Powershell CheatSheet
Helpful walkthrough and tips for using Powershell, sourced from the below linked site
Last updated
Helpful walkthrough and tips for using Powershell, sourced from the below linked site
Last updated
Source Site:
Press WIN + R, type in powershell, press Ctrl+Shift+Enter. Click OK to run as Administrator.
Type powershell into the Taskbar search field. Select Run as Administrator from the list of options in the right panel of the results list.
Open the Command Prompt, type powershell, and press Enter. Type start-process PowerShell -verb runas and press Enter.
*Also in the Command Prompt, type runas /netonly /user:RemoteDomain\Administrator powershell (substitute a URL or hostname for RemoteDomain)
*A note on option 4 in this list:
The /netonly option of runas applies a user account to remote targets. So, in this case, you want to run PowerShell as Administrator on a computer that is identified by RemoteDomain. The Administrator account is active on that remote device and not on the local machine, so, when prompted, give the password for the Administrator account when prompted, not the password for the Administrator account on the local computer.
In a nutshell, a cmdlet is a single-function command. You input cmdlets into the command line just as you would with a traditional command or utility. Cmdlets are the main way to interact with the CLI
In PowerShell, most cmdlets are written in C# and comprised of instructions designed to perform a function that returns a .NET object.
Over 200 cmdlets can be used in PowerShell. Windows PowerShell command prompt isn’t case-sensitive, so these commands can be typed in either upper or lower case. The main cmdlets are listed below:
Get-Location – Get the current directory
Set-Location – Get the current directory
Move-item – Move a file to a new location
Copy-item – Copy a file to a new location
Rename – item Rename an existing file
New-item – Create a new file
For a full list of commands available to you, use the Get-Command cmdlet. In the command line you would enter the following:
It is important to note that Microsoft restricts users from using custom PowerShell cmdlets in its default settings. In order to use PowerShell cmdlets, you need to change the ExecutionPolicy from Restricted to RemoteSigned. Remote Signed will allow you to run your own scripts but will stop unsigned scripts from other users.
To change your Execution policy, type in the following PowerShell command:
To change to RemoteSigned, type the following command:
Make sure you’re on an Administrator account so that you have permission to set a new execution policy.
Script-based processes and commands are part of the foundation of PowerShell’s versatility. In PowerShell, a script is essentially a text file with a ps1 extension in its filename. To create a new script you can simply open the Windows notepad, type your commands, and save with ‘.ps1’ at the end of the name.
To run a script, enter its folder and filename into the PowerShell window:
Once you’ve done this, your selected script will run.
When you’re new to PowerShell it can feel overwhelming to try and learn a whole new library of commands. However, what most new users don’t realize is that the syntax used on Windows command-line overlaps with PowerShell. This is made easier by the fact that PowerShell isn’t case sensitive.
Much like Command Prompt, on PowerShell the cd command still changes directories, and dir still provides a list of files within the selected folder. As such, it’s important to remember you aren’t necessarily starting from scratch. Taking this on board will help to decrease the learning curve you face when using PowerShell and decrease the number of new commands that you have to learn.
That being said, it is important to note that these aren’t considered complete PowerShell commands so much as they are aliases (PowerShell’s name for Windows command prompt commands). So even though you can try some of Command Prompt’s commands in PowerShell, you should learn as much as you can about the new ones. Nonetheless, Command Prompt experience can definitely help new users to come to grips with PowerShell and hit the ground running.
cd: Change Directory. This command is used to change the current working directory. In PowerShell, Set-Location can be used as well.
cls: Clear Screen. This command clears the screen of the console. In PowerShell, Clear-Host or its alias cls can be used.
dir: Directory. This command lists the files and subdirectories in the directory. In PowerShell, Get-ChildItem can be used as well.
echo: This command prints text to the console. In PowerShell, Write-Output can be used as well.
copy: This command copies files. In PowerShell, Copy-Item can be used as well.
del: Delete. This command deletes one or more files. In PowerShell, Remove-Item can be used as well.
move: This command moves files from one location to another. In PowerShell, Move-Item can be used as well.
type: This command displays the contents of a text file. In PowerShell, Get-Content can be used as well.
find: This command searches for a text string in a file. In PowerShell, Select-String can be used as well.
exit: This command closes the command prompt or terminal window. It works the same in both Command Prompt and PowerShell.
Many people use PowerShell to back up SQL databases. The command-line interface can conduct full database backups, file backups, and transaction log backups. There are many ways to backup a database in PowerShell, but one of the simplest is to use the Backup-SqlDatabase command. For example:
This will create a database backup of a database with the name ‘Databasecentral’ (or the name of your chosen database’.
To back up a transaction log, you would input:
This will create a transaction log of the selected database.
Using aliases will only get you so far on PowerShell, so it’s important to commit to learning everything you can about PowerShell’s native commands. We touched on some of these above, but we’re going to break down the main ones in much more detail below.
This command should be at the very top of any new user’s list when it comes to PowerShell. The Get-Help command can be used to literally get help with any other PowerShell command. For example, if you know the name of a command, but you don’t know what it does or how to use it, the Get-Help command provides the full command syntax.
For example, if you wanted to see how Get-Process works, you would type:
As touched on earlier in this guide, Microsoft has a restricted execution policy that prevents scripting on PowerShell unless you change it. When setting the execution policy, you have four options to choose from:
Restricted – The default execution policy that stops scripts from running.
All Signed – Will run scripts if they are signed by a trusted publisher
Remote Signed – Allows scripts to run which have been created locally
Unrestricted – A policy with no restrictions on running scripts
If you’re using PowerShell, you may not always work on a server that you’re familiar with. Running the command Get-Execution Policy will allow you to see which policy is active on the server before running a new script. If you then see the server in question operating under a restricted policy, you can then implement the Set-ExecutionPolicy command to change it.
One of the most important commands is Get-Service, which provides the user with a list of all services installed on the system, both running and stopped. This cmdlet can be directed by using specific service names or objects.
For example, if you were to type PS C:\> Get-Service, you would be shown a list of all services on your computer, their statuses, and display names.
To use this command to retrieve specific services, type: PS C:\ Get-Service “WMI*” to retrieve all services that begin with WMI.
If you wanted to restrict output to active services on your computer, input the following command:
When using PowerShell, you might want to generate a report about the information you’ve seen. One of the best ways to do this is by using the ConvertTo-HTML command. This cmdlet allows you to build reports with tables and color, which can help to visualize complex data. Simply choose an object and add it to the command.
For example, you could type:
This returns a mass of information, so it’s a good idea to limit it to a file with the Out-File command. A better alternative command is:
This will then generate an HTML file in table form. For example:
You can then add your own colors and borders to refine its presentation.
No less important for increasing visibility is the Export-CSV command. It allows you to export PowerShell data into a CSV file. Essentially, this command creates a CSV file compiling all of the objects you’ve selected in PowerShell. Every object has its own line or row within the CSV file. This command is primarily used to create spreadsheets and share data with external programs.
To use this command, you would type:
It’s important to remember not to format objects before running the Export-CSV command. This is because formatting objects results in only the formatted properties being placed into the CSV file rather than the original objects themselves. In the event that you want to send specific properties of an object to a CSV file, you would use the Select-Object cmdlet.
To use the Select-Object cmdlet, type:
If you want to view all processes currently running on your system, the Get-Process command is very important. To get a list of all active processes on your computer, type:
Notice that if you don’t specify any parameters, you’ll get a breakdown of every active process on your computer. To pick a specific process, narrow the results down by process name or process ID and combine that with the Format-List cmdlet, which displays all available properties. For example:
This provides you with comprehensive oversight of all active processes.
If you ever want to access your computer’s event logs (or logs on remote computers) while using PowerShell, then you’re going to need the Get-EventLog command. This cmdlet only works on classic event logs, so you’ll need the Get-WinEvent command for logs later than Windows Vista.
To run the event log command, type:
This will show all event logs on your computer.
One of the most common reasons users look at event logs is to see errors. If you want to see error events in your log, simply type:
If you want to get event logs from multiple computers, specify which devices you want to view (listed below as “Server1” and “Server2”). For example:
After
User specifies a date and time and the cmdlet will locate events that occurred after
AsBaseObject
Provides a System.Diagnostics.EventLogEntry for each event
AsString
Returns the output as strings
Before
User specifies a date and time and the cmdlet will locate events that occurred before
ComputerName
Used to refer to a remote computer
EntryType
Specifies the entry type of events (Error, Failure Audit, Success Audit, Information, Warning)
Index
Specifies index values the cmdlet finds events from
List
Provides a list of event logs
UserName
Specifies usernames associated with a given event
When using PowerShell, it’s not uncommon to experience a process freezing up. Whenever this happens, you can use Get-Process to retrieve the name of the process experiencing difficulties and then stop it with the Stop-Process command.
Generally, you terminate a process by its name. For example:
In this example, the user has terminated Notepad by using the Stop-Process command.
Here are 25 basic PowerShell commands:
Set-Location
cd, chdir, sl
Sets the current working location to a specified location.
Get-Content
cat, gc, type
Gets the content of the item at the specified location.
Add-Content
ac
Adds content to the specified items, such as adding words to a file.
Set-Content
sc
Writes or replaces the content in an item with new content.
Copy-Item
copy, cp, cpi
Copies an item from one location to another.
Remove-Item
del, erase, rd, ri, rm, rmdir
Deletes the specified items.
Move-Item
mi, move, mv
Moves an item from one location to another.
Set-Item
si
Changes the value of an item to the value specified in the command.
New-Item
ni
Creates a new item.
Start-Job
sajb
Starts a Windows PowerShell background job.
Compare-Object
compare, dif
Compares two sets of objects.
Group-Object
group
Groups objects that contain the same value for specified properties.
Invoke-WebRequest
curl, iwr, wget
Gets content from a web page on the Internet.
Measure-Object
measure
Calculates the numeric properties of objects, and the characters, words, and lines in string objects, such as files …
Resolve-Path
rvpa
Resolves the wildcard characters in a path, and displays the path contents.
Resume-Job
rujb
Restarts a suspended job
Set-Variable
set, sv
Sets the value of a variable. Creates the variable if one with the requested name does not exist.
Show-Command
shcm
Creates Windows PowerShell commands in a graphical command window.
Sort-Object
sort
Sorts objects by property values.
Start-Service
sasv
Starts one or more stopped services.
Start-Process
saps, start
Starts one or more processes on the local computer.
Suspend-Job
sujb
Temporarily stops workflow jobs.
Wait-Job
wjb
Suppresses the command prompt until one or all of the Windows PowerShell background jobs running in the session are …
Where-Object
?, where
Selects objects from a collection based on their property values.
Write-Output
echo, write
Sends the specified objects to the next command in the pipeline. If the command is the last command in the pipeline,…
Looking to create your own PowerShell scripts? Nearly 5k students have taken .
