Introduction to Basics

Installation

Download

https://github.com/powershell/powershell

Working With Services

# Get list of all the services
Get-Service
# to do multilining in powershell use pipe symbol at the end and press enter
Get-Service | #press enter

# List all the stopped services
Get-Service | Where-Object Status -eq 'Stopped'

Get-Service | where-object Status -eq 'Stopped' | select-object DisplayName,Status

# assign the values to variables
$data = Get-Service | where-object Status -eq 'Stopped' | select-object DisplayName,Status
# now call this variable to check all the data
$data #press enter
# Output the data into file as it displays on shell
$data | out-file .\services.csv
# Output the data into file formated in to comma seprated value to import into tools like Excel

$data | export-csv .\services.csv

# open in notepad
notepad .\services.csv

# diplay the content of ifle in the console
Get-Content ./services.csv

Verbs

# to list all the verbs
# more diplays subset of long list, press space bar to see more of list.
get-verb | more

# to see information about some particualr verb
get-verb -Verb Set | more
# to change the output format
get-verb -Verb Set | format-list


# to see all the verbs that belongs to one particular group
get-verb -group security | format-list

# very usefull read for verbs, to open via powershell use start command
start https://docs.microsoft.com/en-us/powershell/scripting/developer/cmdlet/approved-verbs-for-windows-powershell-commands?view=powershell-7

Aliases

Alias is a short name of full command, always type full commands, when making tools and scripts.


get-alias | more
# list all the aliases related to service noun.
get-alias -Definition *service*

gsv -Name M* -ComputerName pc1

# positional parameters,
# Positional parameters are those which we could leave due to their postion in the command.

help gsv
# removed -Name because its positional parameter
gsv M* -ComputerName pc1
# shorten the parameter name, works same
gsv M* -Comp pc1

Three Important commands

# get-command
get-command -verb new
get-command -verb get -noun *dns*
get-command -name *fire* -CommandType Function
get-command -name *ip* -module net*
get-command -name *ip* -module NetTCPIP
get-command -CommandType Function | measure-object

# get-help
get-help | more
# stars arround service are wild cards, command below will give us the all help which have name service withiin them
get-help *service* | more
help get-service
# install and update the help
Update-Help -UICulture en-US
# only show the examples from help that is installed about that specific command
help get-service -Examples
help get-service -Full

#about files
help *about*
get-help -Name get-command -Detailed
get-help -name *dns*


# get-member

Documenting your work

# create dirctory
md c:\scripts\transcripts

cd c:\scripts

help get-histroy

get-history

invoke-history -id 24

get-history | out-file .\transcripts\history.txt

clear-history

help start-transcript

start-transcript -path .\transcripts\transcript-1.txt -append

stop-transcript

Objects in powershell

get-member

  • powershell treats data as objects
  • powershell is object oriented
  • contain properties and methods
# get-member is used to see what makes up an object
# Gets properties and methods of objects
get-service | get-member


## pipelining in powershell

get something | sort somethings | do somethings

Example
get-service | where-object status -eq 'stopped' | start-service

get-service -ComputerName Client01, DC01 | where-ibject status -eq 'Stopped' | select-object Name,MachineName,Status | Sort-object -Property MachineName | more

get-service | select-object Name,MachineName,Status

get-service | select-object Name,MachineName,Status | get-member

Gathering Information with Powershell

Gather info Process

  1. Get-command

get-command -Name get-fire

  1. Get-Help or Help

help Get-NetFirewallRule

  1. Get-Member

Get-NetFirewallRule | get-member

Command betlow will find all the firewall rules whose name have remote in them

Get-NetFirewallRule -Name Remote

FT is formate in table form.

Get-NetFirewallRule -Name RemoteDesktop | FT

Enable all the rules that matches the criteria.

Whatif parameter will just show the output of the command if it will be executed, it will not actually change the value.

Get-NetFirewallRule -Name RemoteDesktop | Set-NetFirewallRule -Enabled ‘True’ -whatif

Enable one rule

Get-NetFirewallRule -Name RemoteDesktop-UserMode-In-TCP | Set-NetFirewallRule -Enabled ‘True’ -whatif

  • Computer and hardware

  • Networking

  • Files and Folders

Troubleshooting

  • identify the issues
  • find root cause
  • determine and implement a solution
  • implement the plan and verify reuslts

Last updated on Feb 5, 2021