WINDOWS POWERSHELL
PowerShell Basics
WHY USE WINDOWS POWERSHELL?
o
o
o
o
PowerShell is a great way to manipulate server
and/or workstation components
It’s geared toward system administrators by
creating a more simplified syntax base
PowerShell is more secure than running
vbscripts
Quick analysis of various computer specs
SYSTEM REQUIREMENTS
o
o
o
o
o
o
o
Microsoft .NET Framework v2.0 or later
Windows XP/Server 2003 or later
The PowerShell install file (Download)
Windows Management Framework (Includes)
Windows Remote Management
Windows PowerShell 2.0
Background Intelligent Transfer Service (BITS)
4.0
FAMILIAR COMMANDS
o
o
o
You can use commands that you are familiar
with such as CD, PING, IPCONFIG or DIR
There are also some Unix commands that can
be used such as LS or MAN (these commands
are aliases to the actual PowerShell
commands)
Get-Alias will list the preloaded Alias’s and will
show you what Cmdlet they are mapped to
CMDLETS
o
o
o
o
o
The majority of the PowerShell functionality
comes from Cmdlet’s
Always in Verb-Noun format and never plural
(Get-WmiObject or Get-Process)
Cmdlet’s return objects not text
Retrieve list of Cmdlet’s (Get-Command)
Can tab complete
PIPING
o
o
One of the time savers in PowerShell is giving
the user the ability to pipe commands together
Ex. Get-process | select ProcessName, ID |
Sort ProcessName | FL
SCRIPTS
o
o
o
o
PowerShell scripts differ from most scripts
PowerShell scripts end in .ps1 and have to be
run inside a PowerShell window
Double clicking a PowerShell script will open
the script in notepad
Scripts must also be run in this format
SCRIPT SECURITY SETTINGS
o
o
o
o
Restricted – No scripts can be run. Windows
PowerShell can be used only in interactive mode.
AllSigned – Only scripts signed by a trusted
publisher can be run.
RemoteSigned – Downloaded scripts must be
signed by a trusted publisher before they can be
run.
Unrestricted – No restrictions; all Windows
PowerShell scripts can be run.
WINDOWS MANAGEMENT INSTRUMENTATION (WMI)
o
o
PowerShell can tap in to the WMI classes of
another computer as well your own, given you
are using administrative credentials
Ex. Get-WmiObject Win32_Product will list all of
the Microsoft installed products on your
machine (products installed by Windows
Installer)
POWERSHELL AND CREDENTIALS
o
o
o
You can use the runas command in the ‘start’
menu to run the PowerShell console as
administrator
There is a Cmdlet called Get-Credential which
can store administrative credentials in a
variable
Can’t be used to authenticate to local machine
RESTRICTION
o
o
Because WMI calls utilize the RPC protocol, the
Windows Firewall must be turned off or Remote
Administration must be enabled
The RPC protocol uses random ports
EXAMPLES
o
Pull computer serial number
o
o
Reboot a machine
o
o
(Gwmi win32_OperatingSystem –comp |
server).reboot()
Gather Logical Disk Space information
o
o
Gwmi Win32_Bios | select SerialNumber
Gwmi Win32_LogicalDisk
Show running processes
o
Gwmi Win32_Process
WORKING WITH VARIABLES
o
o
o
Variables are defined by the two following ways
[type] $variable = x or just $variable = x
To display a variable you would just type
$variable
Ex. To store the installed products on your
machine
o
$Product = gwmi Win32_Product
WORKING WITH VARIABLES CONT’D
o
o
If you displayed the contents of $Product, it
would display the entire list of products that it
pulled
To individually go through each installed
product you would need to use a ForEach
statement
MICROSOFT PRODUCTS
o
o
o
o
o
o
Server 2008 R2
Window 7
Exchange 2007/2010
System Center 2008 Suite
SQL 2008/2008 R2
SharePoint 2010
RESOURCES
o
o
o
o
www.scriptinganswers.com
www.primalscript.com
www.scriptingoutpost.com
http://www.microsoft.com/technet/scriptcente
r/topics/winpsh/convert/default.mspx
o
Site Converts VB code to PowerShell Code
NETWORK ADAPTER EXAMPLES
o
$NIC = Get-WMIObject Win32_NetworkAdapterConfiguration |
where{$_.IPEnabled -eq "TRUE“}
o
o
o
o
$NIC.EnableStatic("192.168.100.66", "255.255.255.0")
$NIC.SetGateways("192.168.100.1")
$NIC.SetDNSServerSearchOrder(“8.8.8.8”, “8.8.4.4”)
$NIC.SetDynamicDNSRegistration("FALSE")
RUNNING PROCESS EXAMPLES
o
o
Gwmi win32_process | select name | sort
name
(Gwmi win32_process | where {$_.name –
(match “processname.exe”}).terminate(1)
REMOTELY ENABLE RDP (WIN XP)
o
gwmi win32_terminalservicesetting -comp
computername).setallowtsconnections(1)
QUESTIONS?