Category Archives: PowerShell

PowerShell QuickStart

I decided recently that I want to do more to empower my coworkers. For Windows administration, PowerShell is the modern, cool way of accomplishing all kinds of system administration tasks. The elevator pitch for getting people excited about it is easy, but the learning curve is so steep it’s hard to keep them interested. Here’s my best effort at a short, practical beginner’s guide. The only prerequisite knowledge required is basic command prompt experience, and you can probably get by without that. Also, you want to at least have Windows 7 with SP1, ideally the 64-bit version.

Launching PowerShell

This section may seem way too basic and easy to skip over. But I strongly encourage you to work your way through it at least once. Small steps – we’ll get to the cool stuff soon enough.

Getting the Latest Version

  1. If you already have some version of PowerShell installed, open it up. WindowsKey+R > PowerShell
  2. Type the following into the console, then press Enter:
    Get-Host
  3. Look for the row labeled “Version” – If you have the latest version (3.0 at time of writing this document), great! Otherwise, proceed onward.
  4. Download PowerShell 3.0 here [microsoft.com]. Don’t be confused like I was because they call it “WMF 3.0″. That stands for Windows Management Framework and is the totally uncool equivalent of saying PowerShell. Scroll way down to the Instructions section for directions on which exact file you need. Hint: For Win7 x64, get Windows6.1-KB2506143-x64.msu.
  5. Fire off the installer. Accept all the defaults. If you encounter an error like “This update does not apply to your system”, download and install the Microsoft .NET Framework 4 [microsoft.com] and try again (accept all defaults, and restart between installs if prompted). I don’t know why they couldn’t bundle these together or at least have a more helpful error on the PowerShell installer. If you’re still having trouble after that at you’re on Windows 7, make sure you have Service Pack 1 installed.
  6. At this point you’re ready to go. Launch and double-check with the “Get-Host” command

Console vs. ISE

There are two launchers for PowerShell: powershell.exe and powershell_ise.exe. These are both located in C:\Windows\System32\WindowsPowerShell\v1.0 – Yes, even PowerShell v2 and v3 are installed into that exact folder (something about compatibility). By the way, you cannot have older and newer versions of PowerShell installed at the same time.

PowerShell.exe is the basic PowerShell console. It’s much like a Windows Command prompt – by default you’ll see a prompt starting with “PS” and then the current directory path you are in. Copying and pasting works very similar to Putty or a Linux/Unix console – Use the right mouse button to copy text or paste whatever is in the clipboard – Control+C and Control+V won’t do what you want it to do here. You can start PowerShell from a command prompt by simply typing “powershell” (without the quotation marks) – the color scheme and fonts will be a little different but it really is the same thing.

PowerShell_ISE.exe is the PowerShell console plus a bunch of really convenient features that you almost definitely want to take advantage of. The ISE is broken up into three sections (all of which can be toggled on or off): At the top is a blank script file that works like a basic text editor. Consider this your scratch pad for planning things out. At the bottom is your console window. It is exactly the same as the non-ISE version of PowerShell except that keyboard shortcuts for copy and paste will work. And finally, on the right-hand side is a cheat-sheet of all available PowerShell commands.

In the ISE, write commands into the top section or the bottom. Use the bottom for “one-offs”, use the top for planning a series of tasks that can be automatically sent to the bottom section and run line-by-line using the Play button in the toolbar.

If for some reason you don’t see all the panes/sections, open the View menu and make sure the first six items are checked.

In summary, the ISE will make your life easier. It gives you a cheat-sheet of commands, makes it easier to plan a sequence of commands, and has some other benefits I haven’t mentioned yet that you will pick up and get accustomed to as you follow this guide. However, the guide will work for both vanilla PowerShell and the ISE and if you feel overwhelmed with the ISE by all means don’t use it

Setting Up Your Environment

Enabling Scripts

By default, PowerShell is designed to be so secure that no scripts will run by default. Single commands will work just fine, but a sequence of commands saved in a script file will fail. Script files have an extension of .ps1 but otherwise appear as a plain text file – you can edit them in Notepad, the ISE, or other text editors. PS1 stands for PowerShell version 1 – Even if you are using a different version or if the script was written using a newer version, for backwards compatibility all PowerShell scripts use .ps1.

Let’s find out if you can run scripts by typing the following PowerShell command:
Get-ExecutionPolicy

You’ll see the output come back Restricted – this means no script can run. (If you see anything else, Group Policy settings are managing this for you and you can skip the rest of this section.) Let’s relax those rules and allow local scripts to run. This will specifically only let scripts run if they are saved locally or if they are on a network share and have a signed SSL cert (we’re not getting into the details of that – it’s complicated):
Set-ExecutionPolicy RemoteSigned
Note: This is one of the few times you’ll need to launch PowerShell with the “Run as Administrator” option. You’ll be prompted to confirm this setting which you can do by just pressing Enter to accept the default.

Re-Run Get-ExecutionPolicy and you’ll see your new setting in place.

PowerShell Remote Connections

One of the most useful features of PowerShell is that you can use it to run commands on a different computer from the one you are sitting at. But to do so you need to set up a few things (unless Group Policy has been configured to do this for you – let’s assume that is not the case):

On the computer you want to connect remotely to:

  • Run the following PowerShell command (this is one of the other rare times you need to make sure you run launch Power with the Run as Administrator option):
    Enable-PSRemoting
    Note: You’ll be prompted several times with questions about settings. Press enter to accept all the defaults. Or cheat and use the command Enable-PSRemoting -Force to automatically select all defaults

On your computer:

 

  • Run the same Enable-PSRemoting command. Technically you don’t need all the settings that are enabled, but this is a much quicker way of getting started.
  • Next, make sure you can reach the remote computer from yours by hostname. Type ping RemoteComputer but with the name of your actual remote computer – do not use an IP address. If the hostname does not resolve to an IP address, you will be unable to run remote commands, but the fix is beyond what this guide can provide – You need working DNS and if this isn’t automated through Active Directory you’ll have to manually update your DNS server as needed.
  • If the machine you want to connect to is not bound to Active Directory, you also need to run the following command:
    winrm set winrm/config/client ‘@{TrustedHosts=”RemoteComputer“}’Be sure to use all the quotation marks as they appear here, and replace RemoteComputer with the actual hostname of the computer you want to connect to. If you have difficulty with managing computers remotely you can use an asterisk instead of a computer name but this is extremely insecure and a hacker’s paradise.

At this point, on your machine you can connect to the remote one by using the following command:
Enter-PSSession -ComputerName RemoteComputer -Credential Domain\User

You’ll be prompted for the username and password of an account on the remote computer that is a member of that computer’s Administrators group. If the command is succesful, you’ll see a normal PowerShell prompt except that in brackets it shows the name of the computer you are connected to. At any time you can type Exit-PSSession to return back to your local PowerShell console. It is important to always check for a hostname in brackets – this is how you tell if you are running commands on your computer or on some other computer.

Conclusion

Although we’ve hardly done anything, at this point you have everything set up on your computer and maybe even a remote computer. Next week we’ll dive into running commands, keyboard shortcuts, using auto-complete, etc.