Post

PowerShell Command Reference

Posted
By
7 min read

Quick-lookup for PowerShell commands organized by task category. For Windows engineers managing modules, output formatting, remote sessions, services, and networking.

Quick Navigation

Task Section
Check PS version, repositories Display Current Edition
Browse command history Reviewing Command History
Find and install modules Finding and Using Modules
Convert JSON responses Converting Output
Format pipeline output Module Output Options
Inspect object members Finding Properties and Methods
Filter, sort, display Filtering, Sorting or Showing Output
Measure performance Performance Tuning
Remote management Remote Management
Locate history files View Command History Files
Network testing Network Testing
Windows services Windows Services
Certificates Certificates
Json Web Tokens Json Web Tokens

Visual Studio Code is the preferred script authoring environment, replacing PowerShell ISE as a cross-platform editor. See Setting up Visual Studio Code.

String interpolation options - see Strings in PowerShell scripts.

Display current Edition

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26

$PSVersionTable

# Review the current register powershell module registries.
Get-PSRepository

# Set the PowerShell Gallery to a trusted source.
Set-PSRepository -Name "PSGallery" -InstallationPolicy Trusted
Get-PSRepository

# Find all the PS Package providers
Find-PackageProvider

# Find Modules
Find-Modules *DCS*

# Find Scripts
Find-Script *Windows*

# Install Tools to enable powershell module managment
Install-Module PowerShellGet

# Temporary changes to file paths to execute command lines.
Push-Location c:\Users\Jamie\Documents\repo1\
    GitVersion.exe
Pop-Location

Reviewing Command History

Open Explorer at the PSReadLine folder to browse the command history files for the authenticated user.

1
2

c:\
Explorer %APPDATA%\Microsoft\Windows\PowerShell\PSReadLine\

Finding and Using PowerShell modules

There are many communities outside of Microsoft that also provide powershell modules.

1
2

# Use wildcards to find modules
Find-Module *DSC* | Sort-Object Name

Converting Output

Web services often return JSON. Convert that data structure back into an object PowerShell can use.

1
2
3
4
5
6
7

# List all the ConvertFrom Modules
Get-Command -Verb ConvertFrom

# Ensures that Invoke-WebRequest uses TLS 1.2
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
$j = Invoke-WebRequest 'https://api.github.com/repos/Jamie-Clayton/Docs/issues' | ConvertFrom-Json
$j.Count

Module Output Options

Display the powershell output in an appropropriate format.

1
2
3
4
5
6
7
8
9
10

# List all the formating options
Get-Command -Verb Format -Module Microsoft.PowerShell.Utility

Get-Command -Verb Format | Format-Wide -Property Noun -Column 3
Get-Command -Verb Format | Format-Table
Get-Command -Verb Format | Format-List

# Renders the output into a separate Application window
Get-Command -Verb Out
Get-Command -Module hyper-v | Out-GridView

Finding all the properties and methods in an object

1
2
3

# Retrieve all the objects properties and methods for a Module. This enables you to use filtering of values.
Get-Service | Get-Member
Get-Service | gm

Filtering, Sorting or Showing Output

The default terminal view often hides available data. Use these cmdlets to filter, sort, and surface the fields you need.

1
2
3

Get-TimeZone | Get-Member
Get-ChildItem -Path ~/Downloads/ -File | Where-Object {$_.Length -GE 1000000} | Sort-Object -Property Length -Desc
Get-ChildItem -Path ~/Downloads/ -File | Sort-Object -Property Length

Performance tuning cmdlets

Monitoring the performance of your powershell commandlets and modules.

1
2
3

Measure-Command {
    # Do something here.
}

Remote Management with PowerShell

  • WinRM is the Microsoft Implementation of Remote Management.
  • WS-Man uses HTTP and HTTPS.
  • Doesn’t use port 80 or 443.
  • WinRM HTTP port 5985
  • WinRM HTTPS port 5986 (when used)
  • Production should use HTTPS (or IPSec)
  • Windows Server 2012 + above WinRM is ENABLED by default.
  • Must be enabled on Client OS via elevated PowerShell
  • Should filter data prior to returning the values to the client.
  • Requires the users to be members of the Server “Administrators” built in Group on the remote server (Domain controller).
  • Can Import-Modues from a session - ‘Implicit Remoting’.
  • Connected to computers which are not members of your domain (kerberous security is used in domain), requires use of SSL.
  • By default, the WinRM firewall exception for public profiles limits access to remote computers within the same local subnet.

Install Windows Remote Management on a Server, including SSL

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15

# Hyper V networking will have a public network adaptor that causes warnings with PS Remoting
Enable-PsRemoting -SkipNetworkProfileCheck
Get-PSSessionConfiguration

# Single commands will open/close sessions between calls. So state is lost between calls (think variable setting)
# You should be aware of where data is filtered (remotely or on the local session and impacts performance of you scripts.
# Note deserialized data comming back is not linked to the remote server objects.

[string]$name = "icecreamerydc01"
Invoke-Command -ComputerName $name {$env:computername}
Invoke-Command -ComputerName $name -ScriptBlock {Get-EventLog -logname security -newest 10}
}

# Sessions enable multiple commands to be sent and persisence between calls
# Example Get-Process | Stop-Process

Session Example

1
2
3
4
5
6
7
8
9
10
11
12
13
14

[string]$name = "icecreamerydc01"
$s = New-PSSession -ComputerName $name -Crediential (Get-Credential)
Get-PSSession
Invoke-Command -Session $s {
    # Do Stuff here
}
$s | Remove-PSsession

# Multiple Servers
$dcs = "icecreamerydc01" , "icecreamerydc02"
$s = New-PSSession -ComputerName $dcs
Invoke-Command -Session $s -ScriptBlock {$env:computername}

# Great for installing a new certificates to all the servers.

Import Remote Module example

1
2
3
4

$s = New-PSSession -ComputerName "icecreamerysrv01"
Import-Module -Name ActiveDirectory -PSSession $s
Get-Module
Get-Command -Module ActiveDirectory

View PowerShell Command History Files

Path to the specific history file written by the PSReadLine console host.

1
2

# Open Windows Explorer to view files
%APPDATA%\Microsoft\Windows\PowerShell\PSReadLine\ConsoleHost_history.txt

Network Testing

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21

Test-NetConnection -ComputerName strokefoundation.org.au -DiagnoseRouting -InformationLevel Detailed

# Resolve net bios name
nbtstat -A 10.0.0.1

# Active network connections
Netstat

# Show the current network connections
Ipconfig

# Determine the IP address of a domain name
nslookup jenasysdesign.com.au

# Powershell cmdlet, similar to nslookup
Resolve-DnsName google.com.au

Tracert google.com.au

# Powershell Connection check is available (similar to PING command) (Internet/Virtual Private Network/DisasterRecovery/DNS Blocking/Walled Gardens)
Test-Connection jenasysdesign.com.au

Windows Services

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20

# List all services
Get-Service

# List services starting with Xbox
Get-Service -Name "Xbox*"

# List services with multiple criteria
Get-Service -Include @('Jenasys*', 'Icecreamery*') | Sort-Object status
Get-Service -Include @('Jenasys*', 'Icecreamery*') | Where-Object {$_.Status -eq "Running"}
Get-Service -Include @('Jenasys*', 'Icecreamery*') | Where-Object {$_.Status -ne "Running"}
Get-Service -Include @('Jenasys*', 'Icecreamery*', 'Promo*') | Where-Object {$_.Status -eq "Stopped"}

# List processes that may cause software deployment failures on servers
Get-Process -Include @('Code', 'Note*','Chrome*')

# Stop specific services
Stop-Service -Name Promo.GeoCache*

# Alternative to the Stop-Service is the more violent (uses the kill processID approach to end the software)
Stop-Process -Name Promo.GeoCache* -Force

Certificates

Powershell Certificate commandlets

Json Web Tokens

In the following example, replace YOUR_PATH_TO_PEM with the file path where your private key is stored. Replace YOUR_CLIENT_ID with the ID of your app. Make sure to enclose the values for YOUR_PATH_TO_PEM in double quotes.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21

$client_id = YOUR_CLIENT_ID

$private_key_path = "YOUR_PATH_TO_PEM"

$header = [Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes((ConvertTo-Json -InputObject @{
  alg = "RS256"
  typ = "JWT"
}))).TrimEnd('=').Replace('+', '-').Replace('/', '_');

$payload = [Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes((ConvertTo-Json -InputObject @{
  iat = [System.DateTimeOffset]::UtcNow.AddSeconds(-10).ToUnixTimeSeconds()
  exp = [System.DateTimeOffset]::UtcNow.AddMinutes(10).ToUnixTimeSeconds()
    iss = $client_id
}))).TrimEnd('=').Replace('+', '-').Replace('/', '_');

$rsa = [System.Security.Cryptography.RSA]::Create()
$rsa.ImportFromPem((Get-Content $private_key_path -Raw))

$signature = [Convert]::ToBase64String($rsa.SignData([System.Text.Encoding]::UTF8.GetBytes("$header.$payload"), [System.Security.Cryptography.HashAlgorithmName]::SHA256, [System.Security.Cryptography.RSASignaturePadding]::Pkcs1)).TrimEnd('=').Replace('+', '-').Replace('/', '_')
$jwt = "$header.$payload.$signature"
Write-Host $jwt

References

Reference, DevOps
windows reference developer-experience
This post is licensed under CC BY 4.0 by the author.