Table of Contents

  1. Introduction to PowerShell
  2. PowerShell Syntax Structure and Common Options
    1. Basic Syntax Structure
      1. Cmdlets
    2. Common Verbs
    3. Common Nouns
    4. Common Parameters
    5. Common Options
    6. Variables
    7. Comments
    8. Aliases
  3. Key PowerShell Commands and Their Usage
    1. Navigating Directories
    2. File Management
    3. Using Wildcards Effectively
    4. Viewing and Manipulating File Content
    5. File Searching and Handling
    6. System Monitoring
    7. Network Operations
    8. Permissions and Ownership
    9. Archiving and Compression
  4. Running Commands as Administrator
  5. Utilizing PowerShell Commands Effectively
    1. Piping and Redirection
    2. Command Chaining
  6. Using Get-Help for Command Documentation
  7. PowerShell Package Management
  8. Advanced Object Manipulation
  9. Scripting in PowerShell
    1. Basic Scripting
    2. Intermediate Scripting
  10. Glossary

Introduction to PowerShell

PowerShell is a powerful scripting language and command-line shell that is built on the .NET framework. It allows for direct execution of .NET functions and cmdlets, which are small, reusable commands designed to perform specific tasks. The output of these cmdlets is in object form, allowing for more sophisticated manipulation and interaction than traditional text-based output.

PowerShell Syntax Structure and Common Options

Understanding the basic syntax and common options in PowerShell is essential for writing effective scripts and commands. PowerShell uses a straightforward structure that makes it accessible while still being incredibly powerful.

Basic Syntax Structure

Cmdlets

The basic units of functionality in PowerShell are cmdlets. They follow a verb-noun naming convention, making it clear what the command does.

Syntax:

Verb-Noun -Parameter Value

Example:

Get-Process -Name "notepad"

Here, Get-Process is the cmdlet, -Name is a parameter, and "notepad" is the value passed to the parameter.

Common Verbs

PowerShell cmdlets use standardized verbs to ensure consistency across commands. Here are some common verbs used in PowerShell:

  • Get: Retrieves data or an object.
  • Set: Changes the state or data of an object.
  • Remove: Deletes an object or data.
  • New: Creates a new object.
  • Copy: Copies an object from one location to another.
  • Move: Moves an object from one location to another.
  • Start: Begins an operation or process.
  • Stop: Ends an operation or process.
  • Restart: Stops and then starts an operation or process.

Common Nouns

Nouns in cmdlets specify the target object or data type that the cmdlet operates on. Here are some common nouns used in PowerShell:

  • Item: Represents a generic object (e.g., file, registry key).
  • Process: Represents a system process.
  • Service: Represents a Windows service.
  • ChildItem: Represents files and directories within a directory.
  • Command: Represents a command or cmdlet.

Common Parameters

Cmdlets often support parameters that control their behavior. Here are some of the most frequently used parameters:

  • -Name: Specifies the name of an item.
  • -Path: Specifies the location of an item.
  • -Force: Overrides restrictions or prompts, forcing the operation to proceed.
  • -Recurse: Performs the operation on all items within the specified location, including subdirectories.
  • -Filter: Specifies a filter to limit the items returned by a cmdlet.

Common Options

Options provide additional control over cmdlet behavior. Here are some common options:

  • -WhatIf: Simulates the command without making any changes. Useful for testing commands to see what they would do.
    • Example: Remove-Item "C:\temp\file.txt" -WhatIf
  • -Confirm: Prompts the user for confirmation before executing the command.
    • Example: Remove-Item "C:\temp\file.txt" -Confirm
  • -Verbose: Provides detailed information about the operation being performed.
    • Example: Copy-Item "C:\temp\file.txt" "D:\backup\" -Verbose
  • -ErrorAction: Controls how PowerShell responds to errors. Common values include Continue, Stop, SilentlyContinue, and Inquire.
    • Example: Get-Item "C:\nonexistentfile.txt" -ErrorAction SilentlyContinue
  • -OutVariable: Stores the output of a cmdlet in a variable for later use.
    • Example: Get-Process -Name "notepad" -OutVariable myProcesses

Variables

Variables in PowerShell are declared using the $ symbol and can store various types of data, including strings, numbers, and objects.

$greeting = "Hello, PowerShell!"

Comments

Comments are added to scripts using the # symbol for single-line comments or <# #> for block comments.

# This is a single-line comment

<#
This is a block comment
that spans multiple lines
#>

Aliases

PowerShell provides aliases, which are shortcuts for cmdlets. While these are convenient for interactive use, it’s recommended to use full cmdlet names in scripts for clarity.

  • ls: Alias for Get-ChildItem
  • cd: Alias for Set-Location
  • dir: Alias for Get-ChildItem

Example:

ls -Recurse  # Equivalent to Get-ChildItem -Recurse

Key PowerShell Commands and Their Usage

This section covers essential PowerShell commands, their functionalities, and examples to illustrate their usage.

  • Get-Location (Print Working Directory):
    Displays the current directory path.

    Get-Location

  • Get-ChildItem (List):
    Lists all files and directories in the current directory.

    Get-ChildItem
Get-ChildItem -Force  # Include hidden files

  • Set-Location (Change Directory):
    Changes the current directory to a specified path.

    Set-Location "C:\Path\To\Directory"  # Change to a specific directory
Set-Location ..  # Go up one directory level
Set-Location $HOME  # Go to the home directory

File Management

Copying Files and Directories with Copy-Item

  • Copy-Item (Copy Files and Directories):
    Copies files or directories from one location to another.

    Copy-Item -Path "source.txt" -Destination "destination.txt"  # Copy one file to another location
Copy-Item -Path "C:\SourceDirectory" -Destination "C:\DestinationDirectory" -Recurse  # Recursively copy entire directories
Copy-Item -Path "*.txt" -Destination "C:\Backup"  # Copy all TXT files to a backup directory

Moving and Renaming Files with Move-Item

  • Move-Item (Move/Rename Files and Directories):
    Moves or renames files and directories.

    Move-Item -Path "oldname.txt" -Destination "newname.txt"  # Rename a file
Move-Item -Path "file.txt" -Destination "C:\Path\To\Directory"  # Move a file to a different directory
Move-Item -Path "*.txt" -Destination "Archive\"  # Move all TXT files to the 'Archive' directory

Removing Files and Directories with Remove-Item

  • Remove-Item (Remove Files or Directories):
    Deletes files or directories.

    Remove-Item -Path "file.txt"  # Remove a single file
Remove-Item -Path "directory_name" -Recurse  # Recursively remove a directory and its contents
Remove-Item -Path "*.txt" -Force  # Forcefully remove all TXT files without prompting

Creating Files with New-Item

  • New-Item (Create Files or Directories):
    Creates a new file or directory.

    New-Item -Path "newfile.txt" -ItemType File  # Create a new empty file
New-Item -Path "C:\NewDirectory" -ItemType Directory  # Create a new directory

Using Wildcards Effectively

Wildcards like * (asterisk) and ? (question mark) can be used in PowerShell to specify groups of files or directories. These are particularly useful in file management commands:

  • * (Asterisk): Matches zero or more characters. For example, *.txt refers to all files with a .txt extension.
  • ? (Question Mark): Matches exactly one character. For example, file?.txt could match file1.txt, file2.txt, etc., but not file10.txt.

Viewing and Manipulating File Content

Get-Content (View File Content)

  • Get-Content:
    Retrieves the content of a file, displaying it line by line.

    Get-Content -Path "filename.txt"

Select-String (Search within Files)

  • Select-String:
    Searches for text patterns within files, similar to grep in Linux.

    Select-String -Pattern "search_term" -Path "filename.txt"
    • Example:

      • Search for the term “error” in a log file:

        Select-String -Pattern "error" -Path "logfile.txt"

Out-File and Set-Content

  • Out-File:
    Redirects output to a file.

    Get-Process | Out-File -FilePath "processes.txt"

  • Set-Content:
    Writes or replaces the content of a file.

    Set-Content -Path "filename.txt" -Value "New content"

File Searching and Handling

Get-ChildItem (Search for Files and Directories)

  • Get-ChildItem:
    Lists all files and directories, with options for filtering.

    Get-ChildItem -Path "C:\" -Recurse -Filter "*.txt"  # Recursively find all TXT files

Where-Object (Filter Search Results)

  • Where-Object:
    Filters the output of other commands based on conditions.

    Get-ChildItem -Recurse | Where-Object { $_.Length -gt 1MB }  # Find files larger than 1MB

System Monitoring

Get-Process (List Processes)

  • Get-Process:
    Displays a list of currently running processes.

    Get-Process

Stop-Process (Terminate Processes)

  • Stop-Process:
    Stops a process by name or process ID.

    Stop-Process -Name "notepad"
Stop-Process -Id 1234

Get-Service (List Services)

  • Get-Service:
    Lists all services on the system, displaying their status.

    Get-Service

Network Operations

Test-Connection (Ping)

  • Test-Connection:
    Tests the network connection to a remote server, similar to ping.

    Test-Connection -ComputerName "example.com"
    • Example:

      • Test the connection to multiple servers:

        "google.com", "yahoo.com" | Test-Connection

Get-NetIPAddress (IP Address Information)

  • Get-NetIPAddress:
    Retrieves IP address configuration information for network interfaces on the system.

    Get-NetIPAddress
    • Example:

      • Filter to display only IPv4 addresses:

        Get-NetIPAddress -AddressFamily IPv4

Get-NetTCPConnection (Network Statistics)

  • Get-NetTCPConnection:
    Displays network connections, including TCP connections.

    Get-NetTCPConnection
    • Example 1:

      • List all TCP connections in the Listening state:

        Get-NetTCPConnection | Where-Object -Property State -Match "Listen"
    • Example 2:

      • Count the number of listening ports:

        Get-NetTCPConnection | Where-Object -Property State -EQ "Listen" | Measure-Object
    • Example 3:

      • Get the remote address of the local port listening on port 445:

        Get-NetTCPConnection | Where-Object { $_.LocalPort -eq 445 -and $_.State -eq "Listen" }

Invoke-WebRequest (Download Files)

  • Invoke-WebRequest:
    Downloads files from the internet.

    Invoke-WebRequest -Uri "http://example.com/file.txt" -OutFile "file.txt"
    • Example:

      • Download a file and store response headers:

        $response = Invoke-WebRequest -Uri "http://example.com/file.txt"
$response.Headers

Permissions and Ownership

Get-Acl and Set-Acl (Get and Set Permissions)

  • Get-Acl:
    Retrieves the access control list (ACL) of a file or directory.

    Get-Acl -Path "C:\file.txt"

  • Set-Acl:
    Sets the ACL for a file or directory.

    $acl = Get-Acl -Path "C:\file.txt"
# Modify $acl as needed
Set-Acl -Path "C:\file.txt" -AclObject $acl

icacls (Modify File Permissions)

  • icacls:
    Modifies file and directory permissions.

    icacls "C:\file.txt" /grant User:(R,W)

Archiving and Compression

Compress-Archive (Create Archive)

  • Compress-Archive:
    Creates a compressed archive file.

    Compress-Archive -Path "C:\SourceDirectory" -DestinationPath "C:\archive.zip"

Expand-Archive (Extract Archive)

  • Expand-Archive:
    Extracts the contents of a compressed archive file.

    Expand-Archive -Path "C:\archive.zip" -DestinationPath "C:\ExtractedFiles"

Running Commands as Administrator

When you need to execute commands with elevated privileges, use the Start-Process cmdlet with the -Verb RunAs parameter to run PowerShell as an administrator.

Using Start-Process with -Verb RunAs

  • Start a new PowerShell session as an administrator:

    Start-Process powershell -Verb RunAs

Utilizing PowerShell Commands Effectively

Maximizing efficiency with PowerShell involves mastering piping, redirection, and command chaining.

Piping and Redirection

  • Piping:
    Passes the output of one command as input to another.

    Get-Process | Sort-Object CPU -Descending | Select-Object -First 5

  • Redirection:
    Redirects output to a file.

    Get-Process > "processes.txt"

Command Chaining

  • Command chaining with ;, &&, and || allows for conditional execution of commands.

    mkdir "NewFolder"; cd "NewFolder"; Get-ChildItem

Using Get-Help for Command Documentation

Understanding PowerShell commands is facilitated by the Get-Help cmdlet, which provides detailed information about cmdlets, including syntax, parameters, and examples.

The Get-Help Command

  • Basic Usage:

    Get-Help Get-Process

  • Example:

    Get-Help Get-Process -Examples

This will provide you with one or more practical examples of how the Get-Process cmdlet can be used, showing you the command and a description of what it does.

Example Output:

Running Get-Help Get-Process -Examples might produce output like this:

   NAME
       Get-Process

   SYNOPSIS
       Gets the processes that are running on the local computer or a remote computer.

   ...
   
   EXAMPLES

       Example 1: Get a list of all processes on the local computer

       PS C:\> Get-Process

       This command gets a list of all processes running on the local computer.

       Example 2: Get processes that have a specific name

       PS C:\> Get-Process -Name "notepad"

       This command gets all instances of processes that have a process name that begins with "notepad".

   ...

  • Updating Help Files:

    The help files in PowerShell can become outdated, especially after new features or cmdlets are added. You can update the help files to ensure you have the latest information by running:

     Update-Help

    This command downloads the most current help files from the internet and installs them on your system. After running this, the information provided by Get-Help will be up to date.

PowerShell Package Management

PowerShell supports package management through cmdlets like Install-Package, which allows you to install software packages from various repositories.

The Install-Package Command

  • Install a package:

    Install-Package -Name "PackageName"

Advanced Object Manipulation

Using the Pipeline for Object Manipulation

In PowerShell, the output of a cmdlet is an object that can be passed along the pipeline to other cmdlets for further manipulation.

Get-Member (Inspect Object Properties and Methods)

  • Get-Member:
    Displays the properties and methods of objects output by a cmdlet.

    Get-Process | Get-Member

Select-Object (Create New Objects from Properties)

  • Select-Object:
    Selects specific properties of an object and creates a new object.

    Get-Process | Select-Object -Property Name, CPU

  • Example:
    Select the first three processes based on CPU usage.

    Get-Process | Sort-Object -Property CPU -Descending | Select-Object -First 3

Filtering Objects with Where-Object

The Where-Object cmdlet filters objects based on specified property values.

  • Example:
    Find processes consuming more than 100 MB of memory.

    Get-Process | Where-Object { $_.WorkingSet -gt 100MB }

Glossary

Below is a comprehensive list of PowerShell commands and their descriptions.

Term Description
Common Verbs  
Get Retrieves data or an object. Example: Get-Item
Set Changes the state or data of an object. Example: Set-Item
Remove Deletes an object or data. Example: Remove-Item
New Creates a new object. Example: New-Item
Copy Copies an object from one location to another. Example: Copy-Item
Move Moves an object from one location to another. Example: Move-Item
Start Begins an operation or process. Example: Start-Process
Stop Ends an operation or process. Example: Stop-Process
Restart Stops and then starts an operation or process. Example: Restart-Service
Common Nouns  
Item Represents a generic object, such as a file or registry key. Example: Get-Item
Process Represents a system process. Example: Get-Process, Stop-Process
Service Represents a Windows service. Example: Get-Service, Restart-Service
ChildItem Represents files and directories within a directory. Example: Get-ChildItem, Remove-ChildItem
Command Represents a command or cmdlet. Example: Get-Command, Invoke-Command
Common Parameters  
-Name Specifies the name of an item. Example: Get-Process -Name "notepad"
-Path Specifies the location of an item. Example: Set-Location -Path "C:\Users"
-Force Overrides restrictions or prompts, forcing the operation to proceed. Example: Remove-Item "C:\temp\file.txt" -Force
-Recurse Performs the operation on all items within the specified location, including subdirectories. Example: Get-ChildItem -Recurse
-Filter Specifies a filter to limit the items returned by a cmdlet. Example: Get-ChildItem -Filter "*.txt"
Common Options  
-WhatIf Simulates the command without making any changes. Useful for testing commands. Example: Remove-Item "C:\temp\file.txt" -WhatIf
-Confirm Prompts the user for confirmation before executing the command. Example: Remove-Item "C:\temp\file.txt" -Confirm
-Verbose Provides detailed information about the operation being performed. Example: Copy-Item "C:\temp\file.txt" "D:\backup\" -Verbose
-ErrorAction Controls how PowerShell responds to errors. Common values include Continue, Stop, SilentlyContinue, and Inquire. Example: Get-Item "C:\nonexistentfile.txt" -ErrorAction SilentlyContinue
-OutVariable Stores the output of a cmdlet in a variable for later use. Example: Get-Process -Name "notepad" -OutVariable myProcesses
Other Commands  
Compress-Archive Creates a compressed archive file
Expand-Archive Extracts the contents of a compressed archive file
Get-ChildItem Lists all files and directories in the current directory
Get-Content Retrieves the content of a file
Get-Help Displays the help information for a given cmdlet
Get-Location Displays the current directory path
icacls Modifies file and directory permissions
Invoke-WebRequest Downloads files from the internet
Move-Item Moves or renames files and directories
New-Item Creates a new file or directory
Out-File Redirects output to a file
Select-String Searches for text patterns within files
Set-Location Changes the current directory to a specified path
Set-Content Writes or replaces the content of a file
Start-Process Starts a new process
Stop-Process Stops a process by name or process ID
Test-Connection Tests the network connection to a remote server
Update-Help Updates the help files for cmdlets
Where-Object Filters the output of other commands based on conditions