In: Computer Science
this Assignment you are going to find and run 30 unique Cmdlets. It is recommended that you watch the lecture on the Help System to see how to call a list of Native Cmdlets in your Windows Powershell runtime environment.
In your Windows VM:
PowerShell cmdlets:
PowerShell commands are known as cmdlets, and these cmdlets are the driving force behind its functional capabilities. From commands that improve the overall Windows experience to commands useful for development work, there are dozens of important commands developers should know. We’ve put together this list to serve as a handy reference guide for those who are just beginning to tap into the power of PowerShell as well as those who want to level-up their PowerShell experience, including:
30 different Powershell Cmdlets:
These basic PowerShell commands are helpful for getting information in various formats, configuring security, and basic reporting.
1) Get-Command :
Get-Command is an easy-to-use reference cmdlet that brings up all the commands available for use in your current session.
Simply type in this command:
get-command
The output will look something like this :
CommandType Name Definition ----------- ---- ---------- Cmdlet Add-Content Add-Content [-Path] <String[... Cmdlet Add-History Add-History [[-InputObject] ... Cmdlet Add-Member Add-Member [-MemberType]
2) Get-Help:
The Get-Help command is essential for anyone using PowerShell, providing quick access to the information you need to run and work with all of the available commands.
If you wanted some examples, for instance, you’d enter the following :
Get-Help [[-Name] <String>] [-Path <String>] [-Category <String[]>] [-Component <String[]>] [-Functionality <String[]>] [-Role <String[]>] [-Examples] [<CommonParameters>]
3) Set-ExecutionPolicy:
Microsoft disables scripting by default to prevent malicious scripts from executing in the PowerShell environment. Developers want to be able to write and execute scripts, however, so the Set-ExecutionPolicy command enables you to control the level of security surrounding PowerShell scripts.
You can set one of four security levels:
Similarly, if you’re working in an unfamiliar environment, you can easily find out what the current execution policy is using this command:
Get-ExecutionPolicy
You should type the following to make it go to unrestricted mode:
Set-ExecutionPolicy unrestricted
4) Get-Service:
It’s also helpful to know what services are installed on the system. You can easily access this information with the following command:
Get-Service
The output will look something like the following :
Status Name DisplayName ------ ---- ----------- Running AdobeActiveFile... Adobe Active File Monitor V4 Stopped Alerter Alerter Running ALG Application Layer Gateway Service Stopped AppMgmt Application Management Running ASChannel Local Communication Channel
If you need to know if a specific service is installed, you can append the -Name switch and the name of the service, and Windows will show the state of the service. Additionally, you can leverage filtering capabilities to return a specific subset of currently installed services. The following example will result in an output of data from the Get-Service command that’s been piped to the Where-Object cmdlet, which then filters out everything other than the services that have been stopped:
Get-Service | Where-Object {$_.status -eq "stopped"}
5) ConvertTo-HTML:
If you need to extract data that you can use in a report or send to someone else, the ConvertTo-HTML is one simple way to do so. To use it, pipe the output from another command to the ConvertTo-HTML command and use the -Property switch to specify which output properties you want in the HTML file. You’ll also need to provide a file name.
For example, the following code creates an HTML page that lists the PowerShell aliases in the current console:
PS C:\> get-alias | convertto-html > aliases.htm PS C:\> invoke-item aliases.htm
Bonus:
Export-CSV
cmdlet functions in much the same way, but exports data to a .CSV file rather than HTML. Use
Select-Object
to specify which properties you want to be included in the output.
6) Get-EventLog:
You can actually use PowerShell to parse your machine’s event logs using the Get-EventLog cmdlet. There are several parameters available. Use the -Log switch followed by the name of the log file to view a specific log.
You’d use the following command, for example, to view the Application log:
Get-EventLog -Log "Application"
7) Get-Process:
Much like getting a list of available services, it’s often useful to be able to get a quick list of all the currently running processes. The Get-Process command puts this information at your fingertips.
Bonus: Use Stop-Process to stop processes that are frozen or is no longer responding. If you’re not sure what process is holding you up, use Get-Process to quickly identify the problematic process. Once you have the name or process ID, use Stop-Process to terminate it.
For Example,Run this command to terminate all currently running instances of Notepad:
Stop-Process -processname notepad
You can use wildcard characters, too, such as the following example which terminates all instances of Notepad as well as any other processes beginning with note:
Stop-Process -processname note*
8) Clear-History:
What if you want to clear the entries from your command history? Easy – use the Clear-History cmdlet. You can also use it to delete only specific commands.
For example, the following command would delete commands that include “help” or end in “command”:
PS C:\> Clear-History -Command *help*, *command
If you want to add entries to a session, use:
Add-History
9) Where-Object:
Where-Object is one of the most important cmdlets to know, as it enables you to take a dataset and pass it further down your pipeline for filtering.
Get-Service | Where-Object {$_.Status -eq 'Running'} Status Name DisplayName ------ ---- ----------- Running AdobeARMservice Adobe Acrobat Update Service Running AppHostSvc Application Host Helper Service Running Appinfo Application Information Running AudioEndpointBu... Windows Audio Endpoint Builder Running Audiosrv Windows Audio Running BFE Base Filtering Engine Running BITS Background Intelligent Transfer Ser... Running BrokerInfrastru... Background Tasks Infrastructure Ser... Running Browser Computer Browser Running CDPSvc Connected Devices Platform Service
10) Set-AuthenticodeSignature:
If you want to keep your work secure in production and prevent modification, use Set-AuthenticodeSignature to add an Authenticode signature to a script or file.
> Set-AuthenticodeSignature somescript.ps1 @(Get-ChildItem cert:\CurrentUser\My -codesigning)[0] -IncludeChain "All" -TimestampServer "http://timestamp.verisign.com/scripts/timstamp.dll"
When it comes to productivity, PowerShell can help you get things done with the following commands.
11) ForEach-Object:
The ForEach-Object cmdlet performs an operation against every item in a specified group of input objects. While many cmdlets work with every object in a collection anyway, you’ll need ForEach-Object for those situations in which you want to make other modifications or apply specific formatting to all objects in a collection.
Here’s an example ,If you want to display a list of process names and want those names to render in cyan, you might try the following:
Get-Process | Write-Host $_.name -foregroundcolor cyan
But the above will produce the following error:
At line:1 char:25 + get-process | write-host <<<< $_.name -foregroundcolor cyan Write-Host : The input object cannot be bound to any parameters for the command either because the command does not take pipeline input or the input and its properties do not match any of the parameters that take pipeline input.
Because the Write-Host cmdlet doesn’t understand what you want to do with the data that’s sent over the pipeline.
So, using the ForEach-Object cmdlet solves this problem:
Get-Process | ForEach-Object {Write-Host $_.name -foregroundcolor cyan}
12) Clear-Content :
If you want to delete the contents of an item but retain the item itself.
you’ll use the Clear-Content cmdlet:
Clear-Content C:\Temp\TestFile.txt
You can also use this command to clear the contents of all files with a specified file extension. The following code would clear the contents of all files with the .txt extension, for instance:
Clear-Content -path * -filter *.TXT –force
You can also use wildcard characters. Plus, you can clear the contents of any type of file, from .txt files to .doc, .xls, and more.
13) Checkpoint-Computer :
If you’re making major changes or running a risky experiment, you can set a restore point on your machine with the Checkpoint-Computer cmdlet.
Note that you can only create a restore point using this cmdlet once every 24 hours.
If you run the command again, it will keep the previous restore point:
PS C:\> Checkpoint-Computer -Description "My 2nd checkpoint" -RestorePointType "Modify_Settings" PS C:\> Get-ComputerRestorePoint | format-list __GENUS : 2 __CLASS : SystemRestore __SUPERCLASS : __DYNASTY : SystemRestore __RELPATH : SystemRestore.SequenceNumber=59 __PROPERTY_COUNT : 5 __DERIVATION : {} __SERVER : CLIENT2 __NAMESPACE : root\default __PATH : \\CLIENT2\root\default:SystemRestore.SequenceNumber=59 CreationTime : 20120202180537.316029-000 Description : My 2nd checkpoint EventType : 100 RestorePointType : 12 SequenceNumber : 59
14) Compare-Object":
It’s often useful to be able to compare two objects directly. You can do this using Compare-Object, which generates a report on the differences between two sets such as:
PS G:\lee\tools> cd c:\temp PS C:\temp> $set1 = "A","B","C" PS C:\temp> $set2 = "C","D","E" PS C:\temp> Compare-Object $set1 $set2 InputObject SideIndicator ----------- ------------- D => E => A <= B <=
15) ConvertFrom-StringData :
Use ConvertFrom-StringData to convert a string containing one or more value pairs to a hash table.
Here’s an example of what the command looks like:
$settings = $TextData | ConvertFrom-StringData
This command is useful in a variety of situations, such as when you want to save the settings for a PowerShell script to enable others to edit the settings without working in the script code directly.
16) ConvertTo-SecureString :
Convert an encrypted standard string to a secure string or plain text to a secure string using ConvertTo-SecureString.
This cmdlet is used in conjunction with ConvertFrom-SecureString and Read-Host:
ConvertTo-SecureString [-String] SomeString ConvertTo-SecureString [-String] SomeString [-SecureKey SecureString] ConvertTo-SecureString [-String] SomeString [-Key Byte[]] ConvertTo-SecureString [-String] SomeString [-AsPlainText] [-Force]
17) ConvertTo-XML :
Use the ConvertTo-XML cmdlet to create an XML-based representation of an object. This is also called serialization, and it’s a useful process for saving data for later re-use. Note that it’s important that your expression writes objects to the pipeline. Anything using Write-Host won’t write to the pipeline and therefore can’t be serialized.
Here’s an example of ConvertTo-XML in action:
Get-Service wuauserv -ComputerName chi-dc04,chi-p50,chi-core01 | Export-Clixml -Path c:\work\wu.xml
The specific cmdlet used in the above example, Export-Clixml, is suitable for most purposes. It converts the output of a PowerShell expression to XML and saves it to a file.
18) New-AppLockerPolicy :
New-AppLockerPolicy creates a new AppLocker policy from a list of file information and other rule creation options. In total, there are five cmdlets that enable you to interact with AppLocker, including :
For example,Create an AppLocker policy:
C:\PS>Get-ChildItem C:\Windows\System32\*.exe | Get-AppLockerFileInformation | New-AppLockerPolicy -RuleType Path -User Everyone -Optimize -XML
19) New-ItemProperty:
New-ItemProperty creates a new property for an item and sets its value. You can use it to create and change registry values and data (properties of a registry key), for instance.
For Example:
New-ItemProperty
-Path
Registry::HKEY_LOCAL_MACHINE\SOFTWARE\MyApp
-Name
MyKey
-Value
1
-PropertyType
DWord
-Force
-Force parameter is required to override value if it already exists.
20) New-Object :
To create an instance of a Microsoft .NET Framework or Component Object Model (COM) object, use the New-Object cmdlet.
Here’s an example that creates a new object using New-Object, stores it in a variable, then pipes it to Add-Member, which will then add properties or methods specified in the object created:
$ourObject = New-Object -TypeName psobject $ourObject | Add-Member -MemberType NoteProperty -Name ComputerName -Value $computerInfo.Name $ourObject | Add-Member -MemberType NoteProperty -Name OS -Value $osInfo.Caption $ourObject | Add-Member -MemberType NoteProperty -Name 'OS Version' -Value $("$($osInfo.Version) Build $($osInfo.BuildNumber)") $ourObject | Add-Member -MemberType NoteProperty -Name Domain -Value $computerInfo.Domain $ourObject | Add-Member -MemberType NoteProperty -Name Workgroup -Value $computerInfo.Workgroup $ourObject | Add-Member -MemberType NoteProperty -Name DomainJoined -Value $computerInfo.Workgroup $ourObject | Add-Member -MemberType NoteProperty -Name Disks -Value $diskInfo $ourObject | Add-Member -MemberType NoteProperty -Name AdminPasswordStatus -Value $adminPasswordStatus $ourObject | Add-Member -MemberType NoteProperty -Name ThermalState -Value $thermalState
21) New-WebServiceProxy :
New-WebServiceProxy creates a web service proxy object that enables you to use and manage the web service from within PowerShell. This cmdlet is a beautiful thing for developers – it makes it unnecessary to write a lot of complex code to try to accomplish something in PowerShell when you can simply call another service that already makes it possible.
Here’s an example:
$url = http://<webapp>.azurewebsites.net/CreateSite.asmx $proxy = New-WebServiceProxy $url $spAccount = "<username>" $spPassword = Read-Host -Prompt "Enter password" –AsSecureString $projectGuid = "" $createOneNote = $false
22) New-WSManInstance :
Similarly to New-WebServiceProxy, New-WSManInstance creates a new instance of a management resource.
For Example:
New-WSManInstance winrm/config/Listener -SelectorSet @{Address="*";Transport="HTTPS"} -ValueSet @{Hostname="Test01";CertificateThumbprint="01F7EB07A4531750D920CE6A588BF5"}
23) New-WSManSessionOption :
New-WSManSessionOption creates a new management session hash table that’s used as input parameters to other WS-Management cmdlets including:
Here’s the syntax :
New-WSManSessionOption [-NoEncryption] [-OperationTimeout] [-ProxyAccessType] [-ProxyAuthentication] [-ProxyCredential] [-SkipCACheck] [-SkipCNCheck] [-SkipRevocationCheck] [-SPNPort] [-UseUTF16] [<CommonParameters>]
24) Select-Object :
The Select-Object cmdlet selects the specified properties of a single object or group of objects. Additionally, it can select unique objects from an array or a specified number of objects from the beginning or end of an array.
For Example:
PS > Get-Process | Sort-Object name -Descending | Select-Object -Index 0,1,2,3,4
There are other cmdlets with similar functions including:
25) Set-Alias :
Set-Alias is a great command for enhancing productivity. It allows you to set an alias for a cmdlet or other command element in the current session (similar to a keyboard shortcut) so you can work faster.
The following example sets Notepad to np in the current session using Set-Alias:
New-Alias np c:\windows\system32\notepad.exe
Note that you can also customize your PowerShell profile with the aliases you use most often.
26) Set-StrictMode :
Set-StrictMode establishes and enforces coding rules in scripts, script blocks, and expressions. It’s a useful command for enforcing code quality and preventing you from slacking off and writing sloppy code when it’s 3:00 a.m. and you haven’t had any sleep in two days .
To use it, there are two parameters to consider: -Off and -Version, and -Version has three possible values:
For Example:
-off [<SwitchParameter>]
Turn strict mode off. This parameter also turns off "Set-PSDebug -Strict".
27) Wait-Job :
Wait-Job suppresses the command prompt until background jobs running in the current session are complete. Wait-Job doesn’t show the output from jobs, however, but it can be used in conjunction with Receive-Job. Multithreading is possible in PowerShell thanks to -Jobs.
### Start-MultiThread.ps1 ### $Computers = @("Computer1","Computer2","Computer3") #Start all jobs ForEach($Computer in $Computers){ Start-Job -FilePath c:ScriptGet-OperatingSystem.ps1 -ArgumentList $Computer } #Wait for all jobs Get-Job | Wait-Job #Get all job results Get-Job | Receive-Job | Out-GridView 1 2 3 4 5 6 7 8 9 10 11 12 13 ### Start-MultiThread.ps1 ### $Computers = @("Computer1","Computer2","Computer3") #Start all jobs ForEach($Computer in $Computers){ Start-Job -FilePath c:ScriptGet-OperatingSystem.ps1 -ArgumentList $Computer } #Wait for all jobs Get-Job | Wait-Job #Get all job results Get-Job | Receive-Job | Out-GridView
28) Write-Progress:
Who doesn’t love a status bar? Monitor your progress using Write-Progress, which displays a progress bar within a Windows PowerShell command window.
Here’s an example that gives you a full progress bar and runtime strings:
$TotalSteps = 4 $Step = 1 $StepText = "Setting Initial Variables" $StatusText = '"Step $($Step.ToString().PadLeft($TotalSteps.Count.ToString().Length)) of $TotalSteps | $StepText"' $StatusBlock = [ScriptBlock]::Create($StatusText) $Task = "Creating Progress Bar Script Block for Groups" Write-Progress -Id $Id -Activity $Activity -Status (& $StatusBlock) -CurrentOperation $Task -PercentComplete ($Step / $TotalSteps * 100)
There are also a variety of cmdlets useful for developers for troubleshooting, testing, debugging, and monitoring purposes. Here are a few you need to know.
29) Debug-Process :
Developers love debugging! Well, we like it even more when there are no bugs to eliminate, but sadly that’s not always the case. With PowerShell, you can debug a process using the Debug-Process cmdlet.
You can also debug jobs using Debug-Job .
And, you can set breakpoints or use the Wait-Debugger cmdlet:
PS C:\> $job = Start-Job -ScriptBlock { Set-PSBreakpoint C:\DebugDemos\MyJobDemo1.ps1 -Line 8; C:\DebugDemos\MyJobDemo1.ps1 } PS C:\> $job PS C:\> Debug-Job $job
30) Disable-PSBreakpoint :
If you have at one time set breakpoints but want to eliminate them, do so easily using Disable-PSBreakpoint, which disables breakpoints in the current console.
Here’s the syntax:
Disable-PSBreakpoint [-Breakpoint] [-PassThru] [-Confirm] [-WhatIf] [] Disable-PSBreakpoint [-Id] [-PassThru] [-Confirm] [-WhatIf] []
Alternatively, if you want to enable breakpoints in the current console, use Enable-PSBreakpoint.
31) Get-Counter :
Get-Counter gets real-time performance counter data from the performance monitoring instrumentation in Windows OS. It’s used to get performance data from local or remote computers at specific sample intervals that you specify.
In this example, you’ll get a counter set with a sample interval for a specified maximum sample :
PS C:\> Get-Counter -Counter "\Processor(_Total)\% Processor Time" -SampleInterval 2 -MaxSamples 3
In the example below, this command gets specific counter data from multiple computers:
The first command saves the **Disk Reads/sec** counter path in the $DiskReads variable. PS C:\> $DiskReads = "\LogicalDisk(C:)\Disk Reads/sec" The second command uses a pipeline operator (|) to send the counter path in the $DiskReads variable to the **Get-Counter** cmdlet. The command uses the **MaxSamples** parameter to limit the output to 10 samples. PS C:\> $DiskReads | Get-Counter -Computer Server01, Server02 -MaxSamples 10
32) Export-Counter :
Export-Counter exports PerformanceCounterSampleSet objects as counter log files. Two properties are available:
And several methods, all of which are inherited from Object:
For example, the following command uses Get-Counter to collect Processor Time data and exports it to a .blg file using Export-Counter :
Get-Counter "\Processor(*)\% Processor Time" | Export-Counter -Path C:\Temp\PerfData.blg
33) Test-Path :
Test-Path lets you verify whether items exist in a specified path. For instance, if you’re planning to use another command on a specified file, you may need to verify that the file exists to avoid throwing an error.
Test-Path C:\Scripts\Archive
If the folder exists, it will return True; if it doesn’t, it will return False.
It can also work with the paths used by other PowerShell providers. For instance, if you need to know if your computer has an environment variable called username, you could use the following:
Test-Path Env:\username
Test-Path works with variables, certificates, aliases, and functions.
34) Get-WinEvent :
Look at Windows event logs using Get-WinEvent.
For a list of available logs, use:
Get-WinEvent -ListLog *
Then, to review the details of a specific log, replace * with the name (pipe the output to format-list to view all the details):
Get-WinEvent -ListLog $logname | fl *
You can also view all the events in a log by using:
Get-WinEvent -LogName System
35 ) Invoke-TroubleshootingPack :
Troubleshooting packs are collections of PowerShell scripts and assemblies that help you troubleshoot, diagnose, and repair common system problems.
Find troubleshooting packs at:
C:\Windows\Diagnostics\System
You can run this script to get a list of all the troubleshooting packs available on the current system:
Get-ChildItem C:\Windows\Diagnostic\System
Then, from an elevated PowerShell window, run a troubleshooting pack using this command:
Invoke-TroubleshootingPack (Get-TroubleshootingPack C:\Windows\diagnostics\system\networking)
36) Measure-Command :
If you want to time operations in PowerShell, Measure-Command is a must-know cmdlet. It measures how long a script or scriptblock to run.
Here’s an example :
Measure-Command { Mount-SPContentDatabase –Name wss_content_portal –WebApplication http://portal.contoso.com }
The output is a TimeSpan object, so it contains properties such as Hour, Minute, Second, etc., and it’s easy to tailor the output to your preferences.
37) Measure-Object :
You might also want to know how large a given object is. Use Measure-Object to calculate the numeric properties of any object, including characters, words, and lines in a string object, such as files of text.
Just specify the name and the type of measurement to perform, along with parameters such as :
The following command sums the VirtualMemorySize property values for all process objects:
Get-Process | measure VirtualMemorySize -Sum
38) New-Event :
New-Event is used to create a new event. A related cmdlet is New-EventLog, which creates a new event log as well as a new event source on a local or remote computer. If you have an automation engine supported by PowerShell, it’s a good practice to set up an event log (by creating a custom Event Log Type) that logs all messages sent by PowerShell.
This is one example where you can implement Custom Logging in Event Viewer.Start by creating a new Event Log LogName:
New-EventLog -LogName Troubleshooting_Log -Source FalloutApp
Then, to send messages to your new event log, run the following using the Write-Log cmdlet:
Write-EventLog -log Troubleshooting_Log -source FalloutApp -EntryType Information -eventID 10 -Message "FalloutApp has been successfully installed"
39) Receive-Job :
If you need to get the results of Windows PowerShell background jobs in the current session, use Receive-Job. This is usually used after using Start-Job to begin a job when you need to view the specific results.
Receive-Job -Name HighMemProcess
40) Register-EngineEvent :
This cmdlet is used to subscribe to the events generated by the Windows PowerShell engine and the New-Event cmdlet.
For example, the following command subscribes to an event when the current PowerShell session exits and saves information (such as date and time) to a log file :
Register-EngineEvent PowerShell.Exiting -Action {"PowerShell exited at " + (Get-Date) | Out-File c:\log.txt -Append}