Book One

Script Compatibility

Code written for PowerShell Core should usually (hopefully) run as is on Windows PowerShell too, but the reverse is often not true.

In your scripts, you can test for which edition of PowerShell is being used:

$PSVersionTable.PSEdition               # Will be "Core" or "Desktop"

There are five main Windows PowerShell "hosts" from Microsoft:

PowerShell Console
PowerShell ISE
Visual Studio Code
Windows Admin Center
Powershell Web Access

Information about the hosting process for the PowerShell engine in front of you right now can be displayed by using the built-in $host variable:

$host

PowerShell Core Host Processes

PowerShell Console
Visual Studio Code

To see what version of PowerShell you are running now:

$psversiontable                         # See the PSVersion property.

To see which versions of PowerShell the current running shell is compatible with:

$PSVersionTable.PSCompatibleVersions

64-bit (x64) versus 32-bit (x86)

To test whether the OS and/or PowerShell are running the 64-bit versions:

[Environment]::Is64BitOperatingSystem
[Environment]::Is64BitProcess

Tips for Executing Commands

Here are some tips for executing commands in PowerShell.

Your New Best Friend: Tab Completion

The key habit to learn in PowerShell is using tab completion. By typing a few letters of a cmdlet, function, parameter, or file, you can press the Tab key to auto-complete the name. This speeds up typing, reduces errors, and prevents fatigue from typing long names.

Tip: If you accidentally hit the Tab key too fast and go past what you wanted, hit Shift-Tab to go backward to the prior options

Put "." in Front of Scripts or Executables in the Current Directory

.\HelloWorld.ps1

Script Execution Policy

If you cannot run any scripts at all, run the following command (you only have to do it once):

Set-ExecutionPolicy -ExecutionPolicy Bypass -Force

Open Script in New Tab

A fast way to open a text file in a new tab in PowerShell ISE is from the command line:

ise .\HelloWorld.ps1
psedit .\HelloWorld.ps1

Run Selection in PowerShell ISE

In PowerShell ISE, if you open a script for editing, you can highlight one or more lines from that script and execute just those highlighted lines.

Running Native Commands

All of the following commands work in PowerShell just like they do in CMD:

ipconfig.exe | findstr.exe /i "gateway"

netsh.exe firewall show config > outfile.txt

notepad.exe boot.ini

.\boot.ini

.\myvbscript.vbs >> outfile.txt

wscript.exe \\server\share\script.vbs -x -y -z

cmd.exe /c mybatchscript.bat

.\mybatchscript.bat

To see what native commands must be run in powershell.exe, not ISE, run:

$psUnsupportedConsoleApplications

Piping ( | ) and Redirection Operators ( >, >>)

When you want to feed the output of one command into a second command as input, use the pipe ("|") operator.

Get-Process | Format-List *

If you want to redirect (">" or ">>") the output of a command to a file, it'll usually work as expected, but it is better to use cmdlets like Out-File and Export-Csv instead.

Get-Service | Export-Csv -Path services.csv

Get-Process | Out-File -FilePath processes.txt -Append

Separate Multiple Commands on One Line with Semicolons

If you want to run multiple commands with a single line, just separate each command with a semicolon. A semicolon at the very end of a line or command is not required.

Getting Help in PowerShell

To get help about the get-help cmdlet itself:

Get-Help

To see a list of all cmdlets, aliases, providers, and help files:

Get-Help *

To see a listing of cmdlets that match a particular pattern:

Get-Help Set-*

Get-Help *loc*

To get more detailed help for a cmdlet, including parameter syntax and examples:

Get-Help -Full Get-Process

To pop up a searchable graphical window to display the help text:

Get-Help Get-Process -showwindow

Update Help

To update the local help files from Microsoft, if you have internet access:

Update-Help -Verbose

HELP and MAN

help about_Aliases
man about_Aliases

Get-Help About_Help Topic

To see a listing of all help files:

Get-Help about*

The following command will open a separate graphical window with the help text, and it includes a search box too:

Get-Help about_Functions

The following command will open a separate graphical window with the help text, and it includes a search box too:

Get-Help about_WMI -ShowWindow

Aliases

An "alias" is an alternative name for a frequently-used cmdlet, function, script, file, or executable.

Alias	Cmdlet
dir	Get-ChildItem
ls	Get-ChildItem
cls	Clear-Host
echo	Write-Output
type	Get-Content
del	Remove-Item
ps	Get-process
cd	Set-Location
pwd	Get-Location
sort	Sort-Object
cp	Copy-Item
where	Where-Object
?	Where-Object
%	ForEach-Object
kill	Stop-Process
gm	Get-Member
select	Select-Object

Alias

Cmdlet

dir

Get-ChildItem

cls

Clear-Host

echo

Write-Output

type

Get-Content

del

Remove-Item

Get-process

Set-Location

pwd

Get-Location

sort

Sort-Object

Copy-Item

where

Where-Object

ForEach-Object

kill

Stop-Process

Get-Member

select

Select-Object

To see all the aliases defined in the current shell:

Get-Alias *

To see how a particular alias, like "cd", is mapped:

Get-Alias cd

To create a new alias for notepad.exe named "nn":

New-Alias nn notepad.exe

To change an existing alias to point toward some other target:

Set-Alias nn netsh.exe

To read more about aliases and how to manage them:

help about_Aliases

Objects, Properties, and Methods

Let's get an object that represents the LSASS.EXE process:

$procsses = Get-Process -Name powershell_ise

$Process.Name
$Process.Id
$Process.Company
$Process.Description
$Process.StartTime
$Process.VirtualMemorySize
$Process.Modules                #This property has lots of objects inside it!

And a process object also has an interesting and dangerous method:

$Process.Kill()                 # But don't do it

Get-Member (Alias: gm)

To show properties, methods, and class type:

Get-Process | Get-Member

If you have captured the output of a command to a variable, but you don't know what kind of data it is or what its members are, pipe that variable into get-member:

$x = Get-Item hklm:\
$x | Get-Member

To see the members of the first item in an array and then see the members of the array itself (an array of objects is of type "System.Object[]"):

$output = dir c:\
$output | Get-Member                    # Members of the first item in array

Get-Member -InputObject $output

Drives and Environment Variables

"Drives" are more than just disk volumes. To see your currently available drives:

Get-PSDrive

dir hkcu:\

dir env:\

$env:PATH
$env:COMPUTERNAME
$env:SYSTEMROOT

To see your currently installed providers and their corresponding drive names:

Get-PSProvider

Cmdlets for moving around in drives of any type, from any provider, with full support for relative path addressing (using "." and "..") and tab completion:

get-location (aliases: gl, $pwd)
set-location (aliases: sl, cd, chdir)

Get-Location
$pwd
Set-Location hkcu:\software\microsoft\windows\
cd env:\
C:

Cmdlets for manipulating items in drive containers:

new-item (alias: ni, but see also mkdir)
remove-item (aliases: ri, del, rm, rd, rmdir)
move-item (aliases: mi, move, mv)
copy-item (aliases: cpi, copy, cp)
rename-item (aliases: rni, rn, ren)

New-Item $HOME\file.txt -Type File

New-Item $HOME\Testfolder -Type Directory

New-Item HKCU:\Software\somekey -Type key

New-Item HKCU:\Software\somekey\somevalue -Type value

del HKCU:\Software\somekey\somevalue        # Delete
ren hkcu:\software\somekey otherkey         # Rename

Cmdlets for accessing the properties of an item or multiple items:

get-item (alias: gi)
get-childitem (aliases: gci, dir, ls)
set-item (alias: si)
clear-item (alias: ci)

Get-Item Env:\SystemRoot

Get-Item function:\more

Get-Item C:\Windows | Get-Member

Get-ChildItem C:\Windows\*.exe

Get-ChildItem \\localhost\C$

dir Cert:\CurrentUser\Root

Set-Item Variable:\fishtype -Value "Trout!"
Clear-Item Variable:\fishtype

Cmdlets for accessing an individual property of an item:

get-itemproperty (alias: gp)
set-itemproperty (alias: sp)
clear-itemproperty (alias: clp)
rename-itemproperty (alias: rnp)
move-itemproperty (alias: mp)
remove-itemproperty (alias: rp)
copy-itemproperty (alias: cpp)

Get-ItemProperty $HOME | Format-List *

Get-ItemProperty $HOME -Name CreationTime

Cmdlets specifically for working with strings and the contents of files:

get-content (aliases: gc, type, cat)
set-content (alias: sc)
add-content (alias: ac)
clear-content (alias: clc)

Get-Content $env:windir\inf\volsnap.inf

Get-Content Variable:\HOME

Get-Content .\somefile.txt -wait         # Similar to 'TAIL.EXE -F'

Get-Service | Set-Content c:\services.txt

Creating New PowerShell Drives

To map the "share:" drive to the "\localhost\c$" UNC network path:

New-PSDrive -Name share -PSProvider FileSystem -Root \\localhost\C$
cd share:

PreviousPowershell Scripting Fundamentals NextSans SEC504

Last updated 7 days ago