Difference between revisions of "Powershell"
Line 3: | Line 3: | ||
[http://www.dawgland.com/Enable_PowerShell/ Enabling PowerShell Script Execution] | [http://www.dawgland.com/Enable_PowerShell/ Enabling PowerShell Script Execution] | ||
<br /><br /> | <br /><br /> | ||
+ | |||
+ | === DOS/CMD - Miscellaneous Command Line Commands === | ||
+ | This command shows how long a Windows computer has been powered on since the last time it was shut down or rebooted, which can be helpful when diagnosing issues with a sluggish, slow-responding system. this is also known as a system's "Uptime". This is the command along with it's output. Note the line starting with "Statistics since", which shows the actual date and time the system was last poewred on. | ||
+ | <pre style="color:blue"> | ||
+ | C:\Users\Administrator.DAWGLAND>net stats workstation | ||
+ | Workstation Statistics for \\WIN22VM01 | ||
+ | |||
+ | |||
+ | Statistics since 2/6/2023 10:22:32 AM | ||
+ | |||
+ | |||
+ | Bytes received 502580 | ||
+ | Server Message Blocks (SMBs) received 2 | ||
+ | Bytes transmitted 952389 | ||
+ | Server Message Blocks (SMBs) transmitted 0 | ||
+ | Read operations 366 | ||
+ | Write operations 0 | ||
+ | Raw reads denied 0 | ||
+ | Raw writes denied 0 | ||
+ | |||
+ | Network errors 0 | ||
+ | Connections made 0 | ||
+ | Reconnections made 0 | ||
+ | Server disconnects 0 | ||
+ | |||
+ | Sessions started 0 | ||
+ | Hung sessions 0 | ||
+ | Failed sessions 0 | ||
+ | Failed operations 0 | ||
+ | Use count 109 | ||
+ | Failed use count 0 | ||
+ | |||
+ | The command completed successfully. | ||
+ | </pre> | ||
+ | |||
=== Enabling & Configuring OpenSSH Server on Windows Using PowerShell === | === Enabling & Configuring OpenSSH Server on Windows Using PowerShell === | ||
Line 10: | Line 45: | ||
<pre style="color:blue"> | <pre style="color:blue"> | ||
+ | |||
+ | === AD-DS - Active Directory - Domain Services === | ||
+ | Here is the DOS/CMD command to show the current state of each of the 5 FSMO roles configured for MS AD-DS using the "netdom query fsmo" command: | ||
+ | <pre style="color:blue"> | ||
+ | C:\Users\Administrator.DAWGLAND>netdom query fsmo | ||
+ | Schema master win19vm10.dawgland.com | ||
+ | Domain naming master win19vm10.dawgland.com | ||
+ | PDC win19vm10.dawgland.com | ||
+ | RID pool manager win19vm10.dawgland.com | ||
+ | Infrastructure master win19vm10.dawgland.com | ||
+ | The command completed successfully. | ||
+ | </pre> | ||
+ | <br /><br /> | ||
+ | As you can see from the output of the "netdom query fsmo" command, all 5 roles are hosted on the same Windows Server 2019 machine/VM. This is required information when it comes time to migrate AD-DS from an older server to a newwer server with a newer version of MS Windows Server. | ||
+ | <br /><br /> | ||
=== Miscellaneous PowerShell Commands === | === Miscellaneous PowerShell Commands === |
Revision as of 04:50, 10 February 2023
Windows PowerShell Information
Enabling PowerShell Script Execution
DOS/CMD - Miscellaneous Command Line Commands
This command shows how long a Windows computer has been powered on since the last time it was shut down or rebooted, which can be helpful when diagnosing issues with a sluggish, slow-responding system. this is also known as a system's "Uptime". This is the command along with it's output. Note the line starting with "Statistics since", which shows the actual date and time the system was last poewred on.
C:\Users\Administrator.DAWGLAND>net stats workstation Workstation Statistics for \\WIN22VM01 Statistics since 2/6/2023 10:22:32 AM Bytes received 502580 Server Message Blocks (SMBs) received 2 Bytes transmitted 952389 Server Message Blocks (SMBs) transmitted 0 Read operations 366 Write operations 0 Raw reads denied 0 Raw writes denied 0 Network errors 0 Connections made 0 Reconnections made 0 Server disconnects 0 Sessions started 0 Hung sessions 0 Failed sessions 0 Failed operations 0 Use count 109 Failed use count 0 The command completed successfully.
Enabling & Configuring OpenSSH Server on Windows Using PowerShell
First, confirm the current state of the OpenSSH Server and OpenSSH Clients, whether either are installed, enabled, and configured.
Type this command to check the current status of both the server and client:
=== AD-DS - Active Directory - Domain Services === Here is the DOS/CMD command to show the current state of each of the 5 FSMO roles configured for MS AD-DS using the "netdom query fsmo" command: <pre style="color:blue"> C:\Users\Administrator.DAWGLAND>netdom query fsmo Schema master win19vm10.dawgland.com Domain naming master win19vm10.dawgland.com PDC win19vm10.dawgland.com RID pool manager win19vm10.dawgland.com Infrastructure master win19vm10.dawgland.com The command completed successfully.
As you can see from the output of the "netdom query fsmo" command, all 5 roles are hosted on the same Windows Server 2019 machine/VM. This is required information when it comes time to migrate AD-DS from an older server to a newwer server with a newer version of MS Windows Server.
Miscellaneous PowerShell Commands
Here are some of the PowerShell commands I use regularily to to manage Windows machines:
Create NEW Active Directory Domain Controller/AD DS: Install-WindowsFeature -Name AD-Domain-Services -IncludeManagementTools Install-ADDSForest -DomainName thebestlinux.net -DomainNetbiosName THEBESTLINUX -InstallDNS OTHER COMMANDS: Disable IPv6 on ALL NIC’s: Disable-NetAdapterBinding -Name Ethernet* -ComponentID ms_tcpip6 Get-NetTCPConnection Get-NetConnectionProfile Get-NetAdapter Set-DnsClientServerAddress -InterfaceIndex 3 -ServerAddresses ("192.168.200.103","192.168.200.121","75.75.76.76") Install-Module PSWindowsUpdate Set-PSRepository Add-WUServiceManager -MicrosoftUpdate Get-WindowsUpdate Get-Service | findstr Admin sc queryex type=service state=all Get-ItemProperty HKLM:\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\* | Select-Object DisplayName, DisplayVersion, Publisher, InstallDate | Format-Table -AutoSize Get-WindowsFeature Get-package | Select-Object Name,Version Get-WindowsUpdate -v Get-ItemProperty HKLM:\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\* | Select-Object DisplayName, DisplayVersion, Publisher, InstallDate | Format-Table -AutoSize New-ADUser /? get-localuser get-roles Get-DnsServerResourceRecord dawgland.com Get-DnsServerQueryResolutionPolicy dcdiag /a CONFIRM ALL 5 Roles of Active Directory Servers are up and running!!!: Get-ADDomain dawgland.com | Format-Table PDCEmulator,RIDMaster,InfrastructureMaster Get-ADForest dawgland.com | Format-Table SchemaMaster,DomainNamingMaster Get-DnsServerResourceRecord -ZoneName dawgland.com Get-NetConnectionProfile Get-NetTCPConnection Get-CimInstance -Class CIM_LogicalDisk Get-DiskFreeSpace Get-GPRegistryValue -Key HKEY_LOCAL_MACHINE Get-GPRegistryValue -Guid 31b2f340-016d-11d2-945f-00c04fb984f9 -Key HKEY_LOCAL_MACHINE Add-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0 Import-Module GroupPolicy -verbose
More PowerShell Commands with Some Examples
Here are some more commands I use when working on headless Windows Server hardware and virual machines, such as
Windows Server Core:
Open a Windows command prompt as Administrator: runas /user:administrator CMD.exe List Installed Apps: Get-ItemProperty HKLM:\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\* | Select-Object DisplayName, DisplayVersion, Publisher, InstallDate | Format-Table –AutoSize Install Failover Cluster Tools: Install-WindowsFeature -Name Failover-Clustering –IncludeManagementTools Include command line management tools: Install-WindowsFeature RSAT-Clustering-CmdInterface Find out if package is installed. This example uses GIT: PS C:\Users\Administrator> Get-Package | Select-Object Name | findstr -i git Git Find out if package is installed. This exampled uses WAC(Windows Admin Center): PS C:\Users\Administrator> get-package | select-object Name | findstr -i Admin Windows Admin Center Another way to do same as above, but more “Precise”. Can USE WILD-CARDS!!!: PS C:\Users\Administrator> get-package | Where-Object {$_.Name -like "*Windows Admin Center*"} Name Version Source ProviderName ---- ------- ------ ------------ Windows Admin Center 1.3.53858.0 C:\Program Files\Windows Admi... msi Display ALL services installed and their status: Get-Service | Select-Object Name,Status,DisplayName Check Status of Windows Admin Center(IF Installed – Otherwise will not find it! Get-Service | Select-Object Name,Status,DisplayName | findstr Admin FINDS: “ServerManagementGateway”, the ACTUAL name of WAC! ServerManagementGateway Running Windows Admin Center Service ServerManagementGatewayAccount Stopped Windows Admin Center Account Service Configure DNS Servers: Set-DnsClientServerAddress -InterfaceIndex 3 -ServerAddresses ("192.168.200.103","192.168.200.121","75.75.76.76") Disable ALL Firewall Zones: Set-NetFirewallProfile -Profile Domain,Public,Private -Enabled False Enable a port through firewall: netsh advfirewall firewall add rule name="WinRM-HTTP" dir=in localport=5985 protocol=TCP action=allow Check if Windows Admin Center has been installed: Get-WmiObject -Class win32_service | Where-Object {$_.name -like "WinRM"} Download a file using PowerShell: $WebClient = New-Object System.Net.WebClient $WebClient.DownloadFile("http://192.168.200.125/WindowsAdminCenter2110.2.msi","C:\Users\Administrator\WindowsAdminCenter2110.2.msi") Check EvenLogs for logins, failures, apps, etc: get-eventlog -list get-eventlog Application -after (get-date).addhours(-1) get-eventlog Application -after (get-date).addhours(-8) USE Security log for checking logins: get-eventlog Security -after (get-date).addhours(-1) FORMATTING Example of explicit log index number: Get-EventLog Security | where index -eq 3704 | format-list * DOWNLOAD & Install MS SQL Server: $wc=new-object system.net.webclient $wc.downloadfile("https://go.microsoft.com/fwlink/?linkid=866662","SQL2019-SSEI-Dev.exe") GIT Download: $wc.downloadfile("https://github.com/git-for-windows/git/releases/download/v2.36.0.windows.1/Git-2.36.0-64-bit.exe","Git-2.36.0-64-bit.exe") Get-Service -Name vds get-service | Where-Object {$_.status -eq "stopped"} get-service -name wisvc PS C:\Users\Administrator> get-service | grep -i admin Stopped sacsvr Special Administration Console Helper Running ServerManagemen... Windows Admin Center Service Stopped ServerManagemen... Windows Admin Center Account Service PS C:\Users\Administrator> Get-Item WSMan:\localhost\Client\TrustedHosts Get-CimInstance -Class CIM_LogicalDisk DeviceID DriveType ProviderName VolumeName Size FreeSpace -------- --------- ------------ ---------- ---- --------- C: 3 53109321728 44553736192 D: 5 Get-NetTCPConnection LocalAddress LocalPort RemoteAddress RemotePort State AppliedSetting ------------ --------- ------------- ---------- ----- -------------- :: 56357 :: 0 Bound :: 56268 :: 0 Bound :: 54693 :: 0 Bound :: 54690 :: 0 Bound :: 54689 :: 0 Bound :: 54688 :: 0 Bound :: 54687 :: 0 Bound :: 54671 :: 0 Bound :: 54667 :: 0 Bound :: 54665 :: 0 Bound :: 54663 :: 0 Bound :: 49712 :: 0 Bound :: 49706 :: 0 Bound :: 49695 :: 0 Bound :: 49680 :: 0 Bound :: 49679 :: 0 Bound ::1 56357 ::1 49666 Established Datacenter fe80::b586:d0e3:8c2b:2229%5 56268 fe80::b586:d0e3:8c2b:2229%5 49666 Established Datacenter fe80::b586:d0e3:8c2b:2229%5 54815 fe80::b586:d0e3:8c2b:2229%5 135 TimeWait fe80::b586:d0e3:8c2b:2229%5 54671 fe80::b586:d0e3:8c2b:2229%5 389 Established Datacenter fe80::b586:d0e3:8c2b:2229%5 54667 fe80::b586:d0e3:8c2b:2229%5 389 Established Datacenter ::1 54665 ::1 389 Established Datacenter fe80::b586:d0e3:8c2b:2229%5 54663 fe80::b586:d0e3:8c2b:2229%5 389 Established Datacenter :: 49715 :: 0 Listen fe80::b586:d0e3:8c2b:2229%5 49712 fe80::b586:d0e3:8c2b:2229%5 49666 Established Datacenter fe80::b586:d0e3:8c2b:2229%5 49695 fe80::b586:d0e3:8c2b:2229%5 49666 Established Datacenter :: 49692 :: 0 Listen :: 49686 :: 0 Listen ::1 49680 ::1 389 Established Internet ::1 49679 ::1 389 Established Datacenter :: 49676 :: 0 Listen :: 49675 :: 0 Listen :: 49668 :: 0 Listen fe80::b586:d0e3:8c2b:2229%5 49666 fe80::b586:d0e3:8c2b:2229%5 56268 Established Datacenter fe80::b586:d0e3:8c2b:2229%5 49666 fe80::b586:d0e3:8c2b:2229%5 49712 Established Datacenter fe80::b586:d0e3:8c2b:2229%5 49666 fe80::b586:d0e3:8c2b:2229%5 49695 Established Datacenter ::1 49666 ::1 56357 Established Datacenter :: 49666 :: 0 Listen :: 49665 :: 0 Listen :: 49664 :: 0 Listen :: 47001 :: 0 Listen :: 9389 :: 0 Listen :: 5985 :: 0 Listen :: 3389 :: 0 Listen :: 3269 :: 0 Listen :: 3268 :: 0 Listen :: 636 :: 0 Listen :: 593 :: 0 Listen :: 464 :: 0 Listen :: 445 :: 0 Listen fe80::b586:d0e3:8c2b:2229%5 389 fe80::b586:d0e3:8c2b:2229%5 54671 Established Datacenter fe80::b586:d0e3:8c2b:2229%5 389 fe80::b586:d0e3:8c2b:2229%5 54667 Established Datacenter fe80::b586:d0e3:8c2b:2229%5 389 fe80::b586:d0e3:8c2b:2229%5 54663 Established Datacenter ::1 389 ::1 54665 Established Datacenter ::1 389 ::1 49680 Established Datacenter ::1 389 ::1 49679 Established Datacenter :: 389 :: 0 Listen :: 135 :: 0 Listen :: 88 :: 0 Listen fe80::b586:d0e3:8c2b:2229%5 53 :: 0 Listen ::1 53 :: 0 Listen 0.0.0.0 49715 0.0.0.0 0 Listen 0.0.0.0 49692 0.0.0.0 0 Listen 0.0.0.0 49686 0.0.0.0 0 Listen 0.0.0.0 49676 0.0.0.0 0 Listen 0.0.0.0 49675 0.0.0.0 0 Listen 0.0.0.0 49668 0.0.0.0 0 Listen 192.168.200.129 49666 192.168.200.216 60179 Established Datacenter 0.0.0.0 49666 0.0.0.0 0 Listen 0.0.0.0 49665 0.0.0.0 0 Listen 0.0.0.0 49664 0.0.0.0 0 Listen 0.0.0.0 9389 0.0.0.0 0 Listen 192.168.200.121 3389 192.168.200.223 64821 Established Datacenter 0.0.0.0 3389 0.0.0.0 0 Listen 0.0.0.0 3269 0.0.0.0 0 Listen 0.0.0.0 3268 0.0.0.0 0 Listen 0.0.0.0 636 0.0.0.0 0 Listen 0.0.0.0 593 0.0.0.0 0 Listen 0.0.0.0 389 0.0.0.0 0 Listen 192.168.200.121 139 0.0.0.0 0 Listen 0.0.0.0 135 0.0.0.0 0 Listen 192.168.200.129 53 0.0.0.0 0 Listen 192.168.200.121 53 0.0.0.0 0 Listen 127.0.0.1 53 0.0.0.0 0 Listen Get-NetConnectionProfile: Name : Unidentified network InterfaceAlias : Ethernet InterfaceIndex : 5 NetworkCategory : Public IPv4Connectivity : NoTraffic IPv6Connectivity : NoTraffic Get-DnsServerResourceRecord -ZoneName dawgland.com HostName RecordType Type Timestamp TimeToLive RecordData -------- ---------- ---- --------- ---------- ---------- @ A 1 2/21/2022 4:00:00 PM 00:10:00 192.168.200.129 @ A 1 2/21/2022 4:00:00 PM 00:10:00 192.168.200.121 @ NS 2 0 01:00:00 win19vm10.dawgland.com. @ SOA 6 0 01:00:00 [33][win19vm10.dawgland.com.][h... _msdcs NS 2 0 01:00:00 win19vm10.dawgland.com. _gc._tcp.Default-First... SRV 33 2/21/2022 4:00:00 PM 00:10:00 [0][100][3268][win19vm10.dawgla... _kerberos._tcp.Default... SRV 33 2/21/2022 4:00:00 PM 00:10:00 [0][100][88][win19vm10.dawgland... _ldap._tcp.Default-Fir... SRV 33 2/21/2022 4:00:00 PM 00:10:00 [0][100][389][win19vm10.dawglan... _gc._tcp SRV 33 2/21/2022 4:00:00 PM 00:10:00 [0][100][3268][win19vm10.dawgla... _kerberos._tcp SRV 33 2/21/2022 4:00:00 PM 00:10:00 [0][100][88][win19vm10.dawgland... _kpasswd._tcp SRV 33 2/21/2022 4:00:00 PM 00:10:00 [0][100][464][win19vm10.dawglan... _ldap._tcp SRV 33 2/21/2022 4:00:00 PM 00:10:00 [0][100][389][win19vm10.dawglan... _kerberos._udp SRV 33 2/21/2022 4:00:00 PM 00:10:00 [0][100][88][win19vm10.dawgland... _kpasswd._udp SRV 33 2/21/2022 4:00:00 PM 00:10:00 [0][100][464][win19vm10.dawglan... DomainDnsZones A 1 2/21/2022 4:00:00 PM 00:10:00 192.168.200.121 DomainDnsZones A 1 2/21/2022 4:00:00 PM 00:10:00 192.168.200.129 _ldap._tcp.Default-Fir... SRV 33 2/21/2022 4:00:00 PM 00:10:00 [0][100][389][win19vm10.dawglan... _ldap._tcp.DomainDnsZones SRV 33 2/21/2022 4:00:00 PM 00:10:00 [0][100][389][win19vm10.dawglan... ForestDnsZones A 1 2/21/2022 4:00:00 PM 00:10:00 192.168.200.121 ForestDnsZones A 1 2/21/2022 4:00:00 PM 00:10:00 192.168.200.129 _ldap._tcp.Default-Fir... SRV 33 2/21/2022 4:00:00 PM 00:10:00 [0][100][389][win19vm10.dawglan... _ldap._tcp.ForestDnsZones SRV 33 2/21/2022 4:00:00 PM 00:10:00 [0][100][389][win19vm10.dawglan... win10vm8 A 1 2/21/2022 9:00:00 PM 00:20:00 192.168.200.216 win19vm10 A 1 0 01:00:00 192.168.200.121 win19vm10 A 1 0 01:00:00 192.168.200.129