Powershell
Jump to navigation
Jump to search
Windows PowerShell Information
Enabling PowerShell Script Execution
Enabling & Configuring OpenSSH Server on Windows Using PowerShell
First, confirm the current state of the OpenSSH Server and OpenSSH Clients, whether either are installed, enabled, and configured.
Type this command to check the current status of both the server and client:
=== Miscellaneous PowerShell Commands ===
Here are some of the PowerShell commands I use regularily to to manage Windows machines:
<pre style="color:blue">
Create NEW Active Directory Domain Controller/AD DS:
Install-WindowsFeature -Name AD-Domain-Services -IncludeManagementTools
Install-ADDSForest -DomainName thebestlinux.net -DomainNetbiosName THEBESTLINUX -InstallDNS
OTHER COMMANDS:
Disable IPv6 on ALL NIC’s:
Disable-NetAdapterBinding -Name Ethernet* -ComponentID ms_tcpip6
Get-NetTCPConnection
Get-NetConnectionProfile
Get-NetAdapter
Set-DnsClientServerAddress -InterfaceIndex 3 -ServerAddresses ("192.168.200.103","192.168.200.121","75.75.76.76")
Install-Module PSWindowsUpdate
Set-PSRepository
Add-WUServiceManager -MicrosoftUpdate
Get-WindowsUpdate
Get-Service | findstr Admin
sc queryex type=service state=all
Get-ItemProperty HKLM:\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\* | Select-Object DisplayName, DisplayVersion, Publisher, InstallDate | Format-Table -AutoSize
Get-WindowsFeature
Get-package | Select-Object Name,Version
Get-WindowsUpdate -v
Get-ItemProperty HKLM:\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\* | Select-Object DisplayName, DisplayVersion, Publisher, InstallDate | Format-Table -AutoSize
New-ADUser /?
get-localuser
get-roles
Get-DnsServerResourceRecord dawgland.com
Get-DnsServerQueryResolutionPolicy
dcdiag /a
CONFIRM ALL 5 Roles of Active Directory Servers are up and running!!!:
Get-ADDomain dawgland.com | Format-Table PDCEmulator,RIDMaster,InfrastructureMaster
Get-ADForest dawgland.com | Format-Table SchemaMaster,DomainNamingMaster
Get-DnsServerResourceRecord -ZoneName dawgland.com
Get-NetConnectionProfile
Get-NetTCPConnection
Get-CimInstance -Class CIM_LogicalDisk
Get-DiskFreeSpace
Get-GPRegistryValue -Key HKEY_LOCAL_MACHINE
Get-GPRegistryValue -Guid 31b2f340-016d-11d2-945f-00c04fb984f9 -Key HKEY_LOCAL_MACHINE
Add-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0
Import-Module GroupPolicy -verbose
More PowerShell Commands with Some Examples
Here are some more commands I use when working on headless Windows Server hardware and virual machines, such as
Windows Server Core:
Open a Windows command prompt as Administrator:
runas /user:administrator CMD.exe
List Installed Apps:
Get-ItemProperty HKLM:\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\* | Select-Object DisplayName, DisplayVersion, Publisher, InstallDate | Format-Table –AutoSize
Install Failover Cluster Tools:
Install-WindowsFeature -Name Failover-Clustering –IncludeManagementTools
Include command line management tools:
Install-WindowsFeature RSAT-Clustering-CmdInterface
Find out if package is installed. This example uses GIT:
PS C:\Users\Administrator> Get-Package | Select-Object Name | findstr -i git
Git
Find out if package is installed. This exampled uses WAC(Windows Admin Center):
PS C:\Users\Administrator> get-package | select-object Name | findstr -i Admin
Windows Admin Center
Another way to do same as above, but more “Precise”. Can USE WILD-CARDS!!!:
PS C:\Users\Administrator> get-package | Where-Object {$_.Name -like "*Windows Admin Center*"}
Name Version Source ProviderName
---- ------- ------ ------------
Windows Admin Center 1.3.53858.0 C:\Program Files\Windows Admi... msi
Display ALL services installed and their status:
Get-Service | Select-Object Name,Status,DisplayName
Check Status of Windows Admin Center(IF Installed – Otherwise will not find it!
Get-Service | Select-Object Name,Status,DisplayName | findstr Admin
FINDS:
“ServerManagementGateway”, the ACTUAL name of WAC!
ServerManagementGateway Running Windows Admin Center Service
ServerManagementGatewayAccount Stopped Windows Admin Center Account Service
Configure DNS Servers:
Set-DnsClientServerAddress -InterfaceIndex 3 -ServerAddresses ("192.168.200.103","192.168.200.121","75.75.76.76")
Disable ALL Firewall Zones:
Set-NetFirewallProfile -Profile Domain,Public,Private -Enabled False
Enable a port through firewall:
netsh advfirewall firewall add rule name="WinRM-HTTP" dir=in localport=5985 protocol=TCP action=allow
Check if Windows Admin Center has been installed:
Get-WmiObject -Class win32_service | Where-Object {$_.name -like "WinRM"}
Download a file using PowerShell:
$WebClient = New-Object System.Net.WebClient
$WebClient.DownloadFile("http://192.168.200.125/WindowsAdminCenter2110.2.msi","C:\Users\Administrator\WindowsAdminCenter2110.2.msi")
Check EvenLogs for logins, failures, apps, etc:
get-eventlog -list
get-eventlog Application -after (get-date).addhours(-1)
get-eventlog Application -after (get-date).addhours(-8)
USE Security log for checking logins:
get-eventlog Security -after (get-date).addhours(-1)
FORMATTING Example of explicit log index number:
Get-EventLog Security | where index -eq 3704 | format-list *
DOWNLOAD & Install MS SQL Server:
$wc=new-object system.net.webclient
$wc.downloadfile("https://go.microsoft.com/fwlink/?linkid=866662","SQL2019-SSEI-Dev.exe")
GIT Download:
$wc.downloadfile("https://github.com/git-for-windows/git/releases/download/v2.36.0.windows.1/Git-2.36.0-64-bit.exe","Git-2.36.0-64-bit.exe")
Get-Service -Name vds
get-service | Where-Object {$_.status -eq "stopped"}
get-service -name wisvc
PS C:\Users\Administrator> get-service | grep -i admin
Stopped sacsvr Special Administration Console Helper
Running ServerManagemen... Windows Admin Center Service
Stopped ServerManagemen... Windows Admin Center Account Service
PS C:\Users\Administrator>
Get-Item WSMan:\localhost\Client\TrustedHosts
Get-CimInstance -Class CIM_LogicalDisk
DeviceID DriveType ProviderName VolumeName Size FreeSpace
-------- --------- ------------ ---------- ---- ---------
C: 3 53109321728 44553736192
D: 5
Get-NetTCPConnection
LocalAddress LocalPort RemoteAddress RemotePort State AppliedSetting
------------ --------- ------------- ---------- ----- --------------
:: 56357 :: 0 Bound
:: 56268 :: 0 Bound
:: 54693 :: 0 Bound
:: 54690 :: 0 Bound
:: 54689 :: 0 Bound
:: 54688 :: 0 Bound
:: 54687 :: 0 Bound
:: 54671 :: 0 Bound
:: 54667 :: 0 Bound
:: 54665 :: 0 Bound
:: 54663 :: 0 Bound
:: 49712 :: 0 Bound
:: 49706 :: 0 Bound
:: 49695 :: 0 Bound
:: 49680 :: 0 Bound
:: 49679 :: 0 Bound
::1 56357 ::1 49666 Established Datacenter
fe80::b586:d0e3:8c2b:2229%5 56268 fe80::b586:d0e3:8c2b:2229%5 49666 Established Datacenter
fe80::b586:d0e3:8c2b:2229%5 54815 fe80::b586:d0e3:8c2b:2229%5 135 TimeWait
fe80::b586:d0e3:8c2b:2229%5 54671 fe80::b586:d0e3:8c2b:2229%5 389 Established Datacenter
fe80::b586:d0e3:8c2b:2229%5 54667 fe80::b586:d0e3:8c2b:2229%5 389 Established Datacenter
::1 54665 ::1 389 Established Datacenter
fe80::b586:d0e3:8c2b:2229%5 54663 fe80::b586:d0e3:8c2b:2229%5 389 Established Datacenter
:: 49715 :: 0 Listen
fe80::b586:d0e3:8c2b:2229%5 49712 fe80::b586:d0e3:8c2b:2229%5 49666 Established Datacenter
fe80::b586:d0e3:8c2b:2229%5 49695 fe80::b586:d0e3:8c2b:2229%5 49666 Established Datacenter
:: 49692 :: 0 Listen
:: 49686 :: 0 Listen
::1 49680 ::1 389 Established Internet
::1 49679 ::1 389 Established Datacenter
:: 49676 :: 0 Listen
:: 49675 :: 0 Listen
:: 49668 :: 0 Listen
fe80::b586:d0e3:8c2b:2229%5 49666 fe80::b586:d0e3:8c2b:2229%5 56268 Established Datacenter
fe80::b586:d0e3:8c2b:2229%5 49666 fe80::b586:d0e3:8c2b:2229%5 49712 Established Datacenter
fe80::b586:d0e3:8c2b:2229%5 49666 fe80::b586:d0e3:8c2b:2229%5 49695 Established Datacenter
::1 49666 ::1 56357 Established Datacenter
:: 49666 :: 0 Listen
:: 49665 :: 0 Listen
:: 49664 :: 0 Listen
:: 47001 :: 0 Listen
:: 9389 :: 0 Listen
:: 5985 :: 0 Listen
:: 3389 :: 0 Listen
:: 3269 :: 0 Listen
:: 3268 :: 0 Listen
:: 636 :: 0 Listen
:: 593 :: 0 Listen
:: 464 :: 0 Listen
:: 445 :: 0 Listen
fe80::b586:d0e3:8c2b:2229%5 389 fe80::b586:d0e3:8c2b:2229%5 54671 Established Datacenter
fe80::b586:d0e3:8c2b:2229%5 389 fe80::b586:d0e3:8c2b:2229%5 54667 Established Datacenter
fe80::b586:d0e3:8c2b:2229%5 389 fe80::b586:d0e3:8c2b:2229%5 54663 Established Datacenter
::1 389 ::1 54665 Established Datacenter
::1 389 ::1 49680 Established Datacenter
::1 389 ::1 49679 Established Datacenter
:: 389 :: 0 Listen
:: 135 :: 0 Listen
:: 88 :: 0 Listen
fe80::b586:d0e3:8c2b:2229%5 53 :: 0 Listen
::1 53 :: 0 Listen
0.0.0.0 49715 0.0.0.0 0 Listen
0.0.0.0 49692 0.0.0.0 0 Listen
0.0.0.0 49686 0.0.0.0 0 Listen
0.0.0.0 49676 0.0.0.0 0 Listen
0.0.0.0 49675 0.0.0.0 0 Listen
0.0.0.0 49668 0.0.0.0 0 Listen
192.168.200.129 49666 192.168.200.216 60179 Established Datacenter
0.0.0.0 49666 0.0.0.0 0 Listen
0.0.0.0 49665 0.0.0.0 0 Listen
0.0.0.0 49664 0.0.0.0 0 Listen
0.0.0.0 9389 0.0.0.0 0 Listen
192.168.200.121 3389 192.168.200.223 64821 Established Datacenter
0.0.0.0 3389 0.0.0.0 0 Listen
0.0.0.0 3269 0.0.0.0 0 Listen
0.0.0.0 3268 0.0.0.0 0 Listen
0.0.0.0 636 0.0.0.0 0 Listen
0.0.0.0 593 0.0.0.0 0 Listen
0.0.0.0 389 0.0.0.0 0 Listen
192.168.200.121 139 0.0.0.0 0 Listen
0.0.0.0 135 0.0.0.0 0 Listen
192.168.200.129 53 0.0.0.0 0 Listen
192.168.200.121 53 0.0.0.0 0 Listen
127.0.0.1 53 0.0.0.0 0 Listen
Get-NetConnectionProfile:
Name : Unidentified network
InterfaceAlias : Ethernet
InterfaceIndex : 5
NetworkCategory : Public
IPv4Connectivity : NoTraffic
IPv6Connectivity : NoTraffic
Get-DnsServerResourceRecord -ZoneName dawgland.com
HostName RecordType Type Timestamp TimeToLive RecordData
-------- ---------- ---- --------- ---------- ----------
@ A 1 2/21/2022 4:00:00 PM 00:10:00 192.168.200.129
@ A 1 2/21/2022 4:00:00 PM 00:10:00 192.168.200.121
@ NS 2 0 01:00:00 win19vm10.dawgland.com.
@ SOA 6 0 01:00:00 [33][win19vm10.dawgland.com.][h...
_msdcs NS 2 0 01:00:00 win19vm10.dawgland.com.
_gc._tcp.Default-First... SRV 33 2/21/2022 4:00:00 PM 00:10:00 [0][100][3268][win19vm10.dawgla...
_kerberos._tcp.Default... SRV 33 2/21/2022 4:00:00 PM 00:10:00 [0][100][88][win19vm10.dawgland...
_ldap._tcp.Default-Fir... SRV 33 2/21/2022 4:00:00 PM 00:10:00 [0][100][389][win19vm10.dawglan...
_gc._tcp SRV 33 2/21/2022 4:00:00 PM 00:10:00 [0][100][3268][win19vm10.dawgla...
_kerberos._tcp SRV 33 2/21/2022 4:00:00 PM 00:10:00 [0][100][88][win19vm10.dawgland...
_kpasswd._tcp SRV 33 2/21/2022 4:00:00 PM 00:10:00 [0][100][464][win19vm10.dawglan...
_ldap._tcp SRV 33 2/21/2022 4:00:00 PM 00:10:00 [0][100][389][win19vm10.dawglan...
_kerberos._udp SRV 33 2/21/2022 4:00:00 PM 00:10:00 [0][100][88][win19vm10.dawgland...
_kpasswd._udp SRV 33 2/21/2022 4:00:00 PM 00:10:00 [0][100][464][win19vm10.dawglan...
DomainDnsZones A 1 2/21/2022 4:00:00 PM 00:10:00 192.168.200.121
DomainDnsZones A 1 2/21/2022 4:00:00 PM 00:10:00 192.168.200.129
_ldap._tcp.Default-Fir... SRV 33 2/21/2022 4:00:00 PM 00:10:00 [0][100][389][win19vm10.dawglan...
_ldap._tcp.DomainDnsZones SRV 33 2/21/2022 4:00:00 PM 00:10:00 [0][100][389][win19vm10.dawglan...
ForestDnsZones A 1 2/21/2022 4:00:00 PM 00:10:00 192.168.200.121
ForestDnsZones A 1 2/21/2022 4:00:00 PM 00:10:00 192.168.200.129
_ldap._tcp.Default-Fir... SRV 33 2/21/2022 4:00:00 PM 00:10:00 [0][100][389][win19vm10.dawglan...
_ldap._tcp.ForestDnsZones SRV 33 2/21/2022 4:00:00 PM 00:10:00 [0][100][389][win19vm10.dawglan...
win10vm8 A 1 2/21/2022 9:00:00 PM 00:20:00 192.168.200.216
win19vm10 A 1 0 01:00:00 192.168.200.121
win19vm10 A 1 0 01:00:00 192.168.200.129