690 likes | 1.06k Views
WINDOWS POWERSHELL. Presenters: Winfred Wangeci Jignash Reddy. What is Windows Power Shell?. It is Microsoft's new task-based command-line shell and scripting language designed especially for system administration.
E N D
WINDOWS POWERSHELL Presenters: Winfred Wangeci Jignash Reddy
What is Windows Power Shell? • It is Microsoft's new task-based command-line shell and scripting language designed especially for system administration. • It helps Information Technology Professionals and PowerShell users control and automate the Administration of the Windows operating system and applications that run on Windows.
Why use Windows Powershell? • To address recurring needs (Viewing the logged Members ) • To run script(s) as a scheduled task (Running a command when user login or logoff) • To store and share ideas behind the scripts (Creating and modifying files and folders) • Automate repetitive tasks (Automate the user session time)
Windows Scripting Languages • Presently, Microsoft Windows programmers have several options when it comes to scripting. They can use: • MS-DOS (or CMD) to create simple batch files • VBScript for more complex programming • PowerShell to make the most of the .NET framework • With one of the above or a combination of all, a programmer gets complete control of all of the objects on a Windows computer.
Windows Powershell Cmdlets • A cmdlet is a lightweight command that is used in the Windows PowerShell environment. • Cmdlets follow a verb-noun naming pattern. Examples of verbs: get, set, new Examples of nouns: service, item, date
Sample Powershell Cmdlets • Below are sample Cmdlets following the verb-noun naming pattern: PS C:\>get-childitem C:\ (Gets the items and child items in one or more specified locations.) PS C:\>get-service (Retrieve information about the services installed on your computer.) PS C:\>set-location D:\ (It enables you to specify a new working location.) PS C:\> set-location “c:\my documents”
5 key powershell commands • Get-Help(get-help set-* gives all cmdlets that start with Set-.) • Get-Command (you’ll get back a list of all the Windows PowerShell cmdlets) • Get-Member(will enumerate the properties and methods of that object.) • Get-Psdrive (Gets the Windows PowerShell drives in the current session) • Format-List(each property is displayed on a separate line)
How Cmdlets differ from commands They differ from commands used in other command-shell environments in that: • They are instances of .NET Framework classes; they are not stand-alone executables. • They can be created from as few as a dozen lines of code. • They do not usually do their own parsing, error presentation, or output formatting. All these are handled by the Windows PowerShell runtime. • They process input objects from the pipeline rather than from streams of text, and cmdlets typically deliver objects as output to the pipeline. • They are record-oriented because they process a single object at a time.
PowerShell Aliases • An alias is an alternative name assigned to a Cmdlet. • Aliases allow users to quickly interact with the shell. • The Cmdlet get-alias is used to list all built-in aliases as shown in the diagram on the next slide:
Powershell Providers • They are .NET programs used to provide easy access to information external to the shell environment in order for the users to view it and manage it. • To obtain a listing of all the providers, the Get-PSProvider cmdlet is used. • To work with specific providers, use the set-location cmdlet then specify the provider drive.
Powershell Providers • There are seven types of providers namely: • Alias - Provides access to the windows PowerShell aliases and their values Get-PSProvider Sl Alias:\ GCI | where-object {$_.name –like “s*”} • Environment - Provides access to the Windows environment variables. • FileSystem - Provides access to files and directories. • Function - Provides access to the functions defined in Windows PowerShell.
Powershell Providers cont…. • Registry Provides access to the system registry keys and values. • Variable Provides access to Windows PowerShell variables and their values. • Certificate Provides read-only access to certificate stores and certificates.
Sample powershell scripts • To address recurring problems DirectoryListWithArguments.ps1 foreach ($i in $args) {Get-ChildItem $i | Where-Object {$_.length -gt 1000} | Sort-Object -property name}
Sample powershell scripts • To run the script as a scheduled task ListProcessesSortResults.ps1 $args = "localhost","loopback","127.0.0.1" foreach ($i in $args) {$strFile = "c:\mytest\"+ $i +"Processes.txt" Write-Host "Testing" $i "please wait ..."; Get-WmiObject -computername $i -class win32_process | Select-Object name, processID, Priority, ThreadCount, PageFaults, PageFileUsage | Where-Object {!$_.processID -eq 0} | Sort-Object -property name | Format-Table | Out-File $strFile}
Sample powershell scripts 3. To store and share both the “secret commands” and the ideas behind the scripts AccountsWithNoRequiredPassword.ps1 $args = "localhost" foreach ($i in $args) {Write-Host "Connecting to" $i "please wait ..."; Get-WmiObject -computername $i -class win32_UserAccount | Select-Object Name, Disabled, PasswordRequired, SID, SIDType | Where-Object {$_.PasswordRequired -eq 0} | Sort-Object -property name | Write-Host }
Enabling script support Scripting support is disabled by default in Windows PowerShell. Running a script when policy is not set generates an error message that must be fixed to allow script execution.
Script execution policy levels • There are four levels of execution policy: • Restricted Will not run scripts or configuration files • AllSigned All scripts and configuration files must be signed by a trusted publisher • RemoteSigned All scripts and configuration files downloaded from the internet must be signed by a trusted publisher • Unrestricted All scripts and configuration files will run
Setting script execution policy • Use the Get-ExecutionPolicy cmdlet to retrieve the current effective script execution policy. • Use the Set-ExecutionPolicy cmdlet to change the script execution policy to unrestricted as shown below: Set-ExecutionPolicy unrestricted
Running windows powershell scripts • Running a script can be done either within or outside PowerShell. • Running the script within PowerShell requires the following steps: • Type the full path to the script • Include the name of the script • Ensure you include the PS1 extension C:\mytest\RetrieveAndSortServiceState.PS1
Running windows powershell scripts • Running scripts outside PowerShell requires the following steps: • Type the full path to the script • Include the name of the script • Ensure you include the PS1 extension • Feed this to the PowerShell.exe program • Use the –noexit argument to keep the PowerShell console after script execution Powershell –noexit C:\mytest\RetrieveAndSortServiceState.PS1
Powershell loops Powershell evaluates the condition at the start of each cycle and if it’s true, then it executes the command block as shown in the loop below: $wmi = get-wmiObject win32_processor if ($wmi.Architecture -eq 0) {"This is an x86 computer"} elseif($wmi.architecture -eq 1) {"This is an MIPS computer"} elseif($wmi.architecture -eq 2) {"This is an Alapha computer"} elseif($wmi.architecture -eq 3) {"This is an PowerPC computer"} elseif($wmi.architecture -eq 6) {"This is an IPF computer"} elseif($wmi.architecture -eq 9) {"This is an x64 computer"} else {$wmi.architecture + " is not a cpu type I am familiar with"} "Current clockspeed is : " + $wmi.CurrentClockSpeed + " MHZ" "Max clockspeed is : " + $wmi.MaxClockSpeed + " MHZ" "Current load percentage is: " + $wmi.LoadPercentage + " Percent" "The L2 cache size is: " + $wmi.L2CacheSize + " KB"
Switches • They enable users to write a script that can choose from a series of options without writing a long series of If statements as shown below: $wmi = get-wmiobject win32_computersystem "computer " + $wmi.name + " is: " switch ($wmi.domainrole) { 0 {"`t Stand alone workstation"} 1 {"`t Member workstation"} 2 {"`t Stand alone server"} 3 {"`t Member server"} 4 {"`t Back up domain controller"} 5 {"`t Primary domain controller"} default {"`t The role can not be determined"} }
Creating new items using Scripts • Files and Folders New-Item is a quick and easy way to create a new file or folder on your computer. Creating a file: New-Item c:\scripts\new_file.txt -type file Creating a folder: New-Item c:\scripts\Windows PowerShell -type directory
Creating multiple folders $intFolders = 10 $intPad $i = 1 New-Variable -Name strPrefix -Value "testFolder" -Option constant do { if ($i -lt 10) {$intPad=0 new-item -path c:\mytest -name $strPrefix$intPad$i -type directory} else {new-item -path c:\mytest -name $strPrefix$i -type directory} $i++ }until ($i -eq $intFolders+1)
Deleting multiple folders $intFolders = 10 $intPad $i = 1 New-Variable -Name strPrefix -Value "testFolder" -Option constant do { if ($i -lt 10) {$intPad=0 Remove-item -path c:\mytest\$strPrefix$intPad$i} else {Remove-item -path c:\mytest\$strPrefix$i} $i++ }until ($i -eq $intFolders+1)
Pipelining • One of the most powerful and possibly confusing aspects of PowerShell. • The output of one program can be the input to another • Pipelining is passing data and objects from one cmdlet to another in a very robust fashion. • A | B | C meaning the output of A goes to B, and the output of B goes to C.
Pipelining Example PS C:\> Get-Process | where { $_.handlecount -gt 400 } | Format-List This example is actually executing three cmdlets • The first, Get-Process, returns a list of all running processes • The second, Where {..} will return the conditioned value which handlecount is greater than 400. • Finally the Format-list will display the results in Alphabetic order
Pipelining Example Output PS C:\> Get-Process | where { $_.handlecount -gt 400 } | Format-List ProcessName : csrss Id : 1080 ProcessName : explorer Id : 1952 ProcessName : Groove Id : 2656 ProcessName : inetinfo Id : 1524
Sorting • The sort-object cmdlet is used to produce a listing of items in ascending/descending order Get-EventLog system -newest 5 | Sort-Object eventid Produces the output below:
Managing Exchange 2007 • Windows PowerShell -129 Commands Get-Command • Exchange PowerShell-394 Commands Get-EXCommand
Command Syntax • New-Mailbox • Get-Mailbox • Set-Mailbox • Move-Mailbox • Remove-Mailbox
Mailbox Command Syntax • Count Mailbox in organizations (Get –mailbox).count • Getting all properties for a specific user Get-Mailbox | where {$_.Display Name -eq “DR kesh"} | format-list • List of all mailboxes in organization Get-Mailbox -ResultSize unlimited
Command for creating Users $UserName = $_.UserName $newUser = $container.Create("User", "cn=" + $UserName) $newUser.Put("sAMAccountName", $UserName) $newUser.SetInfo() $newUser.psbase.InvokeSet('AccountDisabled', $false) $newUser.SetInfo() $newUser.SetPassword("P@55w0rd“) • Making changes to users • Apply policies • Assign to groups • Enable or disable features • Changing attributes • Moving mailboxes ....
Setting up your ExchangePowerShell learning enviroment • Prerequisites • Supported OS • Microsoft Windows Server 2003 R2, or • Microsoft Windows Server 2003 with SP1 or SP2 • Windows XP with Service Pack 2 • Windows Vista • Windows 2008 • The Microsoft .NET Framework 2.0 (2.0.50727) • Powershell • Exchange 2007
Windows Management Instrumentation(WMI) Model • It is a hierarchical namespace, in which the layers build on one another like a Lightweight Directory Access Protocol (LDAP) directory used in Active Directory, or the file system structure on a hard disk drive. • WMI can be used to: report on drive configuration, report on available memory both physical and virtual, back up the event log, modify registry, schedule tasks, share folders, switch from a static to a dynamic IP address. • The WMI model has three sections namely: • Resources • Infrastructure • Consumers
Working with WMI classes • To obtain a listing of WMI classes, use the Get-WmiObject cmdlet and specify the list argument as shown below: $strComputer = "." $wmiNS = "\root\cimv2" $strUsr ="" #Blank for current security. Domain\Username $strPWD = "" #Blank for current security. $strLocl = "MS_409" #US English. Can leave blank for current language $strAuth = "" #if specify domain in strUsr this must be blank $iFlag = "0" #only two values allowed: 0 and 128. $objLocator = New-Object -comobject "WbemScripting.SWbemLocator" $objWMIService = $objLocator.ConnectServer($strComputer, ` $wmiNS, $strUsr, $strPWD, $strLocl, $strAuth, $iFLag) $colItems = $objWMIService.subClassesOf() Write-Host "There are: " $colItems.count " classes in $wmiNS" foreach ($objItem In $colItems) { $objItem.path_.class }
References • Wilson, E. (2007). Microsoft Windows PowerShell step by step. Washington: Microsoft Press. • Tomsho, G. (2010). MCTS guide to Microsoft Windows Server 2008 Active Directory configuration: Exam 70-640. Boston, MA: Course Technology/Cengage Learning. • Schwichtenberg, H. (2008). Essential PowerShell. The Addison-Wesley Microsoft technology series. Upper Saddle River, NJ: Addison-Wesley.