PowerShell crashcourse

Windows PowerShellWindows PowerShellCrash CourseCrash CourseDon JonesDon JonesSenior Partner & Principal TechnologistConcentrated Technology, LLC

This slide deck was used in one of our many conference presentations. We hope you enjoy it, and invite you to use it

within your own organization however you like.

For more information on our company, including information on private classes and upcoming conference appearances, please

visit our Web site, www.ConcentratedTech.com.

For links to newly-posted decks, follow us on Twitter:@concentrateddon or @concentratdgreg

This work is copyright ©Concentrated Technology, LLC

http://www.ConcentratedTech.com/

CAUTION: DEMOS AHEADCAUTION: DEMOS AHEAD

This is a demonstration-intensive session (very few slides)

I will capture a shell transcript and save all of my scripts

You can download these (in a week or so) from ConcentratedTech.com (there’s a “Conference Materials” link in the menu)

3 • Don Jones • ConcentratedTech.com

Welcome to the ShellWelcome to the Shell

Why did Microsoft write PowerShell? Is this a replacement for Cmd.exe or

VBScript? How much “scripting” do I need to

learn? How long will PowerShell be around? What versions of Windows does it

work with? What MS products are PowerShell-ed?


Command QuizCommand Quiz

Change directories Make a directory Get a list of files and folders Display contents of a text file Move a file Copy a file Delete a file


Running CommandsRunning Commands

Run all the commands you’re used to, with almost exactly the same syntax (Ping, Ipconfig, etc)

New “cmdlets” have a more consistent naming convention and more consistent parameters… but they’re just commands

Use Help to read more; add –full or –examples for even more help; use wildcards to discover more commands and help topics


One Set of CommandsOne Set of Commands

The file system is a hierarchical data store

What other data stores does Windows use?

Why not treat them as “disk drives” so that you can use the same set of commands?


Extending the ShellExtending the Shell

PSSnapins (the old way)– Get-PSSnapin –registered– Add-PSSnapin name– Get-Command –pssnapin name

Modules (the new way)– Get-Module –listavailable– Import-Module name– Get-Command –module name

There’s only one shell – the “pre-made shells” are just pre-loading a snap-in or module for you


PipingPiping

Just like Dir | More Export-, Out-, Format-, ConvertTo- are

all useful verbs for piping Tip: Format- cmdlets go at the end of

the pipeline. What they produce is only useful to Out-File, Out-Printer, Out-Host.


OutputOutput

Run Get-Process See the resulting table? The real table, in memory, is much

bigger – PowerShell just doesn’t show it Pipe the table to Get-Member to see

other available columns Or pipe it to Format-List * (since a list

can hold more data than a table) You don’t have to pipe stuff to a file

and then grep it; you can simply refer to columns by name


More PipingMore Piping

Sorting: Sort-Object (or “Sort”) Filtering: Where-Object (or “Where”) Grouping: Group-Object (or “Group”) Measuring: Measure-Object (or

“Measure”)

Use Format- cmdlets to specify the columns (called “properties”) that you’d prefer to see


Phys EdPhys Ed

Let’s see the pipeline work in real life. Volunteers needed. You may win a

prize.


How Pipeline input worksHow Pipeline input works

Get-Service generates why type of table (ok, these are really “objects” and not a “table in memory,” but it’s all just words)

Get-Service | Get-Member So when you run

Get-Service | Stop-Servicehow does Stop-Service know what to do with what you piped in?


Pipeline Input ByValuePipeline Input ByValue

Look at the parameters of Stop-Service

Do any of them accept pipeline input ByValue and accept the type of data being produced by Stop-Service?


Now Consider ThisNow Consider This

“BITS”,”w32time” | Stop-Service Those are strings

“BITS” | Get-Member Does Stop-Service accept anything of

the type String ByValue from the pipeline?

This would work too:Get-Content names.txt | Stop-Service

World this work?Get-Process | Stop-ServiceHmmm…


Pipeline Input ByPropertyNamePipeline Input ByPropertyName

If nothing will work ByValue, then the shell tries to match up input columns with parameter names ByPropertyName

Let’s look atGet-Process | Get-Member

Do any of those column names match up with parameter names of Stop-Service?

Do the matching parameter names accept input from the pipeline ByPropertyName?


Debugging Pipeline InputDebugging Pipeline Input

Trace-Command-Name PipelineBinding-PSHost-expression { Get-Process | Stop-Service }


Fun trick!Fun trick!

Import user info from a CSV and make new users out of them


WorkaroundsWorkarounds

What about when pipelining won’t work?

Get-WmiObject-class Win32_BIOS-computername (type names.txt)

Get-WmiObject-class Win32_BIOS-computername (

Get-ADComputer –filter * |Select –expand Name

)


Remote ControlRemote Control

Requires PSH v2 Run Enable-PSRemoting to enable

(or via GPO) on machines that will accept incoming connections

Communicates over HTTP(s); authenticates with Kerberos

Help about_remote* for more help


1:1, 1:n Remoting1:1, 1:n Remoting

Enter-PSSession –computername xExit-PSSession

Invoke-Command-scriptblock { command(s) }-computername x,x,x,x

Notes:– PSComputerName property– FilePath switch to do a whole script


More OptionsMore Options

-credential -port -useSSL Etc

Or create a persistent session using New-PSSession.

Get the sessions with Get-PSSessionInvoke-Command –scr { whatever }-session (Get-PSSession)


Implicit RemotingImplicit Remoting

Start a session (maybe save it in a $variable for ease of referring to it)

Import a module in the remote session

Import the remote session into the local shell – just the commands from that module, and add a noun prefix

Execute remote commands as if they were local!


WMIWMI

Get-WmiObject-class whatever (e.g., “Win32_XXX”)-computername x,y,z-EA SilentlyContinue (why?)-Filter ”something” (why?)

Let’s play with that…


Awesome Advanced TrickAwesome Advanced Trick

Format-Table can accept a special item called a hashtable or dictionary as a property in a property list

The dictionary must contain two items– N: The name of the column you want to

create– E: The value to go into the column

This can even be an entirely new command!Use $_ to refer to whatever table row (object) is current

Use to combine WMI info from two classes into a single output! Crazy syntax, but crazy useful!


NOW… letNOW… let’’s do some Q&As do some Q&A

I’ve got more demos to show you, but want to make sure I address your questions

Ask ‘em now! The remainder of the session will be

additional demos Remember: Transcript will be

downloadable; no need to copy down the syntax

Ask for a “reminder card” if you want to download this stuff next week.


Final Notes…Final Notes…

Please be sure to submit a session evaluation form!

Download slides & materials from www.ConcentratedTech.com within one week!

Blog, URLs, and other information is also available at www.ConcentratedTech.com for your reference

More resources at www.ShellHub.com

Thank you very much!27 • Don Jones • ConcentratedTech.com



http://www.ShellHub.com/

This slide deck was used in one of our many conference presentations. We hope you enjoy it, and invite you to use it

within your own organization however you like.

For more information on our company, including information on private classes and upcoming conference appearances, please

visit our Web site, www.ConcentratedTech.com.

For links to newly-posted decks, follow us on Twitter:@concentrateddon or @concentratdgreg

This work is copyright ©Concentrated Technology, LLC
