Important PowerShell commands for Windows administrators
1. Get-ComputerInfo
Answer:
Retrieves comprehensive system details
including OS, hardware, and BIOS information.
Example: Use this to check a machine’s specs before troubleshooting.
2. Get-LocalGroup
Answer:
Lists all local groups on the system.
Example: Use this to check existing system roles and privileges.
3. Set-LocalUser -Name 'JohnDoe' -Password
(ConvertTo-SecureString 'NewPass123!' -AsPlainText -Force)
Answer:
Changes a local user’s password.
Example: Quickly reset passwords without going through UI.
4. Get-WinEvent -ListLog *
Answer:
Lists all available Windows event logs.
Example: Use this to identify log sources for troubleshooting.
5. Get-NetAdapter
Answer:
Displays network adapters and their
statuses.
Example: Use this to check if a network interface is enabled or disconnected.
6. Restart-NetAdapter -Name 'Ethernet'
Answer:
Restarts a network adapter.
Example: Use this to resolve network connectivity issues.
7. Get-ADGroup -Filter *
Answer:
Lists all Active Directory groups.
Example: Use this to audit group memberships.
8. Add-LocalGroupMember -Group 'Administrators' -Member
'JohnDoe'
Answer:
Adds a user to the Administrators group.
Example: Grant admin privileges to a specific user.
9. Remove-LocalGroupMember -Group 'Administrators' -Member
'JohnDoe'
Answer:
Removes a user from the Administrators
group.
Example: Revoke admin access for security reasons.
10. Get-ADOrganizationalUnit -Filter *
Answer:
Lists all OUs in Active Directory.
Example: Use this for AD structuring and audits.
11. Get-FileHash 'C:\Path\To\File.exe'
Answer:
Generates the hash value of a file for
integrity checks.
Example: Validate software authenticity before installation.
12. Enable-PSRemoting -Force
Answer:
Enables PowerShell remoting on the system.
Example: Allows remote administration of Windows servers.
13. Get-WindowsFeature
Answer:
Lists all installed and available Windows
Server features.
Example: Use this before installing or removing roles.
14. Install-WindowsFeature -Name 'Web-Server'
-IncludeManagementTools
Answer:
Installs the IIS web server role on a
Windows Server.
Example: Quickly set up a web server.
15. Remove-WindowsFeature -Name 'Web-Server'
Answer:
Uninstalls the IIS web server role.
Example: Use this when decommissioning a web server.
16. Get-Volume
Answer:
Displays all disk volumes and their
statuses.
Example: Use this to verify disk space before deploying large applications.
17. Set-DnsClientServerAddress -InterfaceAlias 'Ethernet'
-ServerAddresses '8.8.8.8'
Answer:
Sets a static DNS server for a network
adapter.
Example: Use this when configuring custom DNS settings.
18. Get-WindowsUpdateLog
Answer:
Generates a log file for Windows Updates.
Example: Use this to debug update failures.
19. Reset-ComputerMachinePassword
Answer:
Resets a computer’s domain trust
relationship.
Example: Fixes 'Trust Relationship Failed' errors.
20. Get-VM
Answer:
Lists all virtual machines on a Hyper-V
host.
Example: Monitor VM activity in virtualized environments.
21. Start-VM -Name 'TestVM'
Answer:
Starts a virtual machine.
Example: Quickly boot up a VM for testing.
22. Stop-VM -Name 'TestVM' -Force
Answer:
Forces a virtual machine to shut down.
Example: Use when a VM becomes unresponsive.
23. Get-Job
Answer:
Lists background jobs running in
PowerShell.
Example: Monitor automation scripts running in parallel.
24. Receive-Job -Id 1
Answer:
Retrieves the output of a background job.
Example: Check results from a long-running script.
25. Get-ScheduledTask
Answer:
Lists all scheduled tasks on the system.
Example: Use this to audit automated system tasks.
26. Disable-ScheduledTask -TaskName 'BackupScript'
Answer:
Disables a scheduled task.
Example: Prevent automatic execution of outdated backup scripts.
27. Enable-ScheduledTask -TaskName 'BackupScript'
Answer:
Enables a previously disabled scheduled
task.
Example: Restore automation after maintenance.
28. Get-Help Get-Process -Examples
Answer:
Shows command examples from PowerShell help
documentation.
Example: Learn how to use a command with real examples.
29. Measure-Command { Get-Process }
Answer:
Measures how long a command takes to
execute.
Example: Use this to optimize performance in scripts.
30. Write-Output 'Hello, World!' > C:\Logs\output.txt
Answer:
Writes text to a file.
Example: Use this to generate logs for automation scripts.
31. Read-Host -Prompt 'Enter password' -AsSecureString
Answer:
Prompts for user input securely.
Example: Use this for interactive scripts that require a password.
32. ConvertFrom-SecureString (Read-Host -AsSecureString)
Answer:
Converts a secure string to an encrypted
standard string.
Example: Store passwords securely in automation scripts.
33. Invoke-RestMethod -Uri 'https://api.example.com/data'
Answer:
Fetches data from a REST API.
Example: Use this for integrations with cloud services.
34. New-PSDrive -Name 'X' -PSProvider FileSystem -Root
'\\Server\Share'
Answer:
Maps a network drive in PowerShell.
Example: Automate drive mappings for remote file access.
35. Get-Process
Answer:
Displays all running processes.
Example: Use this to check resource-hungry applications.
36. Stop-Process -Name 'notepad' -Force
Answer:
Terminates a specific process.
Example: If Notepad is unresponsive, use this command to force-close it.
37. Restart-Computer -Force
Answer:
Forces a system restart.
Example: Use this after updates or system crashes.
38. Shutdown /s /t 0
Answer:
Shuts down the computer instantly.
Example: Automate shutdowns after maintenance tasks.
39. Get-Service
Answer:
Lists all system services and their
statuses.
Example: Check if the Windows Update service is running.
40. Restart-Service -Name 'wuauserv'
Answer:
Restarts the Windows Update service.
Example: Fix stuck Windows updates.
41. Get-Disk
Answer:
Lists all available disks and their
statuses.
Example: Use this to check if a new drive is detected.
42. Get-NetIPAddress
Answer:
Displays current network IP addresses.
Example: Use this to confirm network connectivity.
43. Test-NetConnection google.com -Port 443
Answer:
Checks internet connectivity via a specific
port.
Example: Test HTTPS access for network issues.
44. Clear-DnsClientCache
Answer:
Clears the DNS cache.
Example: Fix issues where websites fail to load properly.
45. sfc /scannow
Answer:
Scans and repairs corrupted system files.
Example: Run this if system performance is degraded.
46. chkdsk C: /f /r
Answer:
Scans and fixes disk errors.
Example: Use this to detect and fix disk corruption.
47. Get-EventLog -LogName System -Newest 10
Answer:
Retrieves the latest 10 system log entries.
Example: Diagnose recent system crashes.
48. New-Item -Path 'C:\Logs\log.txt' -ItemType File
Answer:
Creates a new log file.
Example: Use this for logging system activity.
49. Remove-Item -Path 'C:\Temp\*' -Recurse -Force
Answer:
Deletes all files in the Temp folder.
Example: Automate disk cleanup.
50. Get-LocalUser
Answer:
Lists all local user accounts.
Example: Check if unauthorized accounts exist.
51. Set-ExecutionPolicy RemoteSigned
Answer:
Allows running signed PowerShell scripts.
Example: Enable automation scripts while keeping security intact.
52. Get-ADUser -Filter *
Answer:
Retrieves all Active Directory users.
Example: List all employees in an organization.
53. Set-ADUser -Identity 'JohnDoe' -Enabled $false
Answer:
Disables an Active Directory user.
Example: Use this when an employee leaves the company.
54. Start-Transcript -Path 'C:\Logs\session.log'
Answer:
Records PowerShell activity to a log file.
Example: Use this for auditing administrative actions.
55. ipconfig /flushdns
Answer:
Clears the DNS cache. Helps resolve domain
resolution issues.
Example: If a website isn’t loading due to incorrect DNS resolution, this
command may fix it.
56. Get-Clipboard
Answer:
Retrieves the contents of the clipboard.
Useful for debugging copy-paste issues.
Example: Run this command to see what text is currently stored in the
clipboard.
57. New-LocalUser -Name 'AdminUser' -Password
(ConvertTo-SecureString 'P@ssw0rd!' -AsPlainText -Force) -FullName
'Administrator'
Answer:
Creates a new local user named 'AdminUser'
with a secure password. Helpful for adding new administrative accounts.
Example: Use this command to create a temporary admin account for
troubleshooting.
58. Add-LocalGroupMember -Group 'Administrators' -Member
'AdminUser'
Answer:
Adds 'AdminUser' to the Administrators
group, granting elevated privileges. Useful when setting up new admin users.
Example: If a user needs administrative privileges for software installation,
this command grants access.
59. Get-Process | Sort-Object -Property CPU -Descending |
Select-Object -First 5
Answer:
Displays the top 5 CPU-consuming processes.
Helps in diagnosing high CPU usage issues.
Example: If a server is running slowly, this command identifies which processes
are consuming the most CPU resources.
60. Get-Service | Where-Object { $_.Status -eq 'Stopped' }
Answer:
Lists all stopped services on the system.
Helps identify services that may need to be started for system functionality.
Example: Use this command to check if a required service like 'Print Spooler'
is stopped.
61. Test-NetConnection google.com -Port 80
Answer:
Checks connectivity to google.com on port
80. Useful for network troubleshooting and verifying internet access.
Example: If a website isn't loading, use this command to test if the server is
reachable.
62. New-NetFirewallRule -DisplayName 'Allow HTTP'
-Direction Inbound -Action Allow -Protocol TCP -LocalPort 80
Answer:
Creates a new firewall rule to allow
inbound HTTP traffic. Helps configure web server accessibility.
Example: If a local web server is not accessible, use this command to allow
traffic through the firewall.
63. Get-ChildItem -Path C:\Users -Recurse
Answer:
Lists all files and folders in the Users
directory recursively. Useful for file management and audits.
Example: Use this command to find all files inside a specific directory when
performing an audit.
64. Get-PSDrive
Answer:
Displays all available drives, including
network and system drives. Helps in managing storage.
Example: Use this command to check if a network drive is properly mounted.
65. Get-Disk | Where-Object PartitionStyle -eq 'RAW'
Answer:
Lists all unpartitioned disks. Useful for
identifying new or unformatted storage devices.
Example: If a newly added hard drive isn't appearing, this command checks if it
needs to be formatted.
66. Clear-RecycleBin -Force
Answer:
Empties the Recycle Bin for all users.
Helps free up disk space.
Example: Run this command before performing system maintenance to clear
unnecessary files.
67. Repair-WindowsImage -Online -RestoreHealth
Answer:
Repairs Windows system image issues.
Helpful in resolving update failures and system corruption.
Example: If Windows updates fail repeatedly, use this command to restore system
health.
68. Get-WinEvent -LogName Security
Answer:
Retrieves security event logs, including
login attempts. Helps in security auditing.
Example: Use this command to check if unauthorized users tried to log into the
system.
69. Get-Process | Where-Object {$_.CPU -gt 100}
Answer:
Finds processes consuming more than 100 CPU
cycles. Helps in resource optimization.
Example: Use this command when a server is running slowly to identify CPU-heavy
applications.
70. Disable-LocalUser -Name 'Guest'
Answer:
Disables the Guest user account. Helps in
securing the system.
Example: If a company policy requires all guest accounts to be disabled, this
command ensures compliance.
71. Enable-LocalUser -Name 'JohnDoe'
Answer:
Re-enables a previously disabled local user
account. Useful for restoring access.
Example: If an employee returns from leave and their account was disabled, use
this command to restore it.
72. Get-HotFix
Answer:
Lists all installed Windows updates and
patches. Helps in update tracking.
Example: Use this command to verify if a specific security update has been
installed.
73. Start-Process 'notepad.exe' -Verb RunAs
Answer:
Opens Notepad with administrator
privileges. Useful for editing system files.
Example: Use this command to open Notepad as an administrator and edit the
hosts file.
74. Disable-ScheduledTask -TaskName 'BackupTask'
Answer:
Disables a scheduled task. Useful for
stopping unwanted automatic processes.
Example: Use this command to disable a backup job that runs during business
hours.
75. Get-WmiObject -Class Win32_BIOS
Answer:
Retrieves BIOS information of the system.
Useful for hardware diagnostics.
Example: Use this command to check the BIOS version before updating firmware.
76. Set-TimeZone -Id 'Pacific Standard Time'
Answer:
Changes the system time zone. Useful for
configuring servers in different regions.
Example: Use this command when deploying a server in a different country.
77. Restart-NetAdapter -Name 'Wi-Fi'
Answer:
Restarts the Wi-Fi network adapter. Useful
for resolving connectivity issues.
Example: If Wi-Fi is disconnected, restarting the adapter can help restore
connection.
78. Get-Printer
Answer:
Lists all installed printers. Useful for
troubleshooting print-related issues.
Example: Use this command to check if a network printer is installed on the
system.
79. Restart-PrintSpooler
Answer:
Restarts the print spooler service. Useful
when print jobs are stuck.
Example: If print jobs are not processing, restarting the spooler can help.
80. Get-DnsClientServerAddress
Answer:
Displays DNS server settings for all
network adapters. Useful for troubleshooting DNS issues.
Example: Use this command to verify if the correct DNS server is being used.
81. Set-Clipboard -Value 'Hello, World!'
Answer:
Sets a custom value in the clipboard. Helps
in automation and scripting.
Example: Use this command to pre-fill the clipboard with predefined text in an
automated process.
82. Stop-Transcript
Answer:
Stops recording PowerShell session logs.
Complements the Start-Transcript command.
Example: Use this command after executing important commands to stop logging.
83. Get-ADGroupMember -Identity 'Administrators'
Answer:
Lists all members of a specific Active
Directory group. Useful for access control.
Example: Use this command to verify which users have administrative privileges.
84. Restart-Service -Name 'MSSQLSERVER'
Answer:
Restarts the Microsoft SQL Server service.
Useful for database troubleshooting.
Example: If SQL Server becomes unresponsive, restarting the service can help
restore functionality.
85. Get-WMIObject -Class Win32_ComputerSystem
Answer:
Retrieves system information like
manufacturer, model, and total memory.
Example: Use this to check system hardware details remotely.
86. Get-EventLog -LogName Security -Newest 20
Answer:
Retrieves the latest 20 security logs.
Example: Use this to check login attempts and security events.
87. Get-WinEvent -LogName Application -MaxEvents 5
Answer:
Retrieves the last 5 application logs.
Example: Helps in troubleshooting software crashes.
88. Disable-LocalUser -Name 'JohnDoe'
Answer:
Disables a local user account.
Example: Use this to immediately lock out an employee who has left the company.
89. Get-ADComputer -Filter *
Answer:
Lists all computers in Active Directory.
Example: Use this to generate a report of all domain-joined machines.
90. Restart-Service -Name 'Spooler'
Answer:
Restarts the Print Spooler service.
Example: Fixes stuck print jobs without restarting the computer.
91. Test-ComputerSecureChannel -Repair
Answer:
Repairs a broken trust relationship between
a domain-joined computer and the domain.
Example: Use this when a workstation loses connection to the domain.
92. Export-Csv -Path 'C:\Users\Public\report.csv'
Answer:
Exports data into a CSV file.
Example: Automate report generation for system logs, users, or processes.
93. Set-ADAccountPassword -Identity 'JohnDoe' -Reset
-NewPassword (ConvertTo-SecureString -AsPlainText 'NewPass123!' -Force)
Answer:
Resets an Active Directory user’s password.
Example: Quickly reset user passwords when requested.
94. Remove-ADUser -Identity 'JohnDoe'
Answer:
Deletes an Active Directory user.
Example: Ensure deprovisioning when an employee leaves.
95. Get-LocalGroupMember -Group 'Administrators'
Answer:
Lists all members of the Administrators
group.
Example: Verify who has elevated privileges.
96. New-SmbShare -Name 'SharedFolder' -Path 'C:\Shared'
-FullAccess 'Everyone'
Answer:
Creates a shared folder with full access.
Example: Set up network file sharing quickly.
97. Get-SmbShare
Answer:
Lists all shared folders on the system.
Example: Check existing network shares for security audits.
98. Set-ExecutionPolicy Bypass -Scope Process
Answer:
Temporarily allows all scripts to run for
the current session.
Example: Useful when testing scripts without permanently changing security
settings.