Let's take a look at 25 very common tasks you can accomplish with Windows PowerShell.
Common entries (just to get started)
Common entries (just to get started)
1. Navigate the Windows Registry like the file system:
cd hkcu:
2. Search recursively for a certain string within files:
dir –r | select string "searchforthis"
3. Find the five processes using the most memory:
ps | sort –p ws | select –last 5
4. Cycle a service (stop, and then restart it) like DHCP:
Restart-Service DHCP
5. List all items within a folder:
Get-ChildItem – Force
6. Recurse over a series of directories or folders:
Get-ChildItem –Force c:\directory –Recurse
7. Remove all files within a directory without being prompted for each:
Remove-Item C:\tobedeleted –Recurse
8. Restart the current computer:
(Get-WmiObject -Class Win32_OperatingSystem -ComputerName .).Win32Shutdown(2)
Collecting information
9. Get information about the make and model of a computer:
Get-WmiObject -Class Win32_ComputerSystem
10. Get information about the BIOS of the current computer:
Get-WmiObject -Class Win32_BIOS -ComputerName .
11. List installed hotfixes -- QFEs, or Windows Update files:
Get-WmiObject -Class Win32_QuickFixEngineering -ComputerName .
12. Get the username of the person currently logged on to a computer:
Get-WmiObject -Class Win32_ComputerSystem -Property UserName -ComputerName .
13. Find just the names of installed applications on the current computer:
Get-WmiObject -Class Win32_Product -ComputerName . | Format-Wide -Column 1
14. Get IP addresses assigned to the current computer:
Get-WmiObject -Class Win32_NetworkAdapterConfiguration -Filter IPEnabled=TRUE -ComputerName . | Format-Table -Property IPAddress
15. Get a more detailed IP configuration report for the current machine:
Get-WmiObject -Class Win32_NetworkAdapterConfiguration -Filter IPEnabled=TRUE -ComputerName . | Select-Object -Property [a-z]* -ExcludeProperty IPX*,WINS*
16. Find network cards with DHCP enabled on the current computer:
Get-WmiObject -Class Win32_NetworkAdapterConfiguration -Filter "DHCPEnabled=true" -ComputerName .
17. Enable DHCP on all network adapters on the current computer:
Get-WmiObject -Class Win32_NetworkAdapterConfiguration -Filter IPEnabled=true -ComputerName . | ForEach-Object -Process {$_.EnableDHCP()}
Software management
18. Install an MSI package on a remote computer:
(Get-WMIObject -ComputerName TARGETMACHINE -List | Where-Object -FilterScript {$_.Name -eq "Win32_Product"}).Install(\\MACHINEWHEREMSIRESIDES\path\package.msi)
19. Upgrade an installed application with an MSI-based application upgrade package:
(Get-WmiObject -Class Win32_Product -ComputerName . -Filter "Name='name_of_app_to_be_upgraded'").Upgrade(\\MACHINEWHEREMSIRESIDES\path\upgrade_package.msi)
20. Remove an MSI package from the current computer:
(Get-WmiObject -Class Win32_Product -Filter "Name='product_to_remove'" -ComputerName . ).Uninstall()
Machine management
21. Remotely shut down another machine after one minute:
Start-Sleep 60; Restart-Computer –Force –ComputerName TARGETMACHINE
22. Add a printer:
(New-Object -ComObject WScript.Network).AddWindowsPrinterConnection("\\printerserver\hplaser3")
23. Remove a printer:
(New-Object -ComObject WScript.Network).RemovePrinterConnection("\\printerserver\hplaser3 ")
24. Enter into a remote PowerShell session -- you must have remote management enabled:
enter-pssession TARGETMACHINE
25. Use the PowerShell invoke command to run a script on a remote servers:
invoke-command -computername machine1, machine2 -filepath c:\Script\script.ps1
Bonus command
To dismiss a process you can use the process ID or the process name. The -processnameswitch allows the use of wildcards. Here's how to stop the calculator:
Stop-Process -processname calc*
