Windows Powershell

1. Starts copying all powershell window output to file (filename output to window)

1. Stops copying powershell window output to file (filename output to window)

1. Set an alias (shortcut abbreviation to a function)

1. Finds all processes
2. Then pipes all processes to a filter (cpu>1)
3. Then pipes filtered processes to a descending sort based on the "cpu" member property

1. Used in a piped expression to act on each item as directed in the bracketed clause
2. The $_. prefix followed by the property name, refers to the object within the iteration

1. Represents the current item in the iteration

1. Filters process to only the one named 'chrome'

1. Loops can be named and break statement can specify a specifc loop to break out of
2. :outerloop foreach(...){ break outerloop}

1. Like "break", continue can also specific a loop name to return to

1. Displays all variables including system built-in variables

1. $ten = 10
2. $ten.GetType() returns int32
3. $ten | Get-Member returns all methods on the int32 object

1. "no variable".ToUpper() returns "NO VARIABLE"
2. (10).GetType() returns int32

1. [System.Int32]$ten = 10

1. Includes $false, $true, $null
2. $pth is the current location (equivalent to Get-Location)
3. $home is the path for the user's directory
4. $pid is the current process id

1. "..." -like
   1. "Pizza Parlor" -like "?izza *"
   2. ? matches a single wildcard character
   3. * matches multiple characters
2. "..." -match
   1. Regular expression matching: "55126-8967" -match "[0-9]{5}-[0-9]{4}"

1. Double quotes(")
2. Single quotes(')
3. Here-Strings or multi-line strings: @" "@
   1. Also works with single quotes (must be double quotes)
   2. The closing quote ("@) must not be indented (must be flush with start of line)
   3. Need to be inside the ISE for this to work (not the immediate window)

1. Variables may be enclosed in strings
   1. "There are $ten items in the list" will replace the $ten with its value
2. Expressions may be used in strings
   1. "There are $((Get-ChildItem).Count) items in this folder: $(Get-Location)"
   2. "BMI is $(($wtKg)/($htM*$htM))"
3. String formatting
   1. "There are {0} {1} in the {2}." -f $ten,"bugs","soup"
   2. "{0,8}" -f "hello" will right justify "hello"
   3. Used when specific formatting of variable value is needed (e.g. currency format, dates)
      1. Currency: "{0:C2} is in dollars" -f 12.25
      2. Hemidecimal: "{0:X0}" -f 250 will display the hex conversion of 250
      3. DateTime: "{0:MM/dd/yyyy hh:mm:ss}" -f $(Get-Date) will output current date as formatted
      4. Percent: P1 for one decimal, P2 for 2 decimal places

1. CrLf: `r`n
2. Tab: `t
3. Backtick will treat undefined characters as text (e.g. `$, displays a "$", not a variable)

1. $arr -contains 2 if the array contains the number 2; -NotContains may also be used

1. $arr1 = 1,2,3,4,5
2. $arr2 = 1..5
3. $arr = $arr1, $arr2
   1. Creates a 2 dimensional array with 5 columns (1-5) in each of 2 rows
   2. $arr[0][1] accesses the item in the first column in the second row
4. $arr = @(1,2,3,4,5)
   1. Formal notation (but usually short form is used as above)
   2. $arr = @() creates an empty array
5. $arr[2] ="this replaces the third item"
6. $arr += "appending new item to array"
7. $arr -join ";"
   1. Concatenates each string in the array with a semi-colon
8. $arr[2..4]
9. $arr.Count

1. $hash.Contains("hello") if there is a key "hello"; -NotContains may also be used
2. $hash.ContainsValue("hello contents")
3. $hash.Keys
4. $hash.Values

1. $hash = @{a=1; b=2}
2. $hash['a'] = 5
3. $hash.$a if we set the $a="a"
4. $hash.Remove("a")

$param1)...

"hello")

1. Begin
   1. Runs once before process is started (init code). Optional and may be ommitted
2. Process
   1. Called for one iteration for each item piped to the function
   2. Can return an item for each iteration which allows for other function to pipe from this one
3. End
   1. Runs once before function exits (cleanup code). Optional and may be ommitted

1. begin {}
2. process { if ($_ -lt 10) return $_ }
3. end {}

1. [cmdletBinding()]
2. param ( [Parameter(Mandatory=$false, HelpMessage="Type something here")]
3. [int] $param =54

1. Place just below the function opening bracket

1. .SYNOPSIS, .DESCRIPTION, .PARAMETER, .EXAMPLE, .INPUTS, .OUTPUTS, .NOTES, .LINK

1. <# .SYNOPSIS I just made this up #>

1. Standard class definition defines a property (MyProp) with optional default value and function (MyFunction)
2. If function has no return value, define as [void]

1. MyClass(){...}
2. MyClass([string] param1){...}

1. static MyFunction([string] param2) { return param2 }
2. static

   $MyProp = 'default value'

1. Starts with period "." followed by the path and filename: . path/file.ps1

1. Use New-GUID to generate a new GUID

1. File path of currently executing code

1. Shows the default locations (win env) Powershell will look for modules

1. Import-Module path\module_name.psm1 imports the module into the current code

1. Forces a reload of imported module

1. Unloads a module from memory (pass the module name)

1. Globals can be defined in the module: $Global : myGlobal
2. Best practice, however, is to avoid globals and return values from functions
   1. Script Variables, $Script : myScriptVar, may be returned from functions

1. Best to explicitly make functions public (and others default as private)
   1. Once a module defines any function as public, all other functions will become private as default
2. Export-ModuleMember MyFunction-Public
   1. Exports a function as a public function
   2. All non-exported functions will be private

1. Lists all "process" related topics (with * as wildcard) for which help is available

1. Shows basic information about the Start-Process command

1. Shows all help information including examples for Start-Process

1. Shows examples for the topic

1. Gets all of the "About" topics in powershell

1. Opens online help in browser

1. Gets all commands in powershell

1. Gets all commands with DNS in the name

1. Shows all commands that relate to process

1. Shows all get commands

1. Displays all member property and method names of the Get-Process command

1. Displays all member properties AND their values

1. Precaution: As with all registry edits, backup before hand (regedit > export, and/or set windows Restore point)
2. Computer -> HKEY_CURRENT_USER > console

1. $profile = "~\Documents\WindowsPowerShell\Microsoft.PowerShellISE_profile.ps1"

1. $profile | select *

1. if ($(Test-Path $profile) -eq false) {...}
2. New-Item -ItemType file -path $profile -force
3. psEdit $profile
   1. Loads the profile file path (stored in $profile) into the Powershell ISE
4. Invoke-Item $profile

1. Get-Help About_Profiles

1. Set within group policy

1. Valid for this user or for all users on local machine

1. Setting only for current process

1. Create the certificate using powershell
   1. New-SelfSignedCertificate -DnsName mySite.myCompany.com -CertStoreLocation cert:\LocalMachine\My
   2. $Password = ConvertTo-SecureString -String “myPassword” -Force –AsPlainText
   3. Export-PfxCertificate -Cert cert:\LocalMachine\My\123... -FilePath C:\cert.pfx -Password $Password
   4. http://woshub.com/how-to-create-self-signed-certificate-with-powershell/
2. Alternative: Self-sign certificate process using older process with MakeCert
   1. http://www.hanselman.com/blog/SigningPowerShellScripts.aspx
3. Confirm certificate exists
   1. Get-ChildItem cert:\CurrentUser\My -CodeSigningCert
   2. Use CertIm.msc also displays certificates (will be in personal folder)
4. Apply signed certificate to the script
   1. $certificates = Get-ChildItem cert:\CurrentUser\My -CodeSigningCert
   2. Set-AuthenticodeSignature myFile.ps1 @($certificates)

1. Windows utility that displays all certificates

1. Displays all commands related to code signing

1. Enable remoting on machine to receive connection

1. Perform Restart-Service WinRM after executing set trusted host command
2. Where IPAddressHost is of the machines you wish to trust
   1. Alternatively, IPAddressHost may be replaced with * wildcard to trust all hosts (dangerous)
3. Needed on home networks (but not if machines are on the same domain)
   1. Perform on both host and client machines

1. Returns information regarding the remote if normal (otherwise, fails)

1. Install on client machine that will issue powershell commands

1. Get-NetConnectionProfile
   1. Displays network connections
2. Set-NetConnectionProfile -InterfaceAlias "myEthernetPublic" -NetworkCategory Private
   1. Sets the named network connection ("myEthernetPublic") to private
   2. May be changed back to public with attribute -NetworkCategory Public

1. Starts interactive session in Powershell with remote computer

1. Runs commands (or scripts) on local or remote computers
2. Invoke-command -ComputerName myOtherComputer -ScriptBlock {Get-Process}

1. Displays contents from current directory (equivalent to get-childitem)

1. Change directory (e.g. cd "~/")

1. Make directory

1. Remove directory (if adding the "/s" switch, remove directory is forced even if subfolders)

1. Copy files and folders

1. Delete files (e.g. del 'i:\bogus\*.md /f')
2. Force switch ("/f") forces the delete

1. Format drive specified
2. Where /q = quick format and /v: VOL = volume label

1. Manage disks, partitions and volumes

1. Show disk status and also corrects errors

1. Get Running tasks, their process ID (PID) and image name

1. Kills Running process with ID 111, and with switch "/T", will kill all sub-processes

1. Refreshes group policy (local and active directory) with or without force switch (/f)

1. Displays who is logged onto system and what group policies are being applied
2. Evaluates RSoP (Resultant Set of Policy)

1. netsh wlan show drivers

1. Where -f = forces, -r = restart and -t = timer

1. Troubleshoot and repairs/recover boot record

1. Scans protected system files and confirms/validates these files

-reinstall

1. Add-Member -InputObject $object -memberType NoteProperty -Name Prop1 - Value "one"
2. $object | Add-member -memberType NoteProperty -Name Prop1 - Value "one"

1. Both MyPropAlias and prop1 will refer to the same property on $object

$prop1); $this.MyProp = $prop1}