Module 1 - Introduction to Powershell
What is Powershell?
The Windows Powershell is a command line environment that was introduced in 2006 to Microsoft
Windows operating systems. In the past, Windows used various shells such as command.com and
cmd.exe. These legacy shells could execute some built in commands and run executables. They were
similar, although not as powerful, as the Unix/Linux shells such the BASH shell, the C Shell, the Korn Shell
and many others.
Commands on these shells could be executed and output could be written to the screen or sent (piped)
to another command for its use. This data was exchanged as text, so the receiving command had to
understand the format of the sending command. Many times we had to manipulate the output to tailor
it for the command we were sending it to. Here is an illustration of that. We will use a command to find
the list some directories on the system.
1.
Click Start, Run, and type cmd and hit enter
2. At the command prompt, type dir and hit enter
You can see that a lot of text is displayed, but let’s say we want to retrieve just the name and size. We
can’t do that with dir. Also, we would need to use some string manipulation to get the file extension of
each file. With the Powershell it is much easier. Here is the command to do all of that.
This is one of the biggest differences between Powershell and other shells. Rather than simply exchange
text, the Powershell exchanges objects. We will say that objects are collections of data for now, in
Module 3, we will learn all a lot more about how they work.
Since data is organized in this collection, we can specify what information we want. Commands that
exchange data with other commands can retrieve data in an organized way, rather than searching
through text. The above command demonstrates how you can see that we are able to get exactly the
information we need.
In addition to command line operations, Powershell provides a scripting language. Scripts are simply text
files that have a series of commands in them. Scripts usually feature logic that can make decisions or
perform repetition based on some criteria. Powershell includes a new scripting language that is very
similar to C# in syntax and structure. Administrators and developers can create scripts to package a
code into a file that can be executed rather than running a series of commands. We will learn more
about scripts later in the course.
A change that might not be obvious to beginning programmers is Powershell’s integration with the .Net
framework. The .Net framework is a collection of managed code that can do everything from web
pages, database queries, and network applications. Although there will not be an extensive discussion
of the .Net framework in this class, it will be introduced and you will be exposed to it enough to
understand many of the fundamental concepts.
PowerShell Core
If you have read about PowerShell online recently, you may have read about PowerShell Core. So what is
PowerShell Core and how does it differ from Windows PowerShell?
The current version of Windows PowerShell is 5.1. Originally, PowerShell was only available on Microsoft
Windows operating systems, but over time, Microsoft recognized that it needed to expand some of its
technologies to other operating systems. Microsoft developed an alternate version called PowerShell
Core. PowerShell Core supports several operating systems including Apple and Linux variants and
released it under an open source license. Where PowerShell is based on the .Net Framework that only
runs on Windows. PowerShell Core is based on .Net Core which supports many other operating systems.
As of this writing, PowerShell Core (version 7) can run on x64 processors for the following operating
systems:









Windows 7, 8.1, and 10
Windows Server 2008 R2, 2012, 2012 R2, 2016, and 2019
macOS 10.13+
Red Hat Enterprise Linux (RHEL) / CentOS 7+
Fedora 29+
Debian 9+
Ubuntu 16.04+
openSUSE 15+
Alpine Linux 3.8+
In order to support multiple operating systems, .Net Core and PowerShell Core don’t have all of the
Windows specific functionality that .Net and Windows PowerShell does. Because of that, PowerShell
Core has fewer cmdlets available. Eventually, it is Microsoft’s plan to have PowerShell Core be the
official version of PowerShell. You can read more about PowerShell Core here.
https://devblogs.microsoft.com/powershell/announcing-powershell-7-0/
You can download PowerShell Core using the link below. It can be installed and used at the same time
and Windows PowerShell, so you can use either whenever you like.
https://github.com/PowerShell/PowerShell/releases/tag/v7.0.0
For the purposes of this class, you can use PowerShell Core or Windows PowerShell. Each will work.
Everything you learn in this class will work in PowerShell Core, so do not worry that you are learning
something that will be useless in the near future. In reality, you are now learning a skillset that will
enable you to manage a wider variety of platforms, besides only Windows. If you have any trouble using
the examples in this course, please let me know immediately so that I can address them.
Powershell Command prompt
You can start Powershell by clicking on the icon in the Start Menu or by typing Powershell at the Run
dialog box or command line.
The Powershell command line environment looks very similar to the cmd.exe environment. The main
difference is the default background is blue and the command prompt has a PS in front of it.
In addition to PS, we also see the current directory displayed. This will be important as we navigate the
file system. In order to make the transition to Powershell easier, Microsoft has created mappings from
old commands to new commands. These mappings are called aliases. One example of an alias is cd,
which was used under DOS and Linux to change directories. The cd alias is mapped to its Powershell
equivalent Set-Location. There are many other aliases. You can view them using the get-alias
command. Here is an example.
Command Format
In order to standardize the naming convention of commands and make things somewhat intuitive,
Microsoft has chosen a verb-noun pairs. For example, the get-childitem retrieves the child items in a
container. This container can be a directory or a registry key. Typical verbs include get, set, start, stop,
new, remove, import, export, and many others. You can see a complete listing of the commands
available by typing get-command at the Powershell prompt. You can search by name using wild cards.
Here is an example of listing the get- commands.
So any previous experience you have had with DOS is still useful in Powershell. You can even create
your own aliases using the Set-Alias cmdlet. We will cover this later on.
Most of the commands we have executed so far have been single commands. One of the best
capabilities of Powershell is its ability to exchange data between commands. In order to do this, we use
the Pipe | character. The most basic syntax is below:
Command1 | Command2
What this means is the output of Command1 is sent to the input of Command2. So Command1 will run
first. Any output, remember with Powershell that will be objects, is then sent to Command2. Here is a
working example. Here we will take the Get-Alias cmdlet and pipe it to the Format-List cmdlet.
Get-Alias | Format-List
Rather than be formatted as a table, the data generated by Get-Alias is now formatted as a list. We can
use the pipe multiple times in a single command to get the desired effect. Here is an example using the
Select-Object cmdlet to define which items to show.
Get-Alias | Select-Object Name,Definition | Format-List
Combining Command into Scripts
As mentioned above, a basic description of a script is a series of commands placed in a text file that is
executed on line at a time. Scripts are usually used when a task needs to be repeated or package the
steps to perform a complex operation. An example of a repetitive task might be a script that runs and
backs up data on a nightly basis. Complex tasks are usually done as scripts so that it can be tested and
debugged before it is used. Also, once the script is production ready, it can be used again in the future
if the task should need to be repeated. An example of this could be an automated account creation
script.
One problem with scripts is their potential for malicious use. They are simple text files that can be
edited and emailed to unsuspecting people who will then click on them and run them. In a corporate
environment, this can be a big problem. Microsoft has added some security features to the Powershell
to make scripts more secure and give administrators the abilty to control which scripts can be run on a
machine. One of the first things that you will notice about Powershell scripts is that by default they
cannot be run by simply double clicking on them. This is so unsuspecting people won’t click on them
without knowing what they are doing. You must run the script at the Powershell command prompt or
run it as an argument to the Powershell command like this
While this helps with unsuspecting people, it doesn’t help with malicious people or with someone
modifying a legitimate script. To protect against that, Powershell has the ability to sign scripts. Digital
signatures provide 2 functions. First, it authenticates the user that created the script. The signature
contains this information in a way that cannot be altered. This allows an administrator to only allow
scripts from a trusted source. Secondly, it verifies that that script hasn’t been altered since it was
signed. This is important. Since it is very easy to edit a script using a text editor, someone could get a
signed script and simply modify it. If that happens, the signature verification would fail and Powershell
wouldn’t run the script.
Although we will discuss implementing signed scripts later, we need to change the execution policy of
our machine to allow unsigned scripts until we get to that point. Powershell includes the SetExecutionPolicy and Get-ExecutionPolicy cmdlets to view the current setting and modify it. The possible
options are AllSigned, RemoteSigned, Restricted, and Unrestricted. We need to use Unrestricted for
now. We can do this by executing the following command
As you see, you will be prompted with a confirmation message to confirm the change. One important
note, you must run the Powershell as an administrator in Vista and Windows 7 to make the change. You
can do this my right clicking on the Powershell and selecting Run As Administrator as illustrated below.
Using a text editor with PowerShell scripts
Now that we have configured our security policy, we can create our first script. We can do this using a
basic text editor like Notepad. In future modules we will discuss Powershell ISE and Visual Studio Code.
You can create a script by following these steps.
1.
Open Notepad
2. Type in the script code
3. Select File, Save As
4. Type in a filename that ends in .ps1 and select All Files (*.*) in the Save As Type drop down list.
5. The file should now appear where you saved it with the Powershell icon.
6. At the Powershell prompt, navigate to the directory where you saved your script and type
./Filename.ps1 (where Filename.ps1 is the name you saved your script as)
You can also simply create a .txt file and rename it to .ps1, which is the Powershell file extension. If you
choose this method, you must make sure that file extensions are being shown. If not, your files will end
up as MyScript.ps1.txt. The checkbox below must be cleared.