1. Basics - Powershell

1.2 Powershell Cmdlets

Execution Policy

it just a policy that is restricted by default to prevent users to run powershell scripts by accident.

to check it:

Get-ExecutionPolicy

You will get one of the following values:

  • Restricted — No scripts are allowed. This is the default setting, so you will see it the first time you run the command.
  • AllSigned — You can run scripts signed by a trusted developer. Before executing, a script will ask you to
  • confirm that you want to run it.
  • RemoteSigned — You can run your own scripts or scripts signed by a trusted developer.
  • Unrestricted — You can run any script you want.

You can change it to Unrestricted by:

Set-ExecutionPolicy Unrestricted

but you will get an error, you should run this powershell session as an administrator!

now if you tried to bypass the execution policy it will work:

Set-ExecutionPolicy bypass

Cmdlets

A cmdlet is a PowerShell command with a predefined function, similar to an operator in a programming language. Here are some key things to know about cmdlets:

  • There are system, user and custom cmdlets.
  • Cmdlets output results as an object or as an array of objects.
  • Cmdlets can get data for analysis or transfer data to another cmdlet using pipes.
  • Cmdlets are case-insensitive. For example, it doesn’t matter whether you type Get-ADUser, get-aduser or gEt-AdUsEr.
  • If you want to use several cmdlets in one string, you must separate them with a semicolon (;).

A cmdlet always consists of a verb (or a word that functions as a verb) and a noun, separated with a hyphen (the “verb-noun” rule). For example, some of the verbs include:

  • Get — To get something
  • Set — To define something
  • Start — To run something
  • Stop — To stop something that is running
  • Out — To output something
  • New — To create something (“new” is not a verb, of course, but it functions as one)

Let’s Practice some:

  • Get-Process — Shows the processes currently running on your computer.
  • Get-Service — Shows the list of services with their status
  • Get-Content — Shows the content of the file you specify (for example, Get-Content C:\Windows\System32\drivers\etc\hosts)

Help Cmdlets

Good news — you don’t need to memorize all cmdlets. You can list all cmdlets by executing the Get-Help -Category Cmdlet, which will return the following:

and much much more.

most of the cmdlets have what is called parameters like this Get-Help -Category -Category here is called a parameter. If you forget the parameters of a cmdlet you could do this:

Get-Help | Get-Member

or you just type Get-Help - and press tab multiple times to get to the parameter you want.

If you still don’t find the cmdlet you need, you can make sure the help is current and then get examples for a cmdlet (such as Get-Process) using a script like this:

Update-Help # to update the help data
Get-Help Get-Process -Examples

Aliases

Aliases are just another word for the same command. for example ps is an alias of Get-Proccess. and of course they do the same thing.

and to see all aliases, execute Get-Alias.

Processes

  • Start-Process to start a new process. (Alias: start) for example Start-Proccess notepad
  • Stop-Process to start a new process. (Alias: spss) for example Stop-Proccess -Name notepad

pipes

A pipe passes data from one cmdlet to another. I used a pipe earlier to get all properties of an object.

For example, if you execute the following script, you’ll get all services sorted by their name:

Get-Service | Sort-Object -property DisplayName

You can also use a pipe to output text to a file using a script like this:

"Hello, World!" | Out-File C:\ps\test.txt

you can use multiple pipes for example, to list all running services and only show there names:

Get-Service | WHERE {$_.status -eq "Running"} | SELECT displayname