PowerShell Basics

o PowerShell is a great way to manipulate server and/or workstation components

o It’s geared toward system administrators by creating a more simplified syntax base

o PowerShell is more secure than running vbscripts

o Quick analysis of various computer specs

o Microsoft .NET Framework v2.0 or latero Windows XP/Server 2003 or latero The PowerShell install file (Download)o Windows Management Framework

(Includes)o Windows Remote Managemento Windows PowerShell 2.0o Background Intelligent Transfer Service

(BITS) 4.0

o You can use commands that you are familiar with such as CD, PING, IPCONFIG or DIR

o There are also some Unix commands that can be used such as LS or MAN (these commands are aliases to the actual PowerShell commands)

o Get-Alias will list the preloaded Alias’s and will show you what Cmdlet they are mapped to

o The majority of the PowerShell functionality comes from Cmdlet’s

o Always in Verb-Noun format and never plural (Get-WmiObject or Get-Process)

o Cmdlet’s return objects not texto Retrieve list of Cmdlet’s (Get-

Command)o Can tab complete

o One of the time savers in PowerShell is giving the user the ability to pipe commands together

o Ex. Get-process | select ProcessName, ID | Sort ProcessName | FL

o PowerShell scripts differ from most scripts

o PowerShell scripts end in .ps1 and have to be run inside a PowerShell window

o Double clicking a PowerShell script will open the script in notepad

o Scripts must also be run in this format

o Restricted – No scripts can be run. Windows PowerShell can be used only in interactive mode.

o AllSigned – Only scripts signed by a trusted publisher can be run.

o RemoteSigned – Downloaded scripts must be signed by a trusted publisher before they can be run.

o Unrestricted – No restrictions; all Windows PowerShell scripts can be run.

o PowerShell can tap in to the WMI classes of another computer as well your own, given you are using administrative credentials

o Ex. Get-WmiObject Win32_Product will list all of the Microsoft installed products on your machine (products installed by Windows Installer)

o You can use the runas command in the ‘start’ menu to run the PowerShell console as administrator

o There is a Cmdlet called Get-Credential which can store administrative credentials in a variable

o Can’t be used to authenticate to local machine

o Because WMI calls utilize the RPC protocol, the Windows Firewall must be turned off or Remote Administration must be enabled

o The RPC protocol uses random ports

o Pull computer serial numbero Gwmi Win32_Bios | select SerialNumber

o Reboot a machineo (Gwmi win32_OperatingSystem –comp |

server).reboot()o Gather Logical Disk Space information

o Gwmi Win32_LogicalDisko Show running processes

o Gwmi Win32_Process

o Variables are defined by the two following ways [type] $variable = x or just $variable = x

o To display a variable you would just type $variable

o Ex. To store the installed products on your machineo $Product = gwmi Win32_Product

o If you displayed the contents of $Product, it would display the entire list of products that it pulled

o To individually go through each installed product you would need to use a ForEach statement

o Server 2008 R2o Window 7o Exchange 2007/2010o System Center 2008 Suiteo SQL 2008/2008 R2o SharePoint 2010

o www.scriptinganswers.como www.primalscript.como www.scriptingoutpost.como http://www.microsoft.com/technet/

scriptcenter/topics/winpsh/convert/default.mspxo Site Converts VB code to PowerShell Code

o $NIC = Get-WMIObject Win32_NetworkAdapterConfiguration | where{$_.IPEnabled -eq "TRUE“}o $NIC.EnableStatic("192.168.100.66", "255.255.255.0")o $NIC.SetGateways("192.168.100.1")o $NIC.SetDNSServerSearchOrder(“8.8.8.8”, “8.8.4.4”)o $NIC.SetDynamicDNSRegistration("FALSE")

o Gwmi win32_process | select name | sort name

o (Gwmi win32_process | where {$_.name –(match “processname.exe”}).terminate(1)

o gwmi win32_terminalservicesetting -comp computername).setallowtsconnections(1)