22/08/2024

Learning PowerShell can be very valuable, especially if you work in a Windows environment
or with Microsoft products. PowerShell is a powerful scripting language and command-line
shell developed by Microsoft specifically for system administration. It allows you to
automate tasks, manage systems, and access various system components using commands
and scripts.

Here are some reasons why learning PowerShell can be beneficial:

1. Automation: PowerShell is designed for task automation, making it easier to

perform repetitive tasks quickly and efficiently. This can save you a lot of time and
effort in managing systems and performing administrative tasks.
2. Integration with Microsoft products: PowerShell integrates well with Microsoft
products and services, making it a valuable tool for managing Windows-based
systems, Microsoft Azure cloud services, Exchange Server, SharePoint, and more.
3. Scripting capabilities: PowerShell is a full-featured scripting language with
support for variables, loops, functions, error handling, and more. This makes it a
versatile tool for creating complex scripts to automate various tasks.
4. Cross-platform support: While PowerShell was originally designed for Windows,
it has been made open-source and is available for other platforms like Linux and
macOS through PowerShell Core. This means you can use PowerShell to manage
systems across different operating systems.
5. Career opportunities: Knowledge of PowerShell is a valuable skill in the IT
industry, especially for system administrators, DevOps engineers, and IT
professionals working with Microsoft technologies. Having PowerShell skills can
make you more marketable and open up new career opportunities.
Overall, learning PowerShell can be a worthwhile investment, especially if you work in a
Windows-centric environment or with Microsoft technologies. It can help you streamline
your administrative tasks, improve your productivity, and advance your career in the IT field.

Powershell is worth learning for windows users. Linux users can also learn powershell but
they already have powerful bash shell which they can use. But for windows user before
powershell the only command line shell available was CMD. In fact for over two decades
CMD was the only option for windows users. But CMD is old school. And it is also not as
powerful as powershell.
VBScript is good for automation but it has two major shortcomings. One that Microsoft never
paid attention to its development. Several of windows feature are not supported in VBScript
because Microsoft did not develop it. And the other shortcoming was that VBScript is a pure
developer tool. So if you are not from developer background then you may find it difficult to
understand.

While powershell is easy to learn and you can literally manage everything in system using
powershell. So powershell is best option among CMD, VBScript and powershell.

Apart from this, powershell is a very powerful object based interactive shell. And it is highly
efficient as scripting tool also. In fact powershell is now used very commonly for scripting in
production environment. Wherever you go, if you are in windows environment you will find
powershell in use.
Powershell is very easy to learn. You can leverage powershell to automate .Net objects, COM
objects, WMI, XML or active directory. You can read excel file with powershell and create
beautiful HTML reports. In fact we can use powershell for ethical hacking and penetration
testing as well.

Since powershell is object based so output generation and formatting in powershell is much
easier and efficient than linux bash shell also.

If you are a windows user then you cannot afford to ignore powershell. If you are working in
IT industry and you know powershell then rest assured that you are having an edge over
others.

1. Built on the .NET Framework,

2. Windows PowerShell helps IT professionals to control and automate the
administration of the Windows operating system and applications that run on
Windows Server environment.
3. Windows PowerShell commands, called cmdlets, let you manage the computers from
the command line. Windows PowerShell providers let you access data stores, such as
the Registry and Certificate Store, as easily as you access the file system.

PowerShell ISE

The Windows PowerShell Integrated Scripting Environment (ISE) is a host application for
Windows PowerShell. In Windows PowerShell ISE, you can run commands and write, test,
and debug scripts in a single Windows-based graphic user interface with multiline editing, tab
completion, syntax coloring, selective execution, context-sensitive help, and support for
right-to-left languages.

You can use menu items and keyboard shortcuts to perform many of the same tasks that you
would perform in the Windows PowerShell console. For example, when you debug a script in
the Windows PowerShell ISE, to set a line breakpoint in a script, right-click the line of code,
and then click Toggle Breakpoint.

PowerShell commands-

1. $PSVersionTable - provides information about your PowerShell version, and your

platform and edition
2. $PSVersionTable.PSVersion - gives you more details about your version of
PowerShell.
3. Get-ChildItem – lists everything in your current directory
4. sl .\Desktop\ - to move between directories.
5. sl \ - to change to root directory.
6. sl .. – to change one step from the current directory.
7. Set-Location D: or sl D: - to change from C to D drive.
8. Creating new directories-
 i. mkdir sample – get into the path you want to create a new directory.
ii. mkdir a, b, c – create multiple directories
9. Deleting directories
i. rm .\sample\ - delete a directory
ii. rm a, b, c – delete multiple directories

 In Windows PowerShell, not everything is a cmdlet. There are language statements,

functions, aliases, various objects (from the .NET Framework or COM), and even
other executables—all of which are utilisable from within Windows PowerShell.
 In Windows 8 Consumer Preview, we have around 1000 commands to choose.
 In Windows 7, the situation is not quite so overwhelming, but still, you need to know
how to find what you want.

28/08/2024

BASIC COMMANDS
Help Files-

Help files in PowerShell are documentation resources that provide detailed information about
cmdlets, functions, scripts, and other elements within the PowerShell environment. These
files explain what each command does, how to use it, what parameters it accepts, examples of
usage, and more.

Key Components of Help Files:

1. Cmdlet Descriptions:
o Purpose: A summary of what the cmdlet or function does.
o Syntax: The various ways you can use the cmdlet, showing all possible
parameters and their combinations.
o Parameters: Detailed information about each parameter, including its type,
whether it’s required or optional, and any default values.
o Examples: Practical examples demonstrating how to use the cmdlet in
different scenarios.
o Inputs and Outputs: Information on what type of input the cmdlet accepts
and what type of output it produces.
o Related Links: Links to related cmdlets or topics for further reading.

2. About Topics:
o Purpose: Provides information on broader topics, such as PowerShell
concepts (e.g., pipelines, error handling), best practices, or overviews of how
to use PowerShell in specific contexts (e.g., working with objects, scripting
basics).
 o Structure: These are more like articles or chapters in a manual, providing
context and guidance beyond just individual cmdlet usage.

3. Glossary:
o Purpose: Definitions of key terms and concepts used in PowerShell.
o Utility: Useful for users new to PowerShell or needing clarification on
specific terminology.

4. Help Files for Modules:

o Module-Specific Help: Each PowerShell module can have its own set of help
files, containing documentation specific to the cmdlets and functions defined
in that module.
o Installation: When you install a new module, help files might not be included
by default. You can download and install them using the Update-Help cmdlet.

Accessing Help Files:

 Using Get-Help:
o You can access help for any cmdlet directly within PowerShell by using the
Get-Help cmdlet.
o Example:

Get-Help Get-Process

This command retrieves the help information for the Get-Process cmdlet.

 Detailed and Full Views:

o -Detailed: Provides more information, including parameter details and
examples.

Get-Help Get-Process -Detailed

o -Full: Provides the complete help file, including syntax, detailed descriptions,
parameter info, examples, and more.

Get-Help Get-Process -Full

 Viewing Examples:
o You can directly view just the examples using:

Get-Help Get-Process -Examples

 Online Help:
o If the local help files are not available, or if you want the most up-to-date
information, you can use:

`Get-Help Get-Process -Online

o This opens the official online documentation in your default web browser.
Purpose and Importance:

 Learning Tool: Help files are essential for learning how to use PowerShell
effectively, offering step-by-step guidance and explanations.
 Reference: They serve as a quick reference for syntax and usage, particularly when
dealing with complex cmdlets or unfamiliar modules.
 Offline Access: Once downloaded, help files can be accessed even when you don't
have an internet connection.

Help files are a core resource for anyone using PowerShell, from beginners to advanced
users, providing the necessary documentation to use PowerShell commands effectively.

1. Update-help –

The Update-Help cmdlet is used to download and install the latest help files directly to your
computer from the internet. If you want to update all help files, simply run:

Update-Help

This will download the most recent help files from Microsoft's servers and install them
locally, so you can access them even when you're offline.

Viewing Help Files Online with Get-Help:

If you want to view the most up-to-date help files online without downloading them, you can
use the -Online parameter with Get-Help. This will open the relevant help page in your
default web browser.

Example of Viewing Help for a Specific Cmdlet Online:

Get-Help Get-Process -Online

This command will open the official Microsoft documentation page for the Get-Process
cmdlet in your web browser.

Steps to Update and View Help Files Online:

1. Open PowerShell: Launch PowerShell with administrative privileges to ensure you

have permission to update the help files.
2. Update Local Help Files:
o Run the following command to update all help files locally:

Update-Help

3. View Help for a Specific Cmdlet Online:

o If you want to check the most recent documentation online, use:

Get-Help <Cmdlet-Name> -Online

 o Replace <Cmdlet-Name> with the name of the cmdlet you want to view. For
example:

Get-Help Get-Process -Online

Troubleshooting Tips:

 Network Issues: Ensure your internet connection is stable when running Update-
Help.
 Administrative Rights: You may need to run PowerShell as an administrator to
update help files for all users.

By using the Update-Help cmdlet, you can keep your local help files up to date, ensuring that
you have access to the latest documentation even when you're offline. Meanwhile, the Get-
Help -Online command allows you to quickly access the most recent online documentation.

2. Get-help – Windows PowerShell Help System. It displays help about Windows

PowerShell cmdlets and concepts.
A. Get-help Get-Process – This command retrieves the help information
for the Get-Process cmdlet.
B. Get-help Get-Process -online - open the official Microsoft
documentation page for the Get-Process cmdlet in your web browser.
C. Get-Help Get-Process -Detailed – Provides more information,
including parameter details and examples.
D. Get-Help Get-Process -Full - Provides the complete help file, including
syntax, detailed descriptions, parameter info, examples, and more.
E. Get-Service - used to display the status of services on a local or remote
machine. This cmdlet can be used to list all services or to filter and
display information about specific services.
F. Start-Service - cmdlet is used to start one or more stopped services on
the local or a remote computer.

Example:
Get-Help Start-Service -Detailed

This command provides detailed help content, including examples and

descriptions for using the Start-Service cmdlet.

Summary:

 Purpose: Starts a stopped service.

 Common Parameters:
o -Name: Specifies the name of the service to start.
o -DisplayName: Allows specifying the service by its
display name.
o -ComputerName: Runs the cmdlet on a remote
computer.
o -PassThru: Outputs the service object to the pipeline.
 Example Usage:
Start-Service -Name "wuauserv"

This command starts the Windows Update service (whose service

name is wuauserv) on the local computer.

i. Start-Service ALG – starts the application layer gateway

service.
ii. Stop-Service ALG – stops the application layer gateway
service.

3. Get-Process- gets details of all processes running in your local or remote system.
4. Get-Host – to get the latest version of powershell you are using
5. Get-Command- The Get-Command cmdlet in PowerShell is used to retrieve
information about cmdlets, functions, workflows, aliases, and scripts available in the
current session. It returns CmdletInfo Object.
6. (Get-Command).count – counts the number of commands available in the current
session.
7. Get-Command *service* - to get service related cmdlets in the current session.
8. (Get-Command *service*).count- to count the service service related cmdlets in the
current session.
9. Get-Command *-service* - commands having “-service” as the keyword
10. Get-Help Get-Service – to get help on how to use Get-Service command
11. Get-Command *service* | Select-Object CommandType, Name, Version,
ModuleName – to display module specific commandlets
a. CommandType: Indicates the type of command (e.g., Cmdlet, Function,
Application).
b. Name: The name of the command.
c. Version: The version of the command.
d. ModuleName: The name of the module from which the command originates.
This field will be empty for applications since they are not part of any
PowerShell module.

29/08/2024

12. Formatting the display using Format-Table

a. To display module-wise commands :
Get-Command -module Microsoft.PowerShell.Management| Format-
Table CommandType, Name, Version, Source -AutoSize -Wrap –
 The Format-Table cmdlet allows you to customize how the output is
displayed. Using the -AutoSize and -Wrap parameters ensures that the full
content is shown without truncation.
b. Get-Command *service* | Format-Table CommandType, Name, Version,
Source -AutoSize –Wrap

13. Displaying commandlets specific to Parameters-

 get-command -ParameterName ComputerName | Format-Table -
AutoSize –Wrap
 get-help Test-Connection – to check if the Test-Connection has the
ComputerName parameter
  get-command *service* -ParameterName ComputerName – to get all
command containing the substring “service” and parameter
“ComputerName”

Common Aliases:

 ls or dir for Get-ChildItem

 cls for Clear-Host
 cat for Get-Content
 rm for Remove-Item
 cp for Copy-Item
 mv for Move-Item

05/09/2024
NETWORK CONFIGURATION
Configure network settings on Windows Server using Windows PowerShell

1. Get-NetIPAddress –

The Get-NetIPAddress cmdlet gets the IP address configuration, such as IPv4

addresses, IPv6 addresses and the IP interfaces with which addresses are
associated. Without parameters, this cmdlet gets the entire IP address
configuration for the computer.
Example 1: Get IPv6 address configuration
 Get-NetIPAddress -AddressFamily IPv6
This command gets information about IP address configuration for all
IPv6 addresses on the computer.

Example 2: Get IP address information and format the output

 Get-NetIPAddress | Format-Table
This command gets information about IP address configuration, and displays
that information in a table. The table format provides a convenient overview
for computers with many IP addresses.

Example 3: Get IP address information by the interface index

 Get-NetIPAddress -InterfaceIndex 12
This command gets information about IP address configuration for a
specific interface index.
 Example 4: Get IP address information and sort the output

 Get-NetIPAddress | Sort-Object -Property InterfaceIndex | Format-

Table
This command gets information about IP address configuration, sorts
them numerically by the interface index in the cmdlet name, and then
displays them in a table format. This display can help you find IP
address information by interface index.
Example 5: Get IP address information and filter the output
 Get-NetIPAddress | Where-Object -FilterScript { $_.ValidLifetime -Lt
([TimeSpan]::FromDays(1)) }

This command gets IP address configuration for IP addresses that have

a ValidLifetime of less than one day.

 Similarly, this cmdlet can be used to get information about IP address

configuration for IP addresses that have an Infinite ValidLifetime.

Get-NetIPAddress | Where-Object -FilterScript { $_.ValidLifetime -Eq

([TimeSpan]::MaxValue) }

Example 6: Get IPv4 address information from pipeline input

 Get-NetIPAddress | ? AddressFamily -eq IPv4 | FT –AutoSize

This command gets information about IP address configuration for all
IPv6 addresses on the computer.

2. Get-NetIPConfiguration

Example 1: Get the IP configuration

 Get-NetIPConfiguration

This command gets IP configuration information. When this cmdlet is run

without parameters, it gets the IP configuration information for all of the non-
virtual connected interfaces on the computer.

Example 2: Get all IP configuration details

 Get-NetIPConfiguration -All

This command gets the IP configuration information for all of the interfaces
on the computer, including virtual interfaces, loopback interfaces, and
disconnected interfaces.

Example 3: Get the IP configuration information with a common

parameter
  Get-NetIPConfiguration -Verbose

This command gets IP configuration information. By using the Verbose

parameter, the networking cmdlets are shown to gather and format the
information displayed in this cmdlet.

Example 4: Get the IP configuration by interface index

 Get-NetIPConfiguration -InterfaceIndex 12

This command gets the IP configuration information for the interface at the
index 12.

Example 5: Get the IP configuration from pipeline input

 Get-NetIPConfiguration | Get-NetIPAddress

This command gets the IP address information, including the prefix length.

3. Test-NetConnection
The Test-NetConnection cmdlet displays diagnostic information for a
connection. It supports ping test, TCP test, route tracing, and route selection
diagnostics. Depending on the input parameters, the output can include the
DNS lookup results, a list of IP interfaces, IPsec rules, route/source address
selection results, and/or confirmation of connection establishment.

Example 1: Test ping connectivity

 Test-NetConnection
This command tests ping connectivity to a default server.

Example 2:
 Test-NetConnection www.microsoft.com
The command tests the network connectivity to www.microsoft.com by
resolving its IP address and performing a ping to check if it is reachable.

Example 3:
 Test-NetConnection -ComputerName www.microsoft.com -
InformationLevel Detailed
The command performs a comprehensive network connectivity test to
www.microsoft.com and provides detailed diagnostic information,
including results of the ping test, DNS resolution, and additional network-
related data.

Example 4:
 Test-NetConnection -ComputerName www.microsoft.com | Select –
ExpandProperty PingReplyDetails | FT Address, Status,
RoundTripTime
The command tests the network connectivity to `www.microsoft.com`,
extracts detailed ping reply information, and displays the address, status, and
round-trip time in a formatted table.
4. Resolve-DnsName
Resolve-DnsName is a command (cmdlet) in PowerShell, which is used to
query and resolve DNS (Domain Name System) names. It allows you to look
up DNS records for a given domain name or IP address, similar to the
nslookup tool.

Example 1: resolve-dnsname www.microsoft.com

 The command Resolve-DnsName www.microsoft.com in PowerShell
will perform a DNS lookup for the domain www.microsoft.com and
return its DNS information, such as the IP address or CNAME (alias)
records.

Example 2: resolve-dnsname microsoft.com -type SOA

 The command Resolve-DnsName microsoft.com -Type SOA in
PowerShell is used to query the SOA (Start of Authority) record for
the domain microsoft.com.
 Resolve-DnsName: PowerShell cmdlet to resolve DNS records.
 microsoft.com: The domain name you're querying.
 -Type SOA: Specifies the DNS record type you're querying, in this
case, the SOA record.
 What is an SOA Record?

The SOA (Start of Authority) record provides essential information

about the domain's DNS zone, including: Primary Name Server,
Responsible Email Address, Serial Number, Refresh, Retry, Expire,
TTL values

Example 3: resolve-dnsname microsoft.com -server 8.8.8.8 -type A

 Queries Google's DNS server to resolve the A records for
microsoft.com, meaning it retrieves the IP address(es) that the domain
microsoft.com points to.
 Resolve-DnsName: This is the PowerShell cmdlet used to resolve
(look up) DNS names and get specific DNS records.
 microsoft.com: This is the domain name you're querying, which in this
case is microsoft.com.
 -Server 8.8.8.8: Specifies the DNS server you want to query. 8.8.8.8 is
the IP address of Google's public DNS server. By using this option,
you're instructing the command to ask Google's DNS instead of your
local DNS server.
 -Type A: Specifies the type of DNS record to query. An A record
(Address record) maps a domain name to an IP address. The -Type A
flag tells the command to return the IP address(es) associated with
microsoft.com.
 5. Get-NetTCPConnection
The Get-NetTCPConnection cmdlet gets current TCP connections. Use this
cmdlet to view TCP connection properties such as local or remote IP address,
local or remote port, and connection state.

Example 1: Get all connections

Get-NetTCPConnection
 This command gets all current TCP connections.

Example 2: Get established connections

Get-NetTCPConnection -State Established
 This command gets all TCP connections that have an Established state.

Example 3: Get Internet TCP connections

Get-NetTCPConnection -AppliedSetting Internet
 This command gets all TCP connections that use a TCP applied setting
of Internet.

Example 4: Get Owning Process

a. Get-NetTCPConnection | Select-Object OwningProcess,

LocalAddress, LocalPort, RemoteAddress, RemotePort,
State | Sort-Object OwningProcess

 Displays list of processes running TCP connections with the owning

processes.

b. Get-NetTCPConnection | Group State, RemotePort |

Sort Count | FT Count, Name –Autosize
 used to retrieve information about active TCP connections, group them
by their state and remote port, sort them by the number of occurrences,
and display the results in a formatted table.

Example 5: Get Owning Process

Get-NetTcpConnection -OwningProcess 10660
 This command gets all Owning Process with PID 10660

Example 6: Get-NetTCPConnection | ? State -eq Established | FT

–Autosize
 used to filter and display only the Established TCP connections on the
system. The command outputs the results in a neatly formatted table,
with the columns automatically sized to fit the data.

09/09/2024
PIPELINE
Pipelines act like a series of connected segments of pipe. Items moving along the pipeline
pass through each segment. To create a pipeline in PowerShell, you connect commands
together with the pipe operator "|". The output of each command is used as input to the next
command. The notation used for pipelines is similar to the notation used in other shells.

Each command in a pipeline (called a pipeline element) passes its output to the next
command in the pipeline, item-by-item. Commands don't have to handle more than one item
at a time. The result is reduced resource consumption and the ability to begin getting the
output immediately

1. SELECTING OBJECT
get-process | select-object id, processname
You can use the Select-Object cmdlet to create new, custom Windows PowerShell objects
that contain properties selected from the objects you use to create them.

2. SORTING OBJECT
get-process | sort-object id
We can organise displayed data to make it easier to scan by using the Sort-Object cmdlet.
Sort-Object takes the name of one or more properties to sort on and returns data sorted by the
values of those properties

3. FILTERING OBJECT
The key to making the most of Windows PowerShell is to understand how objects and the
pipeline work together to let you retrieve exactly the information you need. Each command in
the pipeline generates one or more objects and passes them down the pipeline to the next
command. Integral to this process is the ability to filter the objects and their data as they pass
from one command to the next. To that end, PowerShell includes a number of cmdlets that, in
one way or another, let you create commands that refine your pipeline's output.

get-command | where-object {$_.commandtype -eq 'cmdlet'}

Where-Object is one of the most commonly used cmdlets in PowerShell and probably the one
most often used for filtering data. This cmdlet filters objects passed down the pipeline based
on the search criteria you specify in a script block included with the cmdlet. In other words,
the script block determines which objects are permitted to continue down the pipeline and
which are not.
Cmdlet vs Function
Cmdlet - Written using .NET language and compiled using .NET libraries. They come pre-
compiled and therefore cannot be customized.

Function – a script written in powershell language using the cmdlets provided by powershell.
They can be customized- we can add scope, update parameters etc.

Example

function Get-CustomService {
 $services = Get-Service
return $services
}

Execute the function by calling- Get-CustomService

https://learn.microsoft.com/en-us/powershell/module/nettcpip/set-netipv4protocol?
view=windowsserver2022-ps