Practical Powershell Part 1 of 2

I began my journey with Powershell rather causally as an easy way to kill out of control processes on Windows systems. When I began my journey towards MCSA certification for Windows Server 2012 R2, I dove deep into the world of Powershell and really began to understand the full range of possibilities. Being that Powershell is a topic near and dear to my heart, there will be far too much to cram into one lengthy blog post, rather this will be the beginning of a short series on practical Powershell for everyday. Powershell is written in verb-noun structured statements and takes a variety of flags, allows for piping into other commands, and has the ability to output a variety of different files.

 

Using Powershell to Manage Processes and Services

I think every Windows admin has found themselves in the position of dealing with a process or service that has hung and just won’t stop, even when killed from task manager. To be completely honest now that I’ve started using Powershell heavily, I hardly ever kill processes in task manager, as I’ve found Powershell to be more efficient and direct.

To list processes use the get-process or gps command. This will all processes on the system whether they are running or not. Similarly the get-service command will list all services. If you are trying to list a specific service such as VSS you can use get-service VSS. If you are interested in seeing only the services or processes that are running, you can pipe the get statement into a where object statement such as get-service | where-object status -eq running. To kill a running service (such as the Spooler in this example) use the syntax stop-service spooler, please note you will need have launched Powershell as administrator or you may get a permissions error. The same method can be used to Stop-Process, or you can use the shortened version (to kill Firefox in this example) with the following syntax ps firefox | kill.

 

Using Powershell to Install Windows Features

With the growing popularity of Windows Server Core installations, it can be handy to know how to install and manager Windows server Roles and Features through Powershell. This becomes particularly advantageous if you are working with clustering where you need to install multiple roles or features across multiple servers. The syntax to view all roles and features is Get-WindowsFeature. To view only features that installed on a system you can use Get-WindowFeature | where-object InstallState -eq Installed. To install a role or feature use the Install-WindowsFeature featurename command. You can also include the -IncludeAllSubFeature and or -IncludeManagementTools flags to install additional options. If you need to install the same feature on multiple servers you can string these together using the Invoke-Command functions, see the example below where we are installing Active Directory Domain Services on DC1 and DC2:

Invoke-Command -ComputerName DC1,DC2 -ScriptBlock {Install-WindowsFeature AD-Domain-Services -IncludeManagementTools}

Common Active Directory Tasks

If you administer a domain with account lockout policies, you will no doubt run across cases where users will lock themselves our of their accounts. A simple query will tell you if there are any accounts locked out and if so which ones using the syntax Search-ADAccount -LockedOut. Once you’ve identified the accounts that are locked out you can unlock them by using Unlock-ADAccount username or you can simply hit the up arrow and pipe the unlock statement to the original query ex: Search-ADAccount -LockedOut | Unlock-ADAccount.

You can also use Powershell to add users into groups. I find that for most practical cases ADUC or ADAC works sufficiently for this task, however if you’re doing this remotely on a touchscreen device like a smartphone it can be difficult to navigate either of these tools. Instead I leave a Powershell window open on one of my DCs all the time so that I can handle these requests on the go. The syntax is as follows Add-ADGroupMember -Identity nameofadgroup -members username1,username2. Where this method becomes extremely useful is when batch adding users through scripting.

Similarly if you ever get requests to pull reports regarding the membership of a specific group, Powershell makes quick and easy work out of this. You can use the following quick one liner Get-ADGroupMember -Identity groupname | ft Name | Out-File -FIlePath C:GroupNameMembers.txt

Moving FMSO Roles

If you’ve ever had the pleasant task of having to migrate FSMO roles from one DC to another or worse yet seizing FSMO roles from a failed DC, you understand the fun of having to use multiple different GUI tools to accomplish this task. Powershell makes this task a lot easier using the Move-ADDirectoryServerOperationMasterRole -Identity DCtohostrole -OperationMasterRole FSMONameorNumber. If you are seizing the role from a failed DC use the -Force flag at the end of the line. Note that to move forest wide roles you should be a member of Enterprise Admins security group and to move the Schema Master you need to be part of the Schema Admins security group. Powershell also allows you to specify numbers instead of role names when moving a FSMO role. FSMO names and numbers are listed below:

PDCEmulator 0

RIDMaster      1

InfrastructureMaster 2

SchemaMaster 3

DomainNamingMaster 4

Restarting or Shutting Down Multiple Machines

The Stop-Computer cmdlet is used to shutdown, and the Restart-Computer cmdlet is used to reboot. If other users are logged in you may need to issue the -Force flag to reboot or shutdown anyways. Using the Invoke-Command statement we used earlier you can restart multiple servers or shut them down by leveraging this syntax. See the example below:

Invoke-Command -ComputerName Server1,Server2,Server3 -ScriptBlock {Restart-Computer -Force}

Thanks for reading, I hope you find Powershell to be as useful of a tool as I do. It’s quite powerful in its use for simple one liner commands, but becomes even more powerful as you start building out scripts leveraging Powershell’s ability to create variables and process some fairly complex scripting logic. In the next session we will cover some additional topics related to Powershell.

Leave a Reply

Your email address will not be published. Required fields are marked *

4 × 5 =