PowerShell cmdlets for work 2022
1. manage-bde -status
machine.
-- for Bitlocker status for a local
2. manage-bde -status
-cn
Helpdesk
3. manage-bde -on c: -cn LT-PF38KVSC
a remote machine.
-- Start Bitlocker on
4. shutdown /r /f /m \\LT-PF38KVSC
5. Get-ADUser -Identity 'SBH0525' -Properties LockedOut |
Select-Object Name,Lockedout - - Test Account lockout.
6. Unlock-AdAccount
-identity
username
7. test-connection LT-PF2PTK46 -- to ping the pc in PS
8. Resolve-dnsname LT-PF2PTK46 -- nslookup replacement in
PS.
9. Add-Computer -DomainName Americas.swk.pri.com
-restart
10.Remove-Computer
11.Test-ComputerSecureChannel
12.Test-ComputerSecureChannel -Repair -Credential
sbh0525 (Get-Credential)
13.test-computerSecureChannel -verbose
14.qwinsta /server: LT-PF2PTK46 – To find who is log into the
pc at this time remote or local.
15. Get-Printer
16. Get-Printerdriver
17. Get-Printer -computerName Lt-r90t6c9e – On remote
PC.
18. Get-Printer -ComputerName LT-PF1G5JU1 | Format-List
computername,Name,Drivername,DeviceType,Type – Shows
printer layout format of the users installed printers.
19. get-ciminstance -classname win32_bios -computername
LT-PF25W69P | format-list serialnumber -- Remote PC Serial
Number lookup.
20.
test-connection LT-PF1L1AFK – Same as ping
21. Enter-PSSession -ComputerName -remote_computername Use a computer name were you see
remote Computer named.
22. manage-bde -on C:
-- To start Bit locker Manually
23. Get-WmiObject -ClassName
Win32_NetworkAdapterConfiguration -Filter
"IPEnabled='True'" -ComputerName LT-PC1F68JC |
Select-Object -Property MACAddress, Description
24. systeminfo /s:LT-PF280248
the PC.
-- system information about
25. net user /domain sbh0525
changed his password.
-- To see when the user
26. get-wmiobject -class win32_quickfixengineering
updates on local and remote pc.
– To see
27. wmic qfe list -- Or this might work too.
28. Get-NetIPConfiguration – cmdlet gets network
configuration for each available network adapter found on one
computer.
29. Get-NetIPAddress -- gets the entire IP address
configuration for the computer which could pull out a long list
of IP addresses in the result.
30. Get-NetIPAddress -AddressFamily IPv4 | ft -AutoSize
retrieve only IPv4 addresses.
-- To
31. $sess = New-CimSession -ComputerName LT-PF0Y627S
Get-NetIPAddress -CimSession $sess -AddressFamily IPv4 | ft
-AutoSize -- To get the IP address settings for the remote
computer, there is -CimSession parameter supported.
32.
(Get-ADDomainController)
33.
(enter ).HostName
34.
nltest /dsgetdc:Americas.swk.pri
35. net user /domain rjw0404
36. Get-WmiObject -Class Win32_Product | Out-File -FilePath
c:\Programlist.txt -- To see what programs are loaded on the
PC.
37. Get-WmiObject Win32_Product -ComputerName
LT-PC1F68JC -- This is on a remote pc to see their programs.
38. Get-WindowsDriver -Online -All | Out-File -FilePath
c:\driverlist.txt -- Get Drivers from windows OS
39. Get-Service – To look at all services on a machine.
40. Get-Service | Where Status -eq "Running" -- To see all
services that are running on a pc.
41. Get-Service | Where Status -eq "Stopped" – To see all the
services that are stop on a machine.
42. Get-Service | Where-Object {$_.Status -eq "Running"} |
Out-File -filepath "$Env:userprofile\Desktop\ServicesList.txt"
-- To print a list to the desktop on the machine in notepad.
43. Get-Service | Where Status -eq "Running" | Out-GridView
-- To Output them to a Running grid View in powershell.
44. Get-Service -ComputerName RemoteComputerName |
Where Status -eq "Stopped" | Out-GridView -- To output a
stopped grid view.
45. Set-Service -Name RemoteRegistry -StartupType
Automatic – This is to change it from Disabled to Automatic.
46. Get-Service -Name RemoteRegistry – This is to see the
status of the service after the change is made.
47. Get-Service -Name LanmanWorkstation -RequiredServices
-- The following command gets the services that the
LanmanWorkstation service requires.
48. Get-Service -Name LanmanWorkstation
-DependentServices -- The following command gets the
services that require the LanmanWorkstation service.
49.
Start-Service -Name RemoteRegistry
service!
– To start the
50. Stop-Service -Name RemoteRegistry -- to put it back the
way it was or a reboot will flip it back to disabled state.
51. Restart-Service -Name spooler
52. Set-Service -Name RemoteRegistry -StartupType Disabled –
This will put the service back to disabled state.
53. Get-Service | Where Status -eq "Running"
services are running.
-- To see what
54. Get-Service | Where Status -eq "Stopped" – To see what
services are stopped.
55. Get-Package
---
Get apps that are loaded on the PC.
56. Get-Package -Name "DSCAccelerator" -RequiredVersion
"2.1" | Uninstall-Package
-- Uninstall apps on a PC
57.
Net user /domain WSK0701 | find "Account active"
58. Invoke-Command -ComputerName LT-PF1NB10E
{Test-ComputerSecureChannel -verbose} -- Test on a remote
PC to see if the channel is True or False.
59.
Get-Volume – To How big the HD is.
60.
Get-Disk – To see how big the HD is.
61. Invoke-Command -ComputerName LT-PF1LAFMQ
{Get-PSDrive | Where {$_.Free -gt 0}} -- To see a remote HD
62. Invoke-Command -ComputerName LT-PF35KWTX
-ScriptBlock { Get-ComputerInfo }
-- To see the system info
on a remote PC.
63.
Get-ComputerInfo
--to a Local PC.
64. Invoke-Command -ComputerName LT-PF35KWTX
-ScriptBlock { Get-ComputerInfo -Property *BIOS* } – This let
you see just the Bios info of the remote PC.
65. Get-MpComputerStatus -- To see Antimalware Client
version. AKA Windows Defender.
66. mstsc /v:DT-MJ0DJF1R
session on a remote pc.
67. Getmac /v
/f -- To open a remote desktop
-- Get your Local mac addresses of you PC.
68. Getmac /v /s DT-MJ0DJF1R -- Returns the media access
control (MAC) address and list of network protocols associated
with each address for all network cards in each computer,
either locally or across a network.
69. Logoff rdp-tcp#9 /server:Server1 -- To log off a user
from a session by using the name of the session and server, for
example session name rdp-tcp#9 on Server1, type.
70. Get-WmiObject -cn LT-PF37QHJJ Win32_PnPSignedDriver|
select DeviceName, Manufacturer, DriverVersion -- To
retrieve the drivers of a remote or local pc.
71. Restart-Computer -Force LT-PF39DNWL,LT-PF39E7CX
To one or multiplied computers at one time.
72. Navigate to the key below in the left pane of Registry
Editor. (see screenshot below)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
NT\CurrentVersion\ProfileList
--
3 Each of the items at this hive is named with the SID of the
account. By looking at the ProfileImagePath key for each SID,
you can identify the account’s name.
73. gpresult /r /s LT-PF0ZFC6P /user Username – Need to put
in the name of the user and the PC that you are trying to find
the user info on.
74. Get-WmiObject Win32_PnPSignedDriver| select
DeviceName, Manufacturer, DriverVersion - - This will show
the device Name, Manufacturer, and Driver Version. Of the
drivers on the PC.
75.Get-ItemPropertyHKLM:\Software\Wow6432Node\Microsof
t\Windows\CurrentVersion\Uninstall\* | Select-Object
DisplayName, DisplayVersion, Publisher, InstallDate |
Format-Table –AutoSize --- PowerShell will give you a list of
all your programs, complete with the version, name of the
developer, and even the date you installed it.
76. Add-LocalGroupMember -Group "Remote Desktop Users"
-Member "SBH0525" -- To grant Remote Desktop access to a
user, you can add it to the Remote Desktop Users group by
executing this command.
77. Remove-LocalGroupMember -Group "Remote Desktop
Users" -Member "SBH0525" -- When you want to remove a
user from Remote Desktop Users, run the following command.
78. Get-LocalGroupMember -Group "Remote Desktop Users"
-- retrieve the Local Remote Desktop Users group members list.
79. Invoke-Command -ComputerName LT-PF150V5V
{Get-Service | Where Status -eq "Running"} -- Using the
invoke cmd to see the remote user info. Get-Service gets all the
services on the computer and sends the objects down the
pipeline. The Where-Object cmdlet, selects only the services
with a Status property that -EQ equals Running.
80. C:\WINDOWS\system32>netsh interface ip show config
-- Shows IP interface configs.
81. Get-NetIPInterface
82. Set-NetIPInterface -InterfaceIndex 20 -InterfaceMetric 10
-- Change the default network interface route on your PC.
Changing to ethernet card to 10 and the wireless card to 20
tells windows to default to the Ethernet card. Lower the Metric
tell windows that is the default card when you are using both
wireless and ethernet.
83. Get-WmiObject -class "Win32_PhysicalMemoryArray" -The MemoryDevices column indicates how many memory slots
are available on your computer while MaxCapacity tells you
how much total of RAM you can install.
84. Get-WmiObject -class "Win32_PhysicalMemoryArray"
-computername C-20141222B -- To get the info from a
remote computer, use -computername switch to the cmdlet.
85. Get-WmiObject Win32_PhysicalMemory | Measure-Object
-Property Capacity -Sum -- How many memory sticks and a
total of RAM installed?
86. Get-WmiObject Win32_PhysicalMemory -computername
C-20141222B | Measure-Object -Property Capacity -Sum -- And
again, adding -computername switch in the end if you want to
get the info from a remote computer
87. Get-WmiObject Win32_PhysicalMemory -computername
C-20141222B | Out-GridView -- The win32_physicalmemory
class has tons of properties that you can use to pull from your
computer, such as FormFactor, SerialNumber, Speed, etc. You
just need to call them up and format them properly. Piping out
to Out-GridView is probably the easiest way to get a clear view
of what type of RAM you have installed on your computer.
88. Get-ADDefaultDomainPasswordPolicy
Password Policy in on your domain
--To see the
89. Net Accounts – will also show you the default Password
policy as well for your domain.
90. Get-ADUser -Identity sbh0525 | select SID
SID of the user account on the machine.
-- To get the
91. Get-PhysicalDisk | Sort Size | FT FriendlyName, Size,
MediaType, SpindleSpeed, HealthStatus, OperationalStatus
-AutoSize --- How can I check the health of my disks using
PowerShell . Note that in the previous command, the wear
value shows you the overall health of your SSD drives. 0 is best,
100 is worst. This can help track how much longer your SSD
drives will last!
92. Get-PhysicalDisk | ft -AutoSize
DeviceId,Model,MediaType,BusType,Size --- example,
display the device number, model, drive type, bus type, and
size, to do this, run the command.
93. Get-Volume -DriveLetter C -- Get-Volume cmdlet, display
information about volume C, to do this, run the command:
Using Get-Volume PowerShell command below. To get drive
details.
94. PowerShell Get-Volume (Get free disk space)
95. Get-Volume – Free disk space for drive in gb.
96. Get-PSDrive – Free space in gb.
97. win32_logicaldisk – get disk space.
98. Get-CimInstance – Get drive size.