PowerShell Cheat Sheet

Published by on May 9, 2018 in Net Admin

Powershell cheatsheet

When it comes to running commands on Windows, PowerShell has become somewhat of an ace in the hole. For years enthusiasts were limited to the confines of the Windows command line but in 2006, PowerShell emerged as a powerful alternative. In this article we break down what PowerShell is, and provide you a definitive cheat sheet to get you started and running your own commands.

What is PowerShell?

PowerShell is an interactive Command-Line Interface (CLI) and automation engine designed by Microsoft to help design system configurations and automate administrative tasks. This tool has its own command-line with a unique programming language similar to Perl. Initially PowerShell was designed to manage objects on users’ computers.

Today PowerShell offers users an extensive environment where they can execute and automate system management tasks. The user can access resources from Active Directory to Exchange Server through one program. At its core, PowerShell allows the user to access:

  • Command Prompt
  • PowerShell Commands
  • .NET Framework API
  • Windows Management Instrumentation
  • Windows Component Object Model

As PowerShell has become an open source application, Linux and Unix-based users can now access this versatile platform. PowerShell’s is mainly used to help users automate administrative jobs. Rather than performing tedious and repetitive tasks, the user can simply create scripts and issue commands, and PowerShell will complete them automatically. The user can customize hundreds of commands, called cmdlets.

How to Use PowerShell

PowerShell is ideal for corporate administrators who run complex management operations over large corporate networks. Rather than collating information about hundreds of different servers and services manually (which would take a long time), you can simply run a script on PowerShell to automatically feed information back to you.

Generally speaking, PowerShell is most beneficial to users who have prior experience with command lines. To use PowerShell, you can run a variety of cmdlets, scripts, executables, and .NET classes. For the purposes of this article, we’re mainly going to focus on cmdlets and scripts to help you come to grips with the fundamentals.

PowerShell vs Command Prompt

For many users, PowerShell is a better alternative to Command Prompt. The reason is that it simply has more horsepower. One of the biggest differences is that PowerShell uses cmdlets rather than commands. Cmdlets place registry management and Windows Management Instrumentation within the administrative reach of users. In contrast, Command Prompt is confined to much more simple commands.

There is some cross over in syntax between the two plaforms as PowerShell will accept some command prompt commands like ipconfigtocd. However these are known as aliases rather than cmdlets. Another key difference is that PowerShell is centered on objects. Every piece of data output from a cmdlet is an object rather than text. This makes it easier for the user to navigate their way around complex data. The inclusion of the .NET framework also enables PowerShell scripts to use .NET interfaces. In short, PowerShell is Command Prompt on steroids.

1. Loading Up PowerShell

Before we delve into the basics of using PowerShell, you first need to access the main interface. If you are a Windows 10 user then you will already have access to PowerShell 5. Windows 8-8.1 users have access to PowerShell 4, but if you’re on Windows 7, you’re going to need to install it with a .Net Framework. Across all operating systems, PowerShell offers two distinct interfaces.

The more advanced is the Integrated Scripting Environment, which acts as a comprehensive GUI for experienced users. The basic alternative is the PowerShell console, which provides a command line for the user to input their commands. Beginners are advised to stick with the latter until they learn the fundamentals of PowerShell.

In order to start PowerShell on Windows 10, you need to be an Administrator. Log in as an administrator, click Start, and scroll through your apps until you locate Windows PowerShell. Right click and select Run as Administrator. On Windows 8.1, simply search for PowerShell in your System folder. Similarly, on Windows 7 the default directory for PowerShell is the Accessories folder after you’ve installed the program.

2.  How to Run Cmdlets

how to run cmdlets powershell

In a nutshell, a cmdlet is a single-function command. You input cmdlets into the command line just as you would with a traditional command or utility. Cmdlets are the main way to interact with the CLI. In PowerShell, most cmdlets are written in C# and comprised of instructions designed to perform a function that returns a .NET object.

Over 200 cmdlets can be used in PowerShell. Windows PowerShell command prompt isn’t case-sensitive, so these commands can be typed in either upper or lower case. The main cmdlets are listed below:

  • Get-Location – Get the current directory
  • Set-Location – Get the current directory
  • Move-item – Move a file to a new location
  • Copy-item – Copy a file to a new location
  • Rename – item Rename an existing file
  • New-item – Create a new file

For a full list of commands available to you, use the Get-Command cmdlet. In the command line you would enter the following:  

 PS C:\> Get-Command

It is important to note that Microsoft restricts users from using custom PowersShell cmdlets in its default settings. In order to use PowerShell cmdlets, you need to change the ExecutionPolicy from Restricted to RemoteSigned. Remote Signed will allow you to run your own scripts but will stop unsigned scripts from other users.

To change your Execution policy, type in the following PowerShell command:

PS C:\>   Set-ExecutionPolicy

To change to RemoteSigned, type the following command:

PS C:\> Set-ExecutionPolicy -ExecutionPolicy RemoteSigned

Make sure you’re on an Administrator account so that you have permission to set a new execution policy.

3. How to Run Scripts

how to run scripts powershell

Script-based processes and commands are part of the foundation of PowerShell’s versatility. In PowerShell, a script is essentially a text file with a ps1 extension in its filename. To create a new script you can simply open the Windows notepad, type your commands, and save with ‘.ps1’ at the end of the name.

To run a script, enter its folder and filename into the PowerShell window :

PS c:\powershell\mynewscript.ps1

Once you’ve done this, your selected script will run.

4. Overlap with Windows Commands

When you’re new to PowerShell it can feel overwhelming to try and learn a whole new library of commands. However, what most new users don’t realize is that the syntax used on Windows command-line overlaps with PowerShell. This is made easier by the fact that PowerShell isn’t case sensitive.

Much like Command Prompt, on PowerShell the cd command still changes directories, and dir still provides a list of files within the selected folder. As such, it’s important to remember you aren’t necessarily starting from scratch. Taking this onboard will help to decrease the learning curve you face when using PowerShell and decrease the amount of new commands that you have to learn.

That being said, it is important to note that these aren’t considered complete PowerShell commands so much as they are aliases (Powershell’s name for Windows command prompt commands). So even though you can try some of Command Prompt’s commands in PowerShell, you should learn as much as you can about the new ones. Nonetheless, Command Prompt experience can definitely help new users to come to grips with PowerShell and hit the ground running.

5. Backing Up an SQL Database

powershell SQL

Many people use PowerShell to back up SQL databases. The command-line interface can conduct full database backups, file backups, and transaction log backups. There are many ways to backup a database in PowerShell, but one of the simplest is to use the Backup-SqlDatabase command. For example:  

PS C:\> Backup-SqlDatabase -ServerINstance “Computer\Instance” -Database “Databasecentral”

This will create a database backup of a database with the name ‘Databasecentral’ (or the name of your chosen database’.

To backup a transaction log, you would input:

PS C:\> Backup-SqlDatabase -ServerInstance “Computer\Instance”  -Database “Databasecentral” -BackupAction Log

This will create a transaction log of the selected database.

6. Essential PowerShell Commands

Using aliases will only get you so far on PowerShell, so it’s important to commit to learning everything you can about PowerShell’s native commands. We touched on some of these above, but we’re going to break down the main ones in much more detail below.

Get-Help

This command should be at the very top of any new user’s list when it comes to PowerShell. The Get-Help command can be used to literally get help with any other PowerShell command. For example, if you know the name of a command, but you don’t know what it does or how to use it, the Get-Help command provides the full command syntax.

For example, if you wanted to see how Get-Process works, you would type:

 PS C:\> Get-Help -Name Get-Process

 PS C:\> Set-ExecutionPolicy

As touched on earlier in this guide, Microsoft has a restricted execution policy that prevents scripting on PowerShell unless you change it. When setting the execution policy, you have four options to choose from:

  • Restricted – The default execution policy that stops scripts from running.
  • All Signed – Will run scripts if they are signed by a trusted publisher
  • Remote Signed – Allows scripts to run which have been created locally
  • Unrestricted – A policy with no restrictions on running scripts

PS C:\> Get-ExecutionPolicy

If you’re using PowerShell, you may not always work on a server that you’re familiar with. Running the command Get-Execution Policy will allow you to see which policy is active on the server before running a new script. If you then see the server in question operating under a restricted policy, you can then implement the Set-ExecutionPolicy command to change it.

Get-Service

One of the most important commands is Get-Service, which provides the user with a list of all services installed on the system, both running and stopped. This cmdlet can be directed by using specific service names or objects.

For example if you were to type PS C:\> Get-Service, you would be shown a list of all services on your computer, their statuses, and display names.

To use this command to retrieve specific services, type:   PS C:\ Get-Service “WMI*” to retrieve all services that begin with WMI.

If you wanted to restrict output to active services on your computer, input the following command:

PS C:\ Get-Service | Where-Object {$_.Status -eq “Running”}

ConvertTo-HTML 

When using PowerShell, you might want to generate a report about the information you’ve seen. One of the best ways to do this is by using the ConvertTo-HTML command. This cmdlet allows you to build reports with tables and colour, which can help to visualize complex data. Simply choose an object and add it to the command. For example you could type:  

Get-PSDrive | ConvertTo-Html

This returns a mass of information, so it’s a good idea to limit it to a file with the Out-File command. A better alternative command is:

Get-PSD Drive | ConvertTo-Html | Out-File -FilePath PSDrives.html

This will then generate an html file in table form. For example:

powershell html table

You can then add your own colours and borders to refine its presentation.

Export-CSV (and Get-Service)

No less important for increasing visibility is the Export-CSV command. It allows you to export PowerShell data into a CSV file. Essentially, this command creates a CSV file compiling all of the objects you’ve selected in PowerShell. Every object has its own line or row within the CSV file. This command is primarily used to create spreadsheets and share data with external programs.

To use this command, you would type:

PS C:\> Get-Service | Export-CSV c:\service.csv

It’s important to remember not to format objects before running the Export-CSV command. This is because formatting objects results in only the formatted properties being placed into the CSV file rather than the original objects themselves. In the event that you want to send specific properties of an object to a CSV file, you would use the Select-Object cmdlet.

To use the Select-Object cmdlet, type:

PS C:\> Get-Service | Select-Object Name, Status | Export-CSV c:\Service.csv

Get-Process

If you want to view all processes currently running on your system, the Get-Process command is very important. To get a list of all active processes on your computer, type:

PS C:\ Get-Process

Notice that if you don’t specify any parameters, you’ll get a breakdown of every active process on your computer. To pick a specific process, narrow the results down by process name or process ID and combine that with the Format-List cmdlet, which displays all available properties. For example:

PS C:\ Get-Process windowrd, explorer | Format-List *

This provides you with comprehensive oversight of all active processes.

Get-EventLog

get eventlog security cmdlet

If you ever want to access your computer’s event logs (or logs on remote computers) while using PowerShell, then you’re going to need the Get-EventLog command. This cmdlet only works on classic event logs, so you’ll need the Get-WinEvent command for logs later than Windows Vista.

To run the event log command, type:

PS C:\> Get-EventLog -List

This will show all event logs on your computer.

One of the most common reasons user look at event logs is to see errors. If you want to see error events in your log, simply type:

PS C:\> Get-EventLog -LogName System -EntryType Error

If you want to get event logs from multiple computers, specify which devices you want to view (listed below as “Server1” and “Server2”). For example:

PS C:\> Get-EventLog – LogName “Windows PowerShell” -ComputerName “local computer”, “Server1”, “Server2”.

Parameters you can use to search event logs include:

  • After – User specifies a date and time and the cmdlet will locate events that occurred after
  • AsBaseObject – Provides a System.Diagnostics.EventLogEntry for each event
  • AsString – Returns the output as strings
  • Before – User specifies a date and time and the cmdlet will locate events that occurred before
  • ComputerName – Used to refer to a remote computer
  • EntryType – Specifies the entry type of events (Error, Failure Audit, Success Audit, Information, Warning)
  • Index – Specifies index values the cmdlet finds events from
  • List – Provides a list of event logs
  • UserName – Specifies usernames associated with a given event

 Stop-Process

powershell stop-process

When using PowerShell, it’s not uncommon to experience a process freezing up. Whenever this happens, you can use Get-Process to retrieve the name of the process experiencing difficulties and then stop it with the Stop-Process command. Generally you terminate a process by its name. For example:

PS C:\> Stop-Process -Name “notepad”

In this example, the user has terminated Notepad by using the Stop-Process command.

PowerShell: A Powerful Command Line Interface

Although making the transition to PowerShell can seem quite complex, it’s command line interface operates much the same as any other. It may have its own unique cmdlets, but a wealth of online resources can help you with any administrative task you can think of. To get the most out of PowerShell, you simply need to get used to the multitude of commands available to you.

As a new user, it is easy to become daunted by PowerShell’s 200-plus cmdlets. Make sure you start out with the command line interface before graduating to the full-blown GUI. Regardless of whether you’re new to PowerShell or command line interfaces, more than enough information is available online to help you make the most of this powerful tool.

Leave a Reply

Your email address will not be published. Required fields are marked *