...
Powershell allows the use of aliases i.e. Get-ChildItem is the same as dir or ls. See Common Commands for more.
Pause powershell:
No Format |
---|
write-host "Press any key to continue..."
[void][System.Console]::ReadKey($true) |
This will stop powershell at a line and a user key press is necessary to continue through the script.
Common Commands
Use the Get-Alias command to view all Powershell aliases.
Manage Processes
Start-Process ; start
Stop-Process ; kill, spps
Manage Services
Start-Service ; sasv
Stop-Service ; spsv
Manage/Navigate File System
New-Item;
Move-Item ; move
Remove-Item ;
Copy-Item ; copy, cp
Get-ChildItem ; ls, dir
Set-Location ; cd, chdir
Write-Host; Read-Host
Use the "Help"
Powershell has a great built-in help system which is incredibly useful for gaining info on commands or Powershell properties. Look at the below command:
Get-Help Start-Process
This will bring up some basic information about the command such as Syntax, Description, and Related Links, BUT it can do so much more. You can control how much detail the "Help" system gives you by using certain switches such as "-Detailed", "-Full", and "-Examples". I recommend the "-ShowWindow" switch which will give you all the available details in a separate window, which is great for keeping the console window clean:
...
This function makes invoking methods much simpler. Here's a common one:
$Bitness = Get-wmiobject win32_operatingsystem
$Bitness.OSarchitecture
The former line grabs the OS object and stores it into the variable. This means one can use the variable to invoke all the methods and properties assigned to the object.
It takes two lines but is easier to use and read than the alternative:
(Get-wmiobject win32_operatingsystem).OSarchitecture
The latter would require entering the entire line to access the property. If you only need the one property then
$Bitness = (Get-wmiobject win32_operatingsystem).OSarchitecture
is better to use as it stores the string found in "OSarchitecture" instead of storing the whole object.
...
Much like, Command Line, Powershell uses Environment Variables but in a slightly different way. Environment Variables look like variables in structure, $env:SystemRoot, but use a colon.
Get-ChildItem env:
Use the above line to view the current Environment Variables.
...
Most of Powershell's commands have an output which can be transferred directly to another command. Below is a simple example.
Get-Process | Out-Gridview
Using the pipeline can produce several different results, but allow you to customize the output according to your needs.
Get-Process | sort -Property Name,ID | export-csv -Path "$env:userprofile\Desktop\processes.csv"
The above line grabs all processes, sorts them by Name then ID and finally exports them to the Desktop as a csv file. The "$env:userprofile" is an environment variable. View Environment Variables to learn more.
Scripting
Execution Policy
The Execution Policy is a safety feature which prevents scripts from running on the machine. The default policy on all new Windows OS's is Restricted which prevents all scripts from running on the machine. As such, you will have to change the policy before running any powershell scripts.
Set-ExecutionPolicy -ExecutionPolicy Bypass
The above line allows all scripts to run but it alters the settings for the entire machine. You can specify how far the policy is implemented however.
Set-ExecutionPolicy -ExecutionPolicy Bypass -Scope CurrentUser
will allow scripts to run for the user.
Set-ExecutionPolicy -ExecutionPolicy Bypass -Scope Process
will allow scripts to run for the current Powershell session and will not affect current policy settings.
Unfortunately, all the above require a powershell console to be open and the lines typed manually. To get around this we can use the command lilne.
Start powershell.exe -ExecutionPolicy Bypass -File "path\to\File.ps1"
Running the above line from an admin level command line will run powershell as admin, then from the powershell instance, it will run whatever .ps1 file you give it. Additionally, it won't alter the default policies set for the machine or user.
Invoking commands
Again, PowerShell is object-oriented, and every object has methods and properties. In order to view an object's methods and properties, we use the Get-Member command.
Get-Process -Name Chrome | Get-Member
shows us all the methods and properties associated with the Chrome browser. This syntax can be used with every object and command (to the best of my knowledge). Using the above syntax can get write heavy so I suggest using Get-Member's shortcut, gm.
Get-Process -Name Chrome | gm
will function the same as the former line. Once you have a property or method in mind, you can then invoke it.
If it's a method then you must use parenthesis at the end like such:
(Get-Process -Name Chrome).Start()
If it's a property then you do not need the parenthesis:
(Get-Process -Name Chrome).SessionId
If you store an object into a variable, then invoking commands becomes a bit simpler:
$Process.Start()
$Process.SessionId
External Resources
Microsoft's articles about Powershell and its modules. The commands can be found under "References" and their respective modules. Microsoft.Powershell.Core and Microsoft.PowerShell.Utility are good starts.
Several instruction videos covering several Powershell features. Scroll through contents to view specific topics. May require a @live.com or @hotmail.com account to view entire series.