator should learn is Get-Help. You can use this command to get help with any other command. For example, if you want to know how the Get-Process command works, you can type:
Get-Help -Name Get-Process
and Windows will display the full command syntax.
You can also use Get-Help with individual nouns and verbs. For example, to find out all the commands you can use with the Get verb, type:
Get-Help -Name Get-*
2: Set-ExecutionPolicy
Although you can create and execute PowerShell scripts, Microsoft has disabled scripting by default in an effort to prevent malicious code from executing in a PowerShell environment. You can use the Set-ExecutionPolicy command to control the level of security surrounding PowerShell scripts. Four levels of security are available to you:
Restricted — Restricted is the default execution policy and locks PowerShell down so that commands can be entered only interactively. PowerShell scripts are not allowed to run.
All Signed — If the execution policy is set to All Signed then scripts will be allowed to run, but only if they are signed by a trusted publisher.
Remote Signed — If the execution policy is set to Remote Signed, any PowerShell scripts that have been locally created will be allowed to run. Scripts created remotely are allowed to run only if they are signed by a trusted publisher.
Unrestricted — As the name implies, Unrestricted removes all restrictions from the execution policy.
You can set an execution policy by entering the Set-ExecutionPolicy command followed by the name of the policy. For example, if you wanted to allow scripts to run in an unrestricted manner you could type:
Set-ExecutionPolicy Unrestricted
3: Get-ExecutionPolicy
If you’re working on an unfamiliar server, you’ll need to know what execution policy is in use before you attempt to run a script. You can find out by using the Get-ExecutionPolicy command.
4: Get-Service
The Get-Service command provides a list of all of the services that are installed on the system. If you are interested in a specific service you can append the -Name switch and the name of the service (wildcards are permitted) When you do, Windows will show you the service’s state.
5: ConvertTo-HTML
PowerShell can provide a wealth of information about the system, but sometimes you need to do more than just view the information onscreen. Sometimes, it’s helpful to create a report you can send to someone. One way of accomplishing this is by using the ConvertTo-HTML command.
To use this command, simply pipe the output from another command into the ConvertTo-HTML command. You will have to use the -Property switch to control which output properties are included in the HTML file and you will have to provide a filename.
To see how this command might be used, think back to the previous section, where we typed Get-Service to create a list of every service that’s installed on the system. Now imagine that you want to create an HTML report that lists the name of each service along with its status (regardless of whether the service is running). To do so, you could use the following command:
Get-Service | ConvertTo-HTML -Property Name, Status > C:\services.htm
6: Export-CSV
Just as you can create an HTML report based on PowerShell data, you can also export data from PowerShell into a CSV file that you can open using Microsoft Excel. The syntax is similar to that of converting a command’s output to HTML. At a minimum, you must provide an output filename. For example, to export the list of system services to a CSV file, you could use the following command:
Get-Service | Export-CSV c:\service.csv
7: Select-Object
If you tried using the command above, you know that there were numerous properties included in the CSV file. It’s often helpful to narrow things down by including only the properties you are really interested in. This is where the Select-Object command comes into play. The Select-Object command allows you to specify specific properties for inclusion. For example, to create a CSV file containing the name of each system service and its status, you could use the following command:
Get-Service | Select-Object Name, Status | Export-CSV c:\service.csv
8: Get-EventLog
You can actually use PowerShell to parse your computer’s event logs. There are several parameters available, but you can try out the command by simply providing the -Log switch followed by the name of the log file. For example, to see the Application log, you could use the following command:
Get-EventLog -Log “Application”
Of course, you would rarely use this command in the real world. You’re more likely to use other commands to filter the output and dump it to a CSV or an HTML file.
9: Get-Process
Just as you can use the Get-Service command to display a list of all of the system services, you can use the Get-Process command to display a list of all of the processes that are currently running on the system.
10: Stop-Process
Sometimes, a process will freeze up. When this happens, you can use the Get-Process command to get the name or the process ID for the process that has stopped responding. You can then terminate the process by using the Stop-Process command. You can terminate a process based on its name or on its process ID. For example, you could terminate Notepad by using one of the following commands:
Stop-Process -Name notepad
Stop-Process -ID 2787
Keep in mind that the process ID may change from session to session.
11 most useful PowerShell commands for remote management
Using PowerShell for managing remote computers quickly and efficiently has been one of its main advantages. If you’re not familiar with it, these commands will get you up to speed.
The cmdlets
Remember that, in addition to the above, if you’re executing remote commands on a server (or workstation) you need to have admin rights on that remote system, as well as your local system where you will be opening the PS session as an administrative one. If your account on the local machine is not an admin on the remote one, you will have to provide the explicit credentials for an account that is admin on the remote machine.
1.Enter-PSSession
The first cmdlet is really the most important one for us, as it is what enables you to start a PS session on the remote machine. Click the title for the MSDN page with all the details, but here’s an example to get you started.
Enter-PSSession -ComputerName RemoteServer -Port 5353 -Credential Domain\Username
The cool thing is that your prompt will be updated to reflect the remote hostname as a reminder of which box you’re on when executing commands. The title for each of the cmdlets below is linked to the online documentation in case you want more information.
2.Invoke-Command
This very useful cmdlet lets you call scripts you have either saved to the remote machine or can get to by drive or UNC path. You can use it instead of Enter-PSSession if you want to do a one-off or use a comma-delimited list of computer names to run the same thing on multiple systems.
Invoke-Command -ComputerName RemoteServer -Credential Domain\Username -ScriptBlock {PScommand}
3.Get-EventLog
Just like it sounds, this cmdlet lets you retrieve and view the Event Log from a remote system (or of course locally) and filter based on type, ID, keyword, etc.
Get-EventLog -LogName System -InstanceID c0ffee -Source “LSA“
4.Get-Process, Start-Process, and Stop-Process
Three cmdlets that are closely related, and let you see what processes are running, start new processes and stop processes. These processes can be applications or scripts and can be background or interactive on the Desktop.
Start-Process -FilePath “notepad” -Wait -WindowStyle Maximized
5.Get-Volume and Set-Volume
Another set of cmdlets that are best together, with which you can query what volumes are attached to a system and manipulate them, including mounting/dismounting and changing drive letters. How often do you need to check free disk space across all your servers?
Get-Volume -DriveLetter C
6.Get-ACL and Set-ACL
These two cmdlets can get and modify the ACL on any resource, be it file system or registry. This can simplify auditing, configuration, and specific settings for applications deployed on multiple systems.
Get-Acl -Path “HKLM:\System\CurrentControlSet\Control” | Format-List
7.Restart-Computer and Stop-Computer
These two do exactly what it sounds like they do. Bounce or shutdown the remote machine as appropriate.
Restart-Computer -ComputerName “Server01”, “Server02”, “Server03”
8.Test-Connection
Would not PING by any other name be just as good? Probably, and in this case, there are some useful parameters that you can use in scripts to first confirm a system is up before trying to do something else or to just test a connection from a user’s workstation without having to first explain to them how to open a CMD prompt and then how to spell PING.
Test-Connection -ComputerName “Server01” -Count 3 -Delay 2 -TTL 255 -BufferSize 256 -ThrottleLimit 32
9.Get-Service and Set-Service
Similar to cmdlets to manipulate processes, these two can query and set the services on the remote system, like using services.msc
Get-Service | Where-Object {$_.Status -eq “Running”}
10.Start-Job
This cmdlet can let you feed a number of lines into a run block, or invoke a PS1 script accessible on the remote machine by file path.
Start-Job -FilePath “c:\scripts\sample.ps1”
11.Set-RemoteDesktopConfig
And just in case you really need that GUI you can use Set-RemoteDesktopConfig to enable and configure RDP on servers. This is very useful considering that it’s off by default, even with Server 2016.
0 Comments