Some PowerShell notes... [Updated 6/26]

Okay, So I have been looking into the basics of powershell and have come up with some sloppy code examples as I have read things here and there. Here are my PowerShell code example notes:

get-service schedule | format-list -property *
lists all the properties for the schedule service
this link above tells about execution policy - remotesigned is probably the most common choice for people. do set-executionpolicy remotesigned. do get-executionpolicy to get your current running policy.

file extension: .ps1

shows the enviroment path - just like %path% or path in the command shell.

$env:path= c:\windows\system32
sets the environment path to c:\windows\system32 and replaces all other environment paths

Powershell c:\ie.ps1
Starts powershell from within a batch file or shortcut. You cannot directly run powershell script files without powershell

finds a string in the output

does a command on the result of the command before it

ipconfig | findstr "Address"
only brings up the address lines of the ipconfig output

help cmdlet

get-help get-command -detailed
detailed help about get-command

get-help get-command -examples
examples for the get-command

get-help get-command -full
displays all help, including technial notes

get-help get-command -parameter *
gets help for all the parameters of get-command. the asterisk can be changed out for a paramiter name for more specific help

help cmdlet
gets help for the specified cmdlet

get-help about_wildcard
about_ gets help about a concept

get-help about_*
gets all concepts' help

gets time

dir | findstr Soldat
brings up all lines of the dir command's output that have Soldat in them. Case sensitive.

lists current cmdlets in your session (lists all cmdlets and syntax involved

get-command *

get-command *.exe
gets all exe files on the PC

get-wmiobject win32_bios -computername Glass
gets BIOS informationa bout glass

set-alias gh get-help
sets the gh command to be an alias for the get-help command

shows aliases

gets a variable

set-variable test 123
sets the variable test to the value 123

clear-variable test
clears the variable test to blank, but variable remains as blank

remote-variable test
completely clears and removes the variable test

get-wmiobject win32_process >> c:\test.txt
generates a list of all the processes on the commputer and dumps them to c:\test.txt. This can also be used with the -computername tag.

function test {np c:\test.txt}
creats a function named test that uses the np alias (which starts notepad, see above) and targets the file c:\test.txt. this is useful because i always dump things to c:\test.txt for tests. Just type 'test' to bring up the notepad and open c:\test.txt in one command.

shows the drives you can browse from within powershell. these include registry sections like hkcu and hklm. cd hkcu: works... neat.

get-variable home
shows the home path for you, normally your folder within c:\documents and settings, or profiles if you use vista.

new-psdrive -name MyDocs -psprovider FileSystem –root "$home\My Documents"
big one - this basically adds another powershell drive whose root is located at c:\documents and settings\username\my documents. Replace documents and settings with profiles if you're using Vista

get-wmiobject -list
Shows all WMI Objects

set-alias gw get-wmiobject
sets gw to do get-wmiobject so gw -list brings a list of all wmiobjects available

$test = (get-date).Hour
sets the test variable to the numeric hour as retried from the local get-date command.

$test = (get-date).Minute
same as the hour command above, but gets the current minute and stores it, instead of the hour.

start-sleep 10
pauses for 10 seconds

get-command get-*
gets all commands that start with get- and puts them into a list with a definition.

get-date -format t
get's the timestamp

| out-host -paging
makes files go page by page - similar to /p

get-wmiobject -list | out-host -paging
gets all wmiobjects in a list and goes page by page (normally is scrolls for 5 or 6 pages without stopping)

| out-printer -name "hp laserjet 4050 series pcl - office"
prints the output of the command ahead of it to the printer labeled above

gwmi win32_computersystem | out-printer -name "HP LaserJet 4050 series pcl - office"
prints the computersystem wmiobject report to the printer hp laserjet 4050 series pcl - office.

(get-wmiobject win32_computersystem).Name
gets your computer's hostname... gets the name variable out of the wmiobject win32_computersystem

$hostname= (get-wmiobject win32_computersystem).Name
sets the $hostname variable to your computer's hostname

new-item -type file $(1..5)
kinda complicated. the dollar sign means it runs the result of the commands before it on each of the variables after it. This file basically creates five files named 1 2 3 4 and 5.

set-location c:\
same thing as cd c:\

The following is basically me using write-host to display two variables i set and called above:
PS C:\Scripts> $hour= (get-date).hour
PS C:\Scripts> $hour
PS C:\Scripts> $minute= (get-date).minute
PS C:\Scripts> write-host $hour $minute
16 9

write-host $var1 $var2 $var3
displays things like echo, with variables placed next to eachother. spaces do not count as seperate commands anymore.

write-host (2+2)
this displays 4 - write-host will perform all results inside ( ) before spitting them out back into the line

starts notepad++.exe if you're in the same directory as it. (this works on filenames with characters like + in them)

$ie = new-object -comobject "InternetExplorer.Application"
$ie.visible = $true
This sets the variable $ie to create a new internet explorer window, visibily

command line arguments are stored in the args variable

echo $args[0] $args[1]
When put into a .ps1 file, this is the same thing as %1 %2 in batch files. Displays the first and second variables specified after the script's name when run.

outputs the number of args stored - useful to build arrays wiothout going over the numebr of logs

writes a warning when problems happen "WARNING: An error has occured."

breaks a loop or a script

if ($a -eq 0)
{"The value is 0."}
else {"The value is not 0."}
This is an IF statement. -eq means equals. This reads: If the variable a is equal to 0 then say "the value is 0", if it's not, say "the value is not 0"
Other Comparison Operators are -lt - less than -le - less than or equal to -gt greater than -ge greater than or equal to ... and more

$a = $args.length
if ($a -eq 0)
{Write-warning "You must supply a folder name."; break}
else {$strFolder = $args[0] + "\*.dll"}
Sets the variable strfolder to the first arguement plus \*.dll. if the first arguement was c:\windows it would be c:\windows\*.dll in the end.

$a = "A", "B", "C", "D", "E"
sets the variable $a to an array with A B C D E as statements. No array statement required.

$a += "F"
ADDS the variable F to the array variable $a as mentioned above. This will not turn a variable into an array. This adds the second variable right on top of the first. For example, if you had the variable A equaling A and you ran $a += "B" you will get the result AB

get-childitem C:\scripts\*.txt
gets all the files ending in .txt in the script folder (like an advanced directory listing)

$b = @()
creates an empty array named $b. You add things later with +=

function getspace {gwmi win32_logicaldisk -computername $args[0]}
$getspace= (getspace localhost)
note: you can replace localhost with a remote computer. This sets the function getspace to run the win32_logicaldisk wmi object on the first computername specified as an additional paramiter. Then it sets the variable $getspace to run the getspace function on localhost. Therefor $getspace equals the output of the win32_getspace wmi object when ran on your local computer.

shows the colors powershell will use for debug, warning, errors, and progress

$host.privatedata.ErrorBackgroundColor = "White"
sets the background color for errors in powershell to white, isntead of black.
I personally like $host.privatedata.ErrorForegroundColor = "white" - looks non-suprizing but easy to read.
these came from this link:

prompts for your password and allows you to step up to administrative privilages

gwmi win32_computersystem -computer server -cred $cred
prompts for your credentials then runs the get wmi object task associated with it

get-wmiobject win32_service | where {$_.Name -eq "tlntsvr"}
good example of the where command. gets the win32_service wmi object and runs a where command on the resulting names. the $_.Name comes because the $_ is the wildcard for where. For a specific service it would be tlntsvr.Name, sot he wildcard fits in where the service name belogs. the where says to pull all names that equal tlntsvr from the result of the wmi object

get-process p* | stop-process
stops all processes that start with p. Gets processes starting with p then takes the result and runs stop-process on each of them

Hopefully this will make getting started with PowerShell syntax easier for someone.