PowerShell crashcourse

  • Published on

  • View

  • Download

Embed Size (px)




  • 1. Windows PowerShell Crash Course Don Jones Senior Partner & Principal Technologist Concentrated Technology, LLC

2. This slide deck was used in one of our many conference presentations. We hope you enjoy it, and invite you to use it within your own organization however you like. For more information on our company, including information on private classes and upcoming conference appearances, please visit our Web site,www.ConcentratedTech.com .For links to newly-posted decks, follow us on Twitter: @concentrateddon or @concentratdgreg This work is copyright Concentrated Technology, LLC 3. CAUTION: DEMOS AHEAD

  • This is a demonstration-intensive session (very few slides)
  • I will capture a shell transcript and save all of my scripts
  • You can download these (in a week or so) from ConcentratedTech.com (there s a Conference Materials link in the menu)

Don Jones ConcentratedTech.com 4. Welcome to the Shell

  • Why did Microsoft write PowerShell?
  • Is this a replacement for Cmd.exe or VBScript?
  • How muchscripting do I need to learn?
  • How long will PowerShell be around?
  • What versions of Windows does it work with?
  • What MS products are PowerShell-ed?

Don Jones ConcentratedTech.com 5. Command Quiz

  • Change directories
  • Make a directory
  • Get a list of files and folders
  • Display contents of a text file
  • Move a file
  • Copy a file
  • Delete a file

Don Jones ConcentratedTech.com 6. Running Commands

  • Run all the commands you re used to, with almost exactly the same syntax (Ping, Ipconfig, etc)
  • Newcmdlets have a more consistent naming convention and more consistent parameters but theyre just commands
  • UseHelpto read more; add full orexamples for even more help; use wildcards to discover more commands and help topics

Don Jones ConcentratedTech.com 7. One Set of Commands

  • The file system is a hierarchical data store
  • What other data stores does Windows use?
  • Why not treat them asdisk drives so that you can use the same set of commands?

Don Jones ConcentratedTech.com 8. Extending the Shell

  • PSSnapins (the old way)
    • Get-PSSnapin registered
    • Add-PSSnapinname
    • Get-Command pssnapinname
  • Modules (the new way)
    • Get-Module listavailable
    • Import-Modulename
    • Get-Command modulename
  • There s only one shell the pre-made shells are just pre-loading a snap-in or module for you

Don Jones ConcentratedTech.com 9. Piping

  • Just likeDir | More
  • Export-, Out-, Format-, ConvertTo- are all useful verbs for piping
  • Tip: Format- cmdlets go at the end of the pipeline. What they produce is only useful to Out-File, Out-Printer, Out-Host.

Don Jones ConcentratedTech.com 10. Output

  • Run Get-Process
  • See the resulting table?
  • Therealtable, in memory, is much bigger PowerShell just doesn t show it
  • Pipe the table to Get-Member to see other available columns
  • Or pipe it toFormat-List *(since a list can hold more data than a table)
  • You don t have to pipe stuff to a file and then grep it; you can simply refer to columns by name

Don Jones ConcentratedTech.com 11. More Piping

  • Sorting: Sort-Object (orSort)
  • Filtering: Where-Object (orWhere)
  • Grouping: Group-Object (orGroup)
  • Measuring: Measure-Object (orMeasure)
  • Use Format- cmdlets to specify the columns (calledproperties) that youd prefer to see

Don Jones ConcentratedTech.com 12. Phys Ed

  • Let s see the pipeline workin real life.
  • Volunteers needed. You may win a prize.

Don Jones ConcentratedTech.com 13. How Pipeline input works

  • Get-Service generates whytypeof table (ok, these are reallyobjects and not a table in memory, but its all just words)
  • Get-Service | Get-Member
  • So when you run Get-Service | Stop-Service how does Stop-Service know what to do with what you piped in?

Don Jones ConcentratedTech.com 14. Pipeline Input ByValue

  • Look at the parameters of Stop-Service
  • Do any of them accept pipeline inputByValueand accept the type of data being produced by Stop-Service?

Don Jones ConcentratedTech.com 15. Now Consider This

  • BITS,w32time | Stop-Service
  • Those arestrings BITS | Get-Member
  • Does Stop-Service accept anything of the type String ByValue from the pipeline?
  • This would work too: Get-Content names.txt | Stop-Service
  • World this work? Get-Process | Stop-Service Hmmm

Don Jones ConcentratedTech.com 16. Pipeline Input ByPropertyName

  • If nothing will work ByValue, then the shell tries to match up input columns with parameter names ByPropertyName
  • Let s look at Get-Process | Get-Member
  • Do any of those column names match up with parameter names of Stop-Service?
  • Do the matching parameter names accept input from the pipeline ByPropertyName?

Don Jones ConcentratedTech.com 17. Debugging Pipeline Input

  • Trace-Command -Name PipelineBinding -PSHost -expression { Get-Process | Stop-Service }

Don Jones ConcentratedTech.com 18. Fun trick!

  • Import user info from a CSV and make new users out of them

Don Jones ConcentratedTech.com 19. Workarounds

  • What about when pipelining won t work?
  • Get-WmiObject -class Win32_BIOS -computername (type names.txt)
  • Get-WmiObject -class Win32_BIOS -computername ( Get-ADComputer filter * | Select expand Name )

Don Jones ConcentratedTech.com 20. Remote Control

  • Requires PSH v2
  • RunEnable-PSRemotingto enable (or via GPO) on machines that will accept incoming connections
  • Communicates over HTTP(s); authenticates with Kerberos
  • Help about_remote*for more help

Don Jones ConcentratedTech.com 21. 1:1, 1:n Remoting

  • Enter-PSSession computernamex Exit-PSSession
  • Invoke-Command -scriptblock {command(s)} -computernamex,x,x,x
  • Notes:
    • PSComputerName property
    • FilePath switch to do a whole script

Don Jones ConcentratedTech.com 22. More Options

  • -credential
  • -port
  • -useSSL
  • Etc
  • Or create a persistent session usingNew-PSSession.
  • Get the sessions withGet-PSSession Invoke-Command scr {whatever} -session (Get-PSSession)

Don Jones ConcentratedTech.com 23. Implicit Remoting

  • Start a session (maybe save it in a $variable for ease of referring to it)
  • Import a module in the remote session
  • Import the remote session into the local shell just the commands from that module, and add a noun prefix
  • Execute remote commands as if they were local!

Don Jones ConcentratedTech.com 24. WMI

  • Get-WmiObject -classwhatever(e.g.,Win32_XXX) -computernamex,y,z - EA SilentlyContinue (why?) -Filter something (why?)
  • Let s play with that

Don Jones ConcentratedTech.com 25. Awesome Advanced Trick

  • Format-Table can accept a special item called ahashtableordictionaryas a property in a property list
  • The dictionary must contain two items
    • N: The name of the column you want to create
    • E: The value to go into the column This can even be an entirely new command! Use $_ to refer to whatever table row (object) is current
  • Use to combine WMI info from two classes into a single output! Crazy syntax, but crazy useful!

Don Jones ConcentratedTech.com 26. NOW let s do some Q&A

  • I ve got more demos to show you, but want to make sure I address your questions
  • Askem now!
  • The remainder of the session will be additional demos
  • Remember: Transcript will be downloadable; no need to copy down the syntax
  • Ask for areminder card if you want to download this stuff next week.

Don Jones ConcentratedTech.com 27. Final Notes

  • Please be sure to submit a session evaluation form!
  • Download slides & materials fromwww.ConcentratedTech.comwithin one week!
  • Blog, URLs, and other information is also available atwww.ConcentratedTech.comfor your reference
  • More resources atwww.ShellHub.com
  • Thank you very much!

Don Jones ConcentratedTech.com 28. This slide deck was used in one of our many conference presentations. W