Windows PowerShell comes installed by default in every Windows, starting with Windows 7 SP1 and Windows Server 2008 R2 SP1. If you are interested in PowerShell 6 and later, you need to install PowerShell Core instead of Windows PowerShell. For that, see Installing PowerShell Core on Windows. Finding PowerShell in Windows 10, 8.1, 8.0, and 7.
If PowerShell's learning curve has kept you from embracing it for daily use, 'cool' might not be a word you'd associate with it. But PowerShell is here to stay. It's a core part of Exchange 2007, Windows Server 2008, and SQL Server 2008, and it has immense power we all need to grasp.
I'm going to put some fun into the PowerShell arena and show you a few tricks that will definitely come in handy. Besides, it is always cooler when you amaze someone with the solution from the command line. Having someone watch you right-click and fix something doesn't have the same appeal.
Note: Be careful, very careful
Yes, this is a tool worthy of the name. PowerShell can easily cause massive configuration changes, positive or negative — so protect yourself and establish a test environment for your learning experiences. Also consider using the '-confirm' parameter to test configurations before execution for certain commands.
This information is also available as a PDF download.
#1: Report all of the USB devices installed
PowerShell is Windows Management Instrumentation (WMI) aware. From PowerShell, you can make a WMI call to retrieve the USB devices installed in a local or remote system:
This will apply a filter to bring back the antecedent and dependent fields from the SERVER1 computer. Should you want the full export, you can omit the pipe and filter statement to have a comprehensive export of the USB devices on a system. I have found this useful to maintain a report for servers that have a USB license device installed so that their connectivity is maintained from the device perspective.
#2: Perform your favorite CMD tasks in PowerShell
Yes, you can stop using the DOS prompt and start doing all of those same tasks within PowerShell. This can make learning a little easier and help you become more familiar with the interface. Unfortunately, from the run prompt, there is no three-letter launcher like cmd. But powershell will launch it. You can also assign a shortcut key to PowerShell so Ctrl + Shift + P launches it directly.
#3: Kill a process in PowerShell instead of Task Manager
When you have a Windows service running that will not respond to stop commands, you can use PowerShell to perform the equivalent actions of ending the task within Task Manager. For instance, you'd do the following for BadThread.exe:
The results will be similar to this:
Once the Process ID has been identified, you can kill the errant process by entering:
At that point, the BadThread example will be hard stopped and you can resume your attempt to start the service. You can do that right here in PowerShell as well.
#4: Use PSDrive to view more than just drives
The PSDrive command lets you view objects of the Windows environment beyond traditional network, local, or removable drives. One popular view is the HKLM PSDrive to view the HKEY_LOCAL_MACHINE top-level hive of the registry. To get into the registry, enter the following command:
You are then transported into the registry hive and can view and even delete items, should you wish.
#5: Export NTFS folder permissions — recursive or not
Managing NTFS permissions is a whole separate matter, but with PowerShell, you can export the permissions to audit access or take a quick look at access control lists (ACLs) for the security configuration. This can be a great accountability mechanism to run in a scripted format periodically — or you can run it on demand to diagnose a particular issue. For example, take the following iteration:
This will give you a quick report of your security rights to the specified path (note that it won't give the share access). That alone is nothing too exciting, as it will report only the single specified path, but if you want to include recursion for the entire path, you can use other strategies. For the same path (N:Data), you'd use the Get-ChildItem command (cmdlet) within PowerShell, combined with the Get-Acl command. Consider the following example:
This will span the entire N:Data path and display the ACLs for the contents of the path. What happens here is that the Get-ChildItem provides an inventory of the file system objects, and that collection is passed to Get-Acl to provide the results for each item.
If you want to archive this to a comma-separated variable (CSV) document, you pass '| export-csv c:filename.csv' at the end of the cmdlet. You can also pass the normal '> C:filename.txt' to the end of the command to get it exported to a text file. Note that when you use the -recurse option, it does just that and will traverse the entire path you specify. So be careful when doing it across a large volume or over the network.
#6: Play with PowerShell 2.0
PowerShell 2.0 is in the Community Technology Preview (CTP) stage. It includes a graphical interface, Graphical PowerShell, and it is cool. The PowerShell scripts are saved as .ps1 files, making it easy to modify, import, and transfer scripts across systems. Figure A shows our NTFS permissions example while running in the graphical mode.Figure A
One note on PowerShell 2.0: You have to configure the execution policy through PowerShell (nongraphical version) before using the tool. Configure one of the following execution policies:
When deciding to evaluate PowerShell 2.0, note that the WS-MAN v1.1 package is required, and if you want to use the graphical interface, Microsoft .NET Framework 3.0 is required.
#7: Work from the keyboard in Graphical PowerShell
If you are familiar with the Microsoft SQL Query Analyzer environment, you will appreciate some of these keyboard shortcuts. In Graphical PowerShell, you can select a single line or multiple lines and execute them by pressing the F5 key. Also, if you have modified your script, the familiar Ctrl + S to save, Ctrl + Z to undo, Ctrl + C to copy, and Ctrl + V to paste are available to save you time in the editing and testing.
#8: Background a time-consuming task
If you have a cmdlet that will take some time to run, you can use PowerShell to send it to the background to complete. In this way, you can send a series of commands to execute at once and let them complete on their own schedule. The command to launch a background job leads with the start-psjob -command parameter. You can query PowerShell on the status of any of the jobs with the following command:
You'll see a table of results showing the current status of your jobs, with a session identifier that is unique for each job. Figure B shows one failed job.Figure B
You can remove the failed job by running the following command:
#9: Insert timestamps into PowerShell outputs
For your PowerShell tasks, you can have a timestamp entered in series so you can determine how long a single step occurs or to use as a logging mechanism for your scripts. I find this handy in Graphical PowerShell when I'm testing scripts. To insert a timestamp, enter one of the following commands as a single line within your .ps1 file:
Command | Output example |
'$(Get-Date -format g) Start logging' | 2/5/2008 9:15 PM |
'$(Get-Date -format F) Start logging' | Tuesday, February 05, 2008 9:15:13 PM |
“$(Get-Date -format o) Start logging' | 2008-02-05T21:15:13.0368750-05:00 |
There are many other formats for the Get-Date command, but these three options would generally suite most applications for timestamp purposes.
#10: Stop and smell the roses
Within PowerShell, some commands have results that scroll through the screen very quickly. If you are not exporting the results to a file, it may be impossible to view the onscreen interaction. Let's again use the Get-ChildItem command from previous example. This command can return many results depending on your path contents. We'll create a function called EasyView to make it easy to view the results onscreen by displaying one line every half-second. The EasyView function would be created as follows:
To make a PowerShell command use the EasyView function, call it with a pipe at the end of the command and then the function name as shown below:
The EasyView function is configured to display lines at a half-second interval. You can also use milliseconds for the value.
Have you been experimenting with PowerShell or using it to streamline your tasks? What are some of your favorite commands?
-->If you are using Windows 10 Anniversary Update, or Windows Server 2016, you should already have Windows PowerShell 5.1. That's because this application comes preinstalled with those operating systems.
To determine which version of Microsoft PowerShelll you are using, do the following on your Windows 7 or Windows Server 2008 R2 or Windows Server 2012 computer:
Click Start, click All Programs, click Accessories, click Windows PowerShell, and then click Windows PowerShell.
In the PowerShell console, type the following command and then press ENTER:
Information similar to the following should then be displayed in the console window:
If the returned Version number is 5.1, then you are running Windows PowerShell 5.1. If the returned Version number is not 5.1, then you'll need to install Windows PowerShell 5.1. You can download Windows Management Framework 5.1, which includes Windows PowerShell 5.1, from the Microsoft Download Center.
After you've verified that Windows PowerShell 5.1 is installed, you must make sure that PowerShell has been configured for running remote scripts. To do that, start PowerShell as an administrator. On Windows 7, Windows Server 2008 R2, Windows Server 2012, or Windows Server 2012 R2 do the following:
Click Start, click All Programs, click Accessories, click Windows PowerShell, right-click Windows PowerShell, and then click Run as administrator.
If the User Account Control dialog box appears, click Yes to verify that you want to run PowerShell under administrator credentials.
If you are running Windows 8, complete this procedure instead:
Access the Charms bar, click Search, and then right-click Windows PowerShell. You can quickly access the Charms bar on any Windows 8 computer (touch screen or non-touch screen) by holding down the Windows key and pressing C.
In the toolbar at the bottom of the screen, click Run as administrator.
If the User Account Control dialog box appears, click Yes to verify that you want to run PowerShell under administrator credentials.
After PowerShell is running, you must change the execution policy to allow the running of remote scripts. In the PowerShell console, type the following command and then press ENTER:
Note
When you run the preceding command, you might receive the following error message:> Set-ExecutionPolicy : Access to the registry key'HKEY_LOCAL_MACHINESOFTWAREMicrosoftPowerShell1ShellIdsMicrsoft.PowerShell' is denied. This error message typically occurs if you are not running PowerShell under administrator credentials. Close your session of PowerShell, and start a new session as an administrator.
To verify that the execution policy has been configured correctly, type the following at the PowerShell prompt and then press ENTER:
If you get back the following value, then everything has been configured correctly:
RemoteSigned
If you are not currently running Windows PowerShell 5.1, you'll also need to download and install Windows Management Framework 5.1 from the Microsoft Download Center. This is an installation package that includes Windows PowerShell 5.1 and Windows Remote Management (WinRM) 3.0. This installation package might be required if you, for example, are running Windows 7 SP1 and have not yet updated to Windows PowerShell 5.1. If you are running Windows Server 2016, or Windows 10 Anniversary Update, there should be no need to install Windows PowerShell 5.1. Windows PowerShell 5.1 comes preinstalled on those operating systems.
Before installing Windows Management Framework 5.1:
Make sure you have downloaded the correct version of the installation package. If you are running the 64-bit version of Windows 7 SP1, download the file Win7AndW2K8R2-KB3191566-x64.ZIP. If you are running the 32-bit version of Windows 7, download the file Win7-KB3191566-x86.ZIP.
If you are running Windows 7 on your computer, make sure that you have installed Windows 7 Service Pack 1.
If you aren't sure which version of Windows you are running, or you aren't sure if you've installed Windows 7 Service Pack 1, click Start, right-click Computer, and then click Properties. This information will be reported in the System dialog box.
To install Windows Management Framework 5.1, complete the procedure in Install and Configure WMF 5.1.
After the computer has rebooted, verify that Windows PowerShell can start and that the application can be run under administrative credentials. To do this:
Click Start, click All Programs, click Accessories, click Windows PowerShell, right-click Windows PowerShell and then click Run as administrator.
If the User Account Control dialog box appears, click Yes to verify that you want to run PowerShell under administrator credentials.
When the PowerShell console appears, you should then verify that the WinRM service is running and has been configured correctly. To verify that the service is running, type the following command at the PowerShell prompt and then press ENTER:
Information about the WinRM service will then be displayed on screen:
Windows Powershell For Windows 10 Recovery
If the service Status does not equal 'Running', start the WinRM service by typing the following command and then pressing ENTER:
After the service has started, run the following command to make sure that WinRM is using Basic authentication:
Information similar to the following will be displayed onscreen:
If basic authentication has been set to true, then you're ready to use PowerShell to connect to Skype for Business Online.
Tip
Windows Powershell For Windows 10 Download
New to Office 365?
Windows Powershell Windows 10 Home
Discover free video courses for Office 365 admins and IT pros, brought to you by LinkedIn Learning.