Search This Blog

Important PowerShell commands for Windows administrators

 

Important PowerShell commands for Windows administrators

1. Get-ComputerInfo

Answer:

Retrieves comprehensive system details including OS, hardware, and BIOS information.

Example: Use this to check a machine’s specs before troubleshooting.

2. Get-LocalGroup

Answer:

Lists all local groups on the system.

Example: Use this to check existing system roles and privileges.

3. Set-LocalUser -Name 'JohnDoe' -Password (ConvertTo-SecureString 'NewPass123!' -AsPlainText -Force)

Answer:

Changes a local user’s password.

Example: Quickly reset passwords without going through UI.

4. Get-WinEvent -ListLog *

Answer:

Lists all available Windows event logs.

Example: Use this to identify log sources for troubleshooting.

5. Get-NetAdapter

Answer:

Displays network adapters and their statuses.

Example: Use this to check if a network interface is enabled or disconnected.

6. Restart-NetAdapter -Name 'Ethernet'

Answer:

Restarts a network adapter.

Example: Use this to resolve network connectivity issues.

7. Get-ADGroup -Filter *

Answer:

Lists all Active Directory groups.

Example: Use this to audit group memberships.

8. Add-LocalGroupMember -Group 'Administrators' -Member 'JohnDoe'

Answer:

Adds a user to the Administrators group.

Example: Grant admin privileges to a specific user.

9. Remove-LocalGroupMember -Group 'Administrators' -Member 'JohnDoe'

Answer:

Removes a user from the Administrators group.

Example: Revoke admin access for security reasons.

10. Get-ADOrganizationalUnit -Filter *

Answer:

Lists all OUs in Active Directory.

Example: Use this for AD structuring and audits.

11. Get-FileHash 'C:\Path\To\File.exe'

Answer:

Generates the hash value of a file for integrity checks.

Example: Validate software authenticity before installation.

12. Enable-PSRemoting -Force

Answer:

Enables PowerShell remoting on the system.

Example: Allows remote administration of Windows servers.

13. Get-WindowsFeature

Answer:

Lists all installed and available Windows Server features.

Example: Use this before installing or removing roles.

14. Install-WindowsFeature -Name 'Web-Server' -IncludeManagementTools

Answer:

Installs the IIS web server role on a Windows Server.

Example: Quickly set up a web server.

15. Remove-WindowsFeature -Name 'Web-Server'

Answer:

Uninstalls the IIS web server role.

Example: Use this when decommissioning a web server.

16. Get-Volume

Answer:

Displays all disk volumes and their statuses.

Example: Use this to verify disk space before deploying large applications.

17. Set-DnsClientServerAddress -InterfaceAlias 'Ethernet' -ServerAddresses '8.8.8.8'

Answer:

Sets a static DNS server for a network adapter.

Example: Use this when configuring custom DNS settings.

18. Get-WindowsUpdateLog

Answer:

Generates a log file for Windows Updates.

Example: Use this to debug update failures.

19. Reset-ComputerMachinePassword

Answer:

Resets a computer’s domain trust relationship.

Example: Fixes 'Trust Relationship Failed' errors.

20. Get-VM

Answer:

Lists all virtual machines on a Hyper-V host.

Example: Monitor VM activity in virtualized environments.

21. Start-VM -Name 'TestVM'

Answer:

Starts a virtual machine.

Example: Quickly boot up a VM for testing.

22. Stop-VM -Name 'TestVM' -Force

Answer:

Forces a virtual machine to shut down.

Example: Use when a VM becomes unresponsive.

23. Get-Job

Answer:

Lists background jobs running in PowerShell.

Example: Monitor automation scripts running in parallel.

24. Receive-Job -Id 1

Answer:

Retrieves the output of a background job.

Example: Check results from a long-running script.

25. Get-ScheduledTask

Answer:

Lists all scheduled tasks on the system.

Example: Use this to audit automated system tasks.

26. Disable-ScheduledTask -TaskName 'BackupScript'

Answer:

Disables a scheduled task.

Example: Prevent automatic execution of outdated backup scripts.

27. Enable-ScheduledTask -TaskName 'BackupScript'

Answer:

Enables a previously disabled scheduled task.

Example: Restore automation after maintenance.

28. Get-Help Get-Process -Examples

Answer:

Shows command examples from PowerShell help documentation.

Example: Learn how to use a command with real examples.

29. Measure-Command { Get-Process }

Answer:

Measures how long a command takes to execute.

Example: Use this to optimize performance in scripts.

30. Write-Output 'Hello, World!' > C:\Logs\output.txt

Answer:

Writes text to a file.

Example: Use this to generate logs for automation scripts.

31. Read-Host -Prompt 'Enter password' -AsSecureString

Answer:

Prompts for user input securely.

Example: Use this for interactive scripts that require a password.

32. ConvertFrom-SecureString (Read-Host -AsSecureString)

Answer:

Converts a secure string to an encrypted standard string.

Example: Store passwords securely in automation scripts.

33. Invoke-RestMethod -Uri 'https://api.example.com/data'

Answer:

Fetches data from a REST API.

Example: Use this for integrations with cloud services.

34. New-PSDrive -Name 'X' -PSProvider FileSystem -Root '\\Server\Share'

Answer:

Maps a network drive in PowerShell.

Example: Automate drive mappings for remote file access.

35. Get-Process

Answer:

Displays all running processes.

Example: Use this to check resource-hungry applications.

36. Stop-Process -Name 'notepad' -Force

Answer:

Terminates a specific process.

Example: If Notepad is unresponsive, use this command to force-close it.

37. Restart-Computer -Force

Answer:

Forces a system restart.

Example: Use this after updates or system crashes.

38. Shutdown /s /t 0

Answer:

Shuts down the computer instantly.

Example: Automate shutdowns after maintenance tasks.

39. Get-Service

Answer:

Lists all system services and their statuses.

Example: Check if the Windows Update service is running.

40. Restart-Service -Name 'wuauserv'

Answer:

Restarts the Windows Update service.

Example: Fix stuck Windows updates.

41. Get-Disk

Answer:

Lists all available disks and their statuses.

Example: Use this to check if a new drive is detected.

42. Get-NetIPAddress

Answer:

Displays current network IP addresses.

Example: Use this to confirm network connectivity.

43. Test-NetConnection google.com -Port 443

Answer:

Checks internet connectivity via a specific port.

Example: Test HTTPS access for network issues.

44. Clear-DnsClientCache

Answer:

Clears the DNS cache.

Example: Fix issues where websites fail to load properly.

45. sfc /scannow

Answer:

Scans and repairs corrupted system files.

Example: Run this if system performance is degraded.

46. chkdsk C: /f /r

Answer:

Scans and fixes disk errors.

Example: Use this to detect and fix disk corruption.

47. Get-EventLog -LogName System -Newest 10

Answer:

Retrieves the latest 10 system log entries.

Example: Diagnose recent system crashes.

48. New-Item -Path 'C:\Logs\log.txt' -ItemType File

Answer:

Creates a new log file.

Example: Use this for logging system activity.

49. Remove-Item -Path 'C:\Temp\*' -Recurse -Force

Answer:

Deletes all files in the Temp folder.

Example: Automate disk cleanup.

50. Get-LocalUser

Answer:

Lists all local user accounts.

Example: Check if unauthorized accounts exist.

51. Set-ExecutionPolicy RemoteSigned

Answer:

Allows running signed PowerShell scripts.

Example: Enable automation scripts while keeping security intact.

52. Get-ADUser -Filter *

Answer:

Retrieves all Active Directory users.

Example: List all employees in an organization.

53. Set-ADUser -Identity 'JohnDoe' -Enabled $false

Answer:

Disables an Active Directory user.

Example: Use this when an employee leaves the company.

54. Start-Transcript -Path 'C:\Logs\session.log'

Answer:

Records PowerShell activity to a log file.

Example: Use this for auditing administrative actions.

55. ipconfig /flushdns

Answer:

Clears the DNS cache. Helps resolve domain resolution issues.

Example: If a website isn’t loading due to incorrect DNS resolution, this command may fix it.

56. Get-Clipboard

Answer:

Retrieves the contents of the clipboard. Useful for debugging copy-paste issues.

Example: Run this command to see what text is currently stored in the clipboard.

57. New-LocalUser -Name 'AdminUser' -Password (ConvertTo-SecureString 'P@ssw0rd!' -AsPlainText -Force) -FullName 'Administrator'

Answer:

Creates a new local user named 'AdminUser' with a secure password. Helpful for adding new administrative accounts.

Example: Use this command to create a temporary admin account for troubleshooting.

58. Add-LocalGroupMember -Group 'Administrators' -Member 'AdminUser'

Answer:

Adds 'AdminUser' to the Administrators group, granting elevated privileges. Useful when setting up new admin users.

Example: If a user needs administrative privileges for software installation, this command grants access.

59. Get-Process | Sort-Object -Property CPU -Descending | Select-Object -First 5

Answer:

Displays the top 5 CPU-consuming processes. Helps in diagnosing high CPU usage issues.

Example: If a server is running slowly, this command identifies which processes are consuming the most CPU resources.

60. Get-Service | Where-Object { $_.Status -eq 'Stopped' }

Answer:

Lists all stopped services on the system. Helps identify services that may need to be started for system functionality.

Example: Use this command to check if a required service like 'Print Spooler' is stopped.

61. Test-NetConnection google.com -Port 80

Answer:

Checks connectivity to google.com on port 80. Useful for network troubleshooting and verifying internet access.

Example: If a website isn't loading, use this command to test if the server is reachable.

62. New-NetFirewallRule -DisplayName 'Allow HTTP' -Direction Inbound -Action Allow -Protocol TCP -LocalPort 80

Answer:

Creates a new firewall rule to allow inbound HTTP traffic. Helps configure web server accessibility.

Example: If a local web server is not accessible, use this command to allow traffic through the firewall.

63. Get-ChildItem -Path C:\Users -Recurse

Answer:

Lists all files and folders in the Users directory recursively. Useful for file management and audits.

Example: Use this command to find all files inside a specific directory when performing an audit.

64. Get-PSDrive

Answer:

Displays all available drives, including network and system drives. Helps in managing storage.

Example: Use this command to check if a network drive is properly mounted.

65. Get-Disk | Where-Object PartitionStyle -eq 'RAW'

Answer:

Lists all unpartitioned disks. Useful for identifying new or unformatted storage devices.

Example: If a newly added hard drive isn't appearing, this command checks if it needs to be formatted.

66. Clear-RecycleBin -Force

Answer:

Empties the Recycle Bin for all users. Helps free up disk space.

Example: Run this command before performing system maintenance to clear unnecessary files.

67. Repair-WindowsImage -Online -RestoreHealth

Answer:

Repairs Windows system image issues. Helpful in resolving update failures and system corruption.

Example: If Windows updates fail repeatedly, use this command to restore system health.

68. Get-WinEvent -LogName Security

Answer:

Retrieves security event logs, including login attempts. Helps in security auditing.

Example: Use this command to check if unauthorized users tried to log into the system.

69. Get-Process | Where-Object {$_.CPU -gt 100}

Answer:

Finds processes consuming more than 100 CPU cycles. Helps in resource optimization.

Example: Use this command when a server is running slowly to identify CPU-heavy applications.

70. Disable-LocalUser -Name 'Guest'

Answer:

Disables the Guest user account. Helps in securing the system.

Example: If a company policy requires all guest accounts to be disabled, this command ensures compliance.

71. Enable-LocalUser -Name 'JohnDoe'

Answer:

Re-enables a previously disabled local user account. Useful for restoring access.

Example: If an employee returns from leave and their account was disabled, use this command to restore it.

72. Get-HotFix

Answer:

Lists all installed Windows updates and patches. Helps in update tracking.

Example: Use this command to verify if a specific security update has been installed.

73. Start-Process 'notepad.exe' -Verb RunAs

Answer:

Opens Notepad with administrator privileges. Useful for editing system files.

Example: Use this command to open Notepad as an administrator and edit the hosts file.

74. Disable-ScheduledTask -TaskName 'BackupTask'

Answer:

Disables a scheduled task. Useful for stopping unwanted automatic processes.

Example: Use this command to disable a backup job that runs during business hours.

75. Get-WmiObject -Class Win32_BIOS

Answer:

Retrieves BIOS information of the system. Useful for hardware diagnostics.

Example: Use this command to check the BIOS version before updating firmware.

76. Set-TimeZone -Id 'Pacific Standard Time'

Answer:

Changes the system time zone. Useful for configuring servers in different regions.

Example: Use this command when deploying a server in a different country.

77. Restart-NetAdapter -Name 'Wi-Fi'

Answer:

Restarts the Wi-Fi network adapter. Useful for resolving connectivity issues.

Example: If Wi-Fi is disconnected, restarting the adapter can help restore connection.

78. Get-Printer

Answer:

Lists all installed printers. Useful for troubleshooting print-related issues.

Example: Use this command to check if a network printer is installed on the system.

79. Restart-PrintSpooler

Answer:

Restarts the print spooler service. Useful when print jobs are stuck.

Example: If print jobs are not processing, restarting the spooler can help.

80. Get-DnsClientServerAddress

Answer:

Displays DNS server settings for all network adapters. Useful for troubleshooting DNS issues.

Example: Use this command to verify if the correct DNS server is being used.

81. Set-Clipboard -Value 'Hello, World!'

Answer:

Sets a custom value in the clipboard. Helps in automation and scripting.

Example: Use this command to pre-fill the clipboard with predefined text in an automated process.

82. Stop-Transcript

Answer:

Stops recording PowerShell session logs. Complements the Start-Transcript command.

Example: Use this command after executing important commands to stop logging.

83. Get-ADGroupMember -Identity 'Administrators'

Answer:

Lists all members of a specific Active Directory group. Useful for access control.

Example: Use this command to verify which users have administrative privileges.

84. Restart-Service -Name 'MSSQLSERVER'

Answer:

Restarts the Microsoft SQL Server service. Useful for database troubleshooting.

Example: If SQL Server becomes unresponsive, restarting the service can help restore functionality.

85. Get-WMIObject -Class Win32_ComputerSystem

Answer:

Retrieves system information like manufacturer, model, and total memory.

Example: Use this to check system hardware details remotely.

86. Get-EventLog -LogName Security -Newest 20

Answer:

Retrieves the latest 20 security logs.

Example: Use this to check login attempts and security events.

87. Get-WinEvent -LogName Application -MaxEvents 5

Answer:

Retrieves the last 5 application logs.

Example: Helps in troubleshooting software crashes.

88. Disable-LocalUser -Name 'JohnDoe'

Answer:

Disables a local user account.

Example: Use this to immediately lock out an employee who has left the company.

89. Get-ADComputer -Filter *

Answer:

Lists all computers in Active Directory.

Example: Use this to generate a report of all domain-joined machines.

90. Restart-Service -Name 'Spooler'

Answer:

Restarts the Print Spooler service.

Example: Fixes stuck print jobs without restarting the computer.

91. Test-ComputerSecureChannel -Repair

Answer:

Repairs a broken trust relationship between a domain-joined computer and the domain.

Example: Use this when a workstation loses connection to the domain.

92. Export-Csv -Path 'C:\Users\Public\report.csv'

Answer:

Exports data into a CSV file.

Example: Automate report generation for system logs, users, or processes.

93. Set-ADAccountPassword -Identity 'JohnDoe' -Reset -NewPassword (ConvertTo-SecureString -AsPlainText 'NewPass123!' -Force)

Answer:

Resets an Active Directory user’s password.

Example: Quickly reset user passwords when requested.

94. Remove-ADUser -Identity 'JohnDoe'

Answer:

Deletes an Active Directory user.

Example: Ensure deprovisioning when an employee leaves.

95. Get-LocalGroupMember -Group 'Administrators'

Answer:

Lists all members of the Administrators group.

Example: Verify who has elevated privileges.

96. New-SmbShare -Name 'SharedFolder' -Path 'C:\Shared' -FullAccess 'Everyone'

Answer:

Creates a shared folder with full access.

Example: Set up network file sharing quickly.

97. Get-SmbShare

Answer:

Lists all shared folders on the system.

Example: Check existing network shares for security audits.

98. Set-ExecutionPolicy Bypass -Scope Process

Answer:

Temporarily allows all scripts to run for the current session.

Example: Useful when testing scripts without permanently changing security settings.