Leveraging PowerShell for Active Directory Administration


Introduction


PowerShell is nothing new. It has been around for quite some time. However, most Active Directory administrators that I run into are not aware of how to use PowerShell, neither how powerful it is. Over the past few months I have been dabbling in some of the capabilities and the power that PowerShell provides, and I have been amazed. As a network admin, security professional and constant pursuer of things that make my life easier, PowerShell fits perfectly into that model.



Why PowerShell?


PowerShell is a result of years of Microsoft getting kicked in the teeth by the Unix community for not having a command line solution similar to that of Unix. Of course, the Microsoft command line, CMD, is no match for that of Unix, which is why the abuse for so many years. It was not too long ago that Microsoft got fed up with this and hired a single individual to build PowerShell from the ground up. PowerShell is neither a morph of Unix, nor comparable to the CMD interface. It is 100% new and exciting.


The name, PowerShell, is perfect, as it is truly powerful. PowerShell is a one-stop-shop for nearly everything Active Directory, server, operating system, Registry, services, Event Log, etc. There has also been much advancement with GUIs and other tools that have been built to help you in your quest to administer your Windows networks. We will cover some of those here.


Obtaining PowerShell


PowerShell is not installed by default on most Windows computers, so you will need to download and install the tool so you can use it. Here is a summary of the OS’s and where you can get the install bits:


Version 1.0 (download details)



  • Windows XP
  • Windows Server 2003
  • Windows Vista
  • Windows Server 2008

Version 2.0 (download details)



  • Windows XP with SP3
  • Windows Server 2003 with SP 2
  • Windows Vista with SP1
  • Windows Server 2008
  • Windows 7
  • Windows Server 2008 R2

PowerShell Cmdlets


In order to get you started, Table 1 lists some of the PowerShell Cmdlets that come “baked-in” with the environment. Just type the command and you will be able to start your control immediately.
































































Windows PowerShell
(Cmdlet)


Description


Get-ChildItem


List all files / directories in the (current) directory


Get-Content


Get the content of a file


Get-Command


List available commands


Get-Help


Help on commands


Clear-Host


Clear the screen


Copy-Item


Copy one or several files / a whole directory tree


Move-Item


Move a file / a directory to a new location


Remove-Item


Delete a file / a directory


Rename-Item


Rename a file / a directory


Get-Location


Display the current directory/present working directory.


Pop-Location


Change the current directory to the directory most recently pushed onto the stack


Push-Location


Push the current directory onto the stack


Set-Location


Change the current directory


Tee-Object


Pipe input to a file or variable, then pass the input along the pipeline


Write-Output


Print strings, variables etc. to standard output


Get-Process


List all currently running processes


Stop-Process


Stop a running process


Select-String


Print lines matching a pattern


Set-Variable


Set the value of a variable / create a variable


Table 1: Built-in cmdlets for PowerShell.


Getting PowerShell Running and Examples


Like most other applications that you install in Windows, you can browse to the EXE, type the command into the Run box, or click it off of the menus. PowerShell will launch just by typing powershell and you are up and running. Below is the PowerShell interface running on a Windows Vista computer.


Below is the simplest, yet most important of the cmdlets, directions! Just type get-help and you will see the results shown in Figure 1.



Figure 1: Get-help cmdlet output


If you want more information on a specific cmdlet, you can combine the get-help with the other cmdlets. Figure 2 illustrates the output from running get-help with get-service.



Figure 2: Get-help get-service cmdlet combo


When you run a cmdlet to get information, you have two options, with or without switches. Figure 3 illustrates the get-service cmdlet with no switches.



Figure 3: get-service cmdlet output


Figure 4 shows the displayname switch when used to display the services that have the word “network” included. This is useful when parsing a long list of services and trying to troubleshoot/view only a subset of them. 



Figure 4: get-service using -displayname switch


What Else Can PowerShell Control?


PowerShell has grown in leaps and bounds, not only for controlling Microsoft operating systems, but also for many applications that run on Microsoft. Table 2 provides a list of some other applications and products that PowerShell has been ported over to support.






































Application


Exchange Server


Windows Server


Microsoft SQL Server


System Center Operations Manager


System Center Virtual Machine Manager


System Center Data Protection Manager


Windows Compute Cluster Server


Microsoft Transporter Suite for Lotus Domino


Microsoft PowerTools for Open XML


Quest Management Shell for Active Directory


Special Operations Software Specops Command


VMware Infrastructure Toolkit


Internet Information Services


Windows 7 Troubleshooting Center


Microsoft Deployment Toolkit


NetApp Data ONTAP PowerShell Toolkit


Table 2: PowerShell supported applications and products


Where Can I Get More PowerShell cmdlets?


There are plenty of options out there for pre-built cmdlets. I did some work the other day for a customer and found a ton of amazing cmdlets at the Microsoft site. You can also use individuals, such as the Microsoft PowerShell MVPs, who typically provide cmdlets for free and they work very well. As a Group Policy MVP, I have also used the Group Policy cmdlets that are available from www.sdmsoftware.com.


A few notes on how to get these cmdlets to run successfully in your PowerShell tool.



  1. Make sure you are running the latest PowerShell version you can, to ensure the cmdlets are supported.
  2. If the cmdlet is not signed, which it will most likely not be, you will need to get PowerShell to run it without the signature. To do this, you will run set-executionpolicy, then type remotesigned at the prompt. (Note: you need to be a local administrator in order to loosen up the security on PowerShell on your computer. So, if you are running UAC on a Windows 7 computer, you will need to run as Administrator first.)
  3. Save all cmdlets to a common folder, say c:\Pscmdlets.
  4. Move the PowerShell focus to your cmdlets folder.
  5. Run the PowerShell cmdlets by adding a “.\” before the name of the cmdlet. For example, you would run .\cmdlet1.

Summary


PowerShell is here, real, and extremely powerful. If you have not tapped into the power, then you must. In this introductory article I have given you the arsenal to download and start using PowerShell. In the future articles I will be giving you some inside tips and commands that you can run to gather and control tons of great information from all over your Windows network.

Leave a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top