Active Directory How-To

Managing Active Directory with PowerShell Cmdlets

Here's a breakdown of some helpful cmdlets to get you up and running.

• By Troy Thompson
• 12/16/2015

If you are still clinging to the old DOS command prompt, you are not alone. There are still some things you can do quickly using the command prompt. In addition, you may already be familiar with the syntax. PowerShell is the DOS command prompt on steroids. It is a powerful tool that allows you to manage your workstation, server or Active Directory network. Technically, PowerShell is an extensible, objected-oriented scripting language with full support for variables, looping and pipelining. In this article, we'll look at some PowerShell cmdlets that can make your life a bit easier.

Windows PowerShell is a command-line interface (CLI), which does not have menus or graphical systems to help you. In order to use the cmdlets, you must already know the cmdlets you wish to use. In order to find a list of cmdlets available to you, open a PowerShell command and type the cmdlet

Get-command

This will show you a list of available cmdlets. You will notice that there are hundreds available. Since it would be impossible to know the syntax for hundreds of commands, PowerShell has a command that helps you learn how to use it. The Get-Help cmdlet will explain the syntax of a cmdlet as well as provide examples of how to use them.

For instance, if you need help with the cmdlet Resume-Service, you would type:

Displaying the help will show you the display the Name, Syntax, Aliases and Remarks for the cmdlet.

Several other useful cmdlets are explained below.

Get-Process: This cmdlet retrieves information about active processes on a system. In order to see the processes running on your computer, from a PowerShell prompt, type:

Get-process

Just as in the DOS world, if you want to redirect the contents of the cmdlet you are executing to a text file, you can still use the redirect prompt. To send a list of the processing running on your computer to a text file, type:

Get-process > process.txt

This cmdlet will not show the output on the screen, but will instead redirect it to a file called process.txt. Using the redirect can be dangerous as it will overwrite any file with the name you specify without asking permission. If you have several cmdlets you wish to run and want to save all the output to a single file, be sure to use the >>. Otherwise, you will overwrite your existing data. Using the >> will append new data to the existing file. For instance, if you wanted a list of the files in a folder output to a file, you could type:

dir >> output.txt

To append the running processes to that file, you would simply type:

Get-process >> output.txt

Now the file output.txt will contain the information from both cmdlets. To convert a cmdlet's output to an HTML file, you can use the following:

Get-process | ConvertTo-HTML -Property  Name, Status > output.txt

Get-Eventlog: The Get-Eventlog cmdlet retrieves Windows event logs. To get a list of the 15 most recent entries from the system event log, you would type:

Get-eventlog -newest 15 -logname 

To output that information to a file name event.txt, you would type:

Get-eventlog -newest 15 -logname system  > event.txt

As mentioned earlier, the file event.txt will be overwritten if it exists or created if it does not. To append date from the cmdlet you would use the >> redirect.

Get-service: The Get-Service cmdlet gets objects that represent the services on a local computer or on a remote computer, including running and stopped services.  By typing Get-service at the prompt, you get a list of all services on a computer and the status of the service. If you want to limit the list, you can use a wildcard. For instance, Get-service Wa* will return only the services that begin with Wa.

Stop-service: This cmdlet stops one or more running services. If you want to stop the Print Spooler service, you would type

Stop-service Spooler 

Start –service: This cmdlet starts one or more stopped services. If you want to start the Print Spooler service, you would type

Start-service Spooler 

One of my favorite cmdlets is Rename-computer. This cmdlet allows you to remotely rename a computer. By using this cmdlet, you do not have to visit or remote into the computer to rename it. The syntax for this is shown below:

Rename-computer –computername "bills-PC" –newname "williams-PC"  –domaincredential domain\username –force –restart

If you get a chance, use the Get-command cmdlet and browse through the different cmdlets available. One other great thing about PowerShell cmdlets is that you can automate them to some degree. One of the simplest ways is to have the cmdlets you wish to run on a regular basis stored in a text file. You can copy the cmdlets from the text file and paste them into the PowerShell prompt. You can paste multiple cmdlets at the same time and they will run in sequential order. They can also be included in a batch file or other scripting languages.