PowerShell has become a fundamental tool for Microsoft environments. With PowerShell, commands can be executed directly in a shell session on local machines, but also over the network.
This allows almost all Windows settings to be scripted. In addition to Windows, most other Microsoft products now also support PowerShell. But not only Microsoft products, also many third-party products offer extensions for the PowerShell. Cloud services such as Microsoft Azure and Amazon Web Services (AWS) also support PowerShell control and let users control the various cloud services from local machines.
PowerShell Core versus PowerShell
With PowerShell Core, Microsoft now offers an open source version of PowerShell that can be installed on Linux and MacOS. So with PowerShell, you can control the various operating systems and server applications very comprehensively on the network. Since the software is open source, you can simply download PowerShell Core via GitHub.
You can also install PowerShell Core on Windows machines that are Windows 7 or later, but you can also use PowerShell Core in docker containers. As with traditional PowerShell in Windows, PowerShell Core can display commands using the Get-command commandlet. PowerShell can also be started remote, using the PowerShell command in SSH sessions. When you use PowerShell Core, the pwsh command is used.
PowerShell cmdlets are subdivided into PowerShell modules. For a list of all modules, use Get-Module -ListAvailable commandlet.
Visual Studio Code (VSCode) allows you to develop cross-platform apps and applications. The source code editor is used for developing web applications, but can also be used as an integrated development environment for PowerShell. This requires the PowerShell Extension for VS Code.
Launching PowerShell
There are two ways how you can launch PowerShell
- by clicking the appropriate shortcut in the Start menu
- by typing “powershell” in a command prompt window
PowerShell Core can be launched by typing pwsh into a command-line tool (find a detailed description in the Microsoft documentation).
The command ise starts the PowerShell Integrated Scripting Environment (ISE). This is the PowerShell development environment in Windows that you can use to create and test PowerShell scripts.
The advantage of PowerShell ISE is that it makes suggestions for cmdlets that you can select when you type commands. This technology is also called IntelliSense. In addition, the commands are color coded so that you can better distinguish between options. If you enter commands in the upper area, they will not be executed immediately, but will be listed first as in a normal script. When you are done entering commands, you can start executing them by clicking the green play icon with the Run Script tooltip.
The Show-Command cmdlet opens a new window in the traditional PowerShell that displays all the commands that are available in the PowerShell. It uses part of the PowerShell Integrated Scripting Environment (ISE) window. You can search for commands in the window and view help about the command and examples.
PowerShell displays all available commands.
To protect Windows, PowerShell includes several security features, including execution policy. The execution policy determines whether scripts can run and whether they must be digitally signed. By default, the PowerShell blocks unsigned scripts in the PowerShell. You can use the Set-ExecutionPolicy cmdlet to change the execution policy and use Get-ExecutionPolicy to view the settings. The following settings are available:
- Restricted – No scripts allowed.
- AllSigned – Only signed scripts are allowed.
- RemoteSigned – With this setting you must have scripts signed by a certification authority. This setting is the default setting in Windows Server 2016/2019.
- Unrestricted – All scripts work with this setting.
Getting Started with PowerShell
When you type Get-Command, you see all the commands that PowerShell provides. Very few users know all the cmdlets and their various options that Microsoft provides by heart. Use Get-Command >C:Command.txt to redirect all commands to the C:Command.txt file.
Use the Update-Help command to update the PowerShell help files over an existing Internet connection. If you use the -Online option for the Get-Help cmdlet, for example, with Get-Help Get-Command -Online, a browser window opens with detailed help about the command.
Almost all cmdlets have four types:
- There are cmdlets that have the prefix New- to create something, such as New-Item.
- The same cmdlet then still exists with Remove- to delete something, such as Remove-Item.
- If you want to customize the object, there is a Set- prefix, for example, Set-Item.
- Finally, there is the Get- cmdlet, for example, Get-Item, to get information about the object.
PowerShell cmdlets are supposed to consist of one of the “allowed” verbs and a noun in the singular, separated by a hyphen. The list of allowed verbs is obtained with Get-Verb. The Camel case notation should be used.
Monitoring and managing computers with PowerShell
The PowerShell provides detailed help. If you only remember part of a command, you can work with the * wildcard. For example, Get-Command *computer displays all cmdlets whose names end with “computer”. If the command you’re looking for is not listed, you can also use multiple wildcards, such as Get-Command *computer*. This command displays all commands that contain the word “computer” anywhere. In PowerShell, you can also work with the physical drives on the PC. For example, to get the physical hard disks, use the Get-PhysicalDisk command.
By entering columns after |fl, you can specify advanced information and hide unimportant information. An example of this is Get-PhysicalDisk |fl FriendlyName, BusType, CanPool, Manufacturer, Healthstatus. This works with all Get cmdlets. With Get-Disk you can also display all hard disks. To view the partitioning, choose Get-Disk | Get-Partition.
A common administration task is to manage the running processes on a computer. You can also use PowerShell to do this. You can use the Get-Process command to view all of a computer’s running processes. For example, if you only want to see all processes that start with “S”, type the Get-Process s* command. If you also want to sort the processes, for example, in descending order by CPU time, type Get-Process s* followed by the pipe operator |Sort-Object cpu -Descending. This operation passes the result of a cmdlet to another cmdlet that continues processing.
Get- cmdlets display information about objects. The |fl input formats the output. This is the Format-List cmdlet, which formats the result of a cmdlet and displays it in the PowerShell. If you don’t want to see all the information, but just individual parameters, you can separate them by “|fl” commas. To do this, simply specify one of the columns that you queried with the Get- cmdlet.
Of course, there are many other cmdlets besides these, such as Start- and Stop- or Export- and Import- cmdlets. For example, in PowerShell, you can start and stop services with Start-Service, Stop-Service, Get-Service, and Set-Service.
Using the PowerShell over the Network
You can use the File/New Remote PowerShell tab menu command in the PowerShell ISE to set up a PowerShell session to another computer on the network.
Open a remote connection in PowerShell ISE.
However, for this to work, you must enable remote administration on the target computer, for example, from the command prompt with winrm quickconfig. Enable-PSRemoting -force also enables remote administration in PowerShell. The command also enables the exceptions in the Windows Defender firewall. You can use Disable-PSRemoting -force to disable remote administration of a computer from PowerShell. For such administrative commands, you must start PowerShell with administrative privileges, for example, from the context menu of the icon in the Start menu. In remote PowerShell sessions, you use the same cmdlets that can be used on the local computer.
There are also cmdlets that you start locally, but that run commands on remote computers even if you have not previously set up a RemotePowerShell session. However, not all cmdlets allow remote administration. The quickest way to see which cmdlets are compatible is to verify that the cmdlet supports the -ComputerName option. Use the Get-Help * -Parameter ComputerName command to display a list of these cmdlets. For example, if you want to start programs on a remote computer from a local PowerShell session over the network, use the following command:
Invoke command -ComputerName -ScriptBlock { } -credential
Read our article on Getting Started with PowerShell Remoting for more details and a step by step guide.
Creating Scripts with the PowerShell ISE
If you repeatedly run certain command sequences or develop a PowerShell script for a complex task, we recommend that you save the commands in a file instead of typing them individually. The file extension for Windows PowerShell scripts is .ps1. To start a script, you must always specify a fully qualified path to the script file, even if the script is in the current folder. For example, if you want to start the test.ps1 script in the current folder, you must type “.test.ps1”. The File menu also plays a role. This is where you load PowerShell scripts into the ISE. PowerShell displays each open script in the ISE as a separate tab. In the default view, the ISE is divided into two areas
- the Script Pane (the source editor) at the top
- the PowerShell Console at the bottom.
Once you have finished typing the commands, you can start executing them by clicking the green play icon with the Run Script tooltip.
The menu item “View” allows you to customize the different areas of the ISE to your needs and to change the arrangement. For example, the area for creating scripts can be arranged on the right side. Scripts are generally quite simple. You only have to write the individual commands one below the other. You can use either PowerShell ISE or another editor.
You can edit and troubleshoot scripts during execution. If you load a script via “File/Open“, you will see its components in the command window. If you select a line in the script, you can use the “Debug/Toggle Breakpoint” menu item to set a pause in the script.
PowerShell Direct – Control Virtual Operating Systems
With PowerShell Direct, you can use PowerShell sessions on a Hyper-V host to access and perform actions on VMs on the host on Windows servers and on machines running Windows 10. However, this requires Windows Server 2016/2019 to be installed on the host. Windows 10 or Windows Server 2016/2019 is also required in the VMs. To start a session, type one of the following commands in the PowerShell session on the host:
Enter-PSSession -VMName
Invoke-Command -VMName -ScriptBlock { Commands }
To connect successfully, you must first authenticate to the session. If you want to authenticate with another user, use Enter-PSSession -VMName -Credential . Use Exit-Session to end this session. You can also pause and reestablish sessions in Windows. If sessions are interrupted, the cmdlets continue to run in the session. To do this, use the Disconnect-PSSession, Connect-PSSession, and Receive-PSSession cmdlets.
Controlling network settings with PowerShell
PowerShell can also be used to configure network settings. You can use cmdlets such as New-NetIPAddress and Get-NetIPConfiguration to do this. An example of the setup is:
New-NetIPAddress -InterfaceIndex 12 -IPAddress 192.168.178.2 -PrefixLength 24 -DefaultGateway 192.168.178.1
For connecting with a DNS server, type
Set-DNSClientServerAddress -InterfaceIndex 12 -ServerAddresses 192.168.178.4
Separate multiple DNS servers with a comma. The Set-DnsClientServerAddress -InterfaceIndex 12 -ResetServer cmdlet switches to DHCP. Be sure to use the correct index number for each network adapter. This can be obtained with Get-NetIPConfiguration. You can also name servers in PowerShell, restart them, and include them in domains. To do this, use the cmdlets
Rename Computer -Name [Computer Name] Add-Computer -DomainName [DomainName] restart computer
The Test-Connection cmdlet can test network connections, even multiple machines at once. To do this, type the command, and then type a list of the machines that you want to test. If you want to write the command in one line, for example for scripts, use the syntax:
Test-Connection -Source , -ComputerName , Target2>
This command allows you to scan multiple target computers from multiple source computers. You can also test only one machine by typing Test Connection.
If you want to perform name resolution for a server with all necessary host entries, TTL, and IP addresses, type resolve-dnsname.
Resolve-DnsName -type all displays information about the DNS zone.
To resolve the name of a computer based on the IP address, use Resolve-DnsName. PowerShell then displays the machines it finds and the associated reverse lookup zone.
Resolve-DnsName can also resolve DNS names over the Internet, for example
Resolve-DnsName www.google.de.
If you only want to display the IPv4 addresses, use (Resolve-DnsName www.google.de).ip4address.
Related posts
About the author:
Thomas Joos is a freelance IT consultant and has been working in IT since 1992. He has published more than 90 practical reference books and writes for numerous IT publications such as c’t, PC Magazin, PC Welt, IT Administrator, Computerwoche and Heise Security.