Windows Powershell for the Windows 7 Enterprise Client
- Slides: 34
Windows Powershell for the Windows 7 Enterprise Client Ed Wilson, MCSE, MCSD Microsoft Scripting Guy Microsoft Session Code: WCL 314
Objectives And Takeaways Objectives Show to use Windows Power. Shell 2. 0 remoting to manage Desktops Show to use Windows Power. Shell 2. 0 to troubleshoot Desktops Key Takeaways Windows Power. Shell 2. 0 remoting is as easy as typing the name of the computer Interactive sessions allow for more extensive remote scenarios
What is Windows Power. Shell? Console Interactive commands Query and configure Run jobs Scripting language Automate everything Sharable and reusable
Power. Shell Remoting requirements Not all remoting is the same Get-Process Get-Service and others use. NET Framework methods To use Local and remote computer need: Windows Power. Shell 2. 0 Microsoft. NET Framework 2. 0 or later Windows Remote Management 2. 0 To configure Power. Shell remoting: start Power. Shell as admin Use enable-psremoting cmdlet Configures firewall and Winrm Service
Windows Power. Shell Remoting Use the Computer. Name parameter with select cmdlets Get-Process –Computer. Name Berlin Run a command on remote computer Invoke-Command –Computer. Name Berlin ` -Script. Block { Host. Name} Open a Power. Shell session on remote computer Enter-PSSession –Computer. Name Berlin [berlin]: PS C: > Host. Name [berlin]: PS C: > Exit-PSSession
30 Computer. Name cmdlets TROUBLESHOOTING GENERAL Get-Hot. Fix Receive-Job Get-Process Set-Service Get-Service Restart-Computer Stop-Computer Test-Connection Get-Counter EVENTLOG Show-Event. Log Write-Event. Log Limit-Event. Log Get-Event. Log Remove-Event. Log New-Event. Log Clear-Event. Log Get-Win. Event WMI Register-Wmi. Event Set-Wmi. Instnace Invoke-Wmi. Method Get-Wmi. Object Remove-Wmi. Object WSMAN Disconnect-WSMan Test-WSMan Connect-WSMan Invoke-WSMan. Action Get-WSMan. Instance Remove. WSMan. Instance Set-WSMan. Instance New-WSMan. Instance REMOTING Remove-PSSession Get-PSSession New-PSSession Enter-PSSession Invoke-Command
Getting information remotely The same syntax, and experience remotely as locally Uses credentials of current user Examples: Get-Service –computername berlin Get-Process –computername berlin Get-Hot. Fix –computername berlin 9 cmdlets Get-Counter Get-Process Get-Win. Event Get-Event. Log Get-Hot. Fix Get-Service Get-PSSession Get-Wmi. Object Get-WSMan. Instance
demo Getting information remotely Ed Wilson Microsoft Scripting Guy Microsoft
Working with Services Has a Computer. Name Parameter. Use Directly Get-Service and Set-Service PS C: > Get-Service –Computer. Name Berlin No Computer. Name parameter. Use Invoke. Command when working remotely PS C: > Invoke-Command -Computer. Name berlin ` Service -Name bits } Start-Service Stop-Service Restart-Service Suspend-Service Resume-Service { Start- Before making changes to services PS C: > Checkpoint-Computer –Description “Before changed services”
demo Working with services remotely Ed Wilson Microsoft Scripting Guy Microsoft
Working with Processes There are five process cmdlets Get-Process Stop-Process Debug-Process Wait-Process Start-Process Get-Process. Easy to use remotely and locally PS C: > Get-Process –comptuername Berlin –name calc PS C: > Get-Process –computername Berlin –id 4072 Start-Process , Stop-Process no computername PS C: > Enter-PSSession –comptuername berlin [berlin]: PS C: > Start-Process notepad [berlin]: PS C: > Get-Process –name notepad [berlin]: PS C: > Stop-Process –name notepad [berlin]: PS C: > exit
demo Working with Processes Ed Wilson Microsoft Scripting Guy Microsoft
Working with Hot Fixes Use on Local Computer PS C: > Get-Hot. Fix On remote use computername parameter PS C: > Get-Hot. Fix -Computer. Name berlin To search for hot fixes by ID number use id PS C: > Get-Hot. Fix -Id KB 950099 Search by description to find related hot fixes PS C: > Get-Hot. Fix -Description security* PS C: > Get-Hot. Fix -Description update PS C: > Get-Hot. Fix -Description software*
demo Working with Hot fixes Ed Wilson Microsoft Scripting Guy Microsoft
Working with Event logs Two cmdlets. Both support computername Get-Event. Log Get-Win. Event Get-Event. Log Traditional event logs. Easy to use syntax PS C: > Get-Event. Log -Log. Name application ` -Computer. Name berlin -Newest 1 Get-Win. Event Can access diagnostic logs PS C: > Get-Win. Event –logname Microsoft. Windows-Win. RM/Operational –Max. Events 1
Using Get-Event. Log Use to access classic event logs only Use Log. Name parameter to specify log System, Application, Security etc. PS C: > Get-Event. Log –Log. Name Application Use Source parameter filters where event from PS C: > Get-Event. Log -Log. Name application -Source vss Use Newest parameter to limit number records Use Entry. Type parameter to limit type records Error, Warning, Information, Auditing Use Computer. Name parameter to remote
Using Get-Win. Event Use the List. Log parameter to list logs Use wild cards to search for logs *winrm* Use Log. Name parameter to query logs Use wild cards for log name as well *winrm* Use when have single match, only one with events Use List. Provider parameter to display sources To use the ETW diagnostic logs Enable ETW diagnostic logging ETW logs can only be played Forward. An error is returned unless you use –oldest switch More information in Advanced Scripting Talk by Dan Harmon
demo Working with Event logs Ed Wilson Microsoft Scripting Guy Microsoft
Using WMI Events Do not confuse with event logs. Easy to work with temporary short term events Monitor for process creation Monitor for service stopping Monitor for USB drive attached to system Use Register-Wmi. Event to create Uses intrinsic WMI event classes, or generics Can be local or remote. Remote credentials if need Retrieve by Get-Event and Source. Identifier Un. Register-Event or Remove-Event when done
demo Working with WMI Events Ed Wilson Microsoft Scripting Guy Microsoft
Working with Hardware Inventory Use the Get-Wmi. Object cmdlet to work with WMI Basic query uses Class and Computername PS C: > Get-Wmi. Object -Class Win 32_Bios ` -Computer. Name berlin PS C: > gwmi win 32_Bios -co berlin Use Credential parameter for remote if need Other parameters allow full WMI Amended Authentication Authority Impersonation Enable. All. Privileges
demo Working with hardware inventory Ed Wilson Microsoft Scripting Guy Microsoft
Working with Software Uses Win 32_Product WMI class Uses MSIPROV Installed by default on: Windows 7 Windows Server 2008 R 2 Windows Server 2008 Windows Vista, and Windows XP Need to Add on Windows Server 2003 Use to inventory software installed via MSI Install Method to install software Uninstall Method to uninstall software
demo Working with software Ed Wilson Microsoft Scripting Guy Microsoft
Setting security Best to use ICACLS. exe Installed on –Windows Vista and above Available on Windows Server 2003 SP 2 You need the hotfix 943043 to fix inheritance issue PS C: > icacls test /Deny Everyone: `(R`) PS C: > icacls test /Grant Everyone: `(F`) Get-ACL Retrieves the security descriptor from item Set-ACL Sets the security descriptor on item
demo Setting Security Ed Wilson Microsoft Scripting Guy Microsoft
Stop by and see the Scripting Guys What types of tasks do you need to automate What types of scripts would you like to see What script do you wish you had now What would you like to see in the Script Repository How could we make it easier to navigate How can we make your life easier What types of functions / modules do you wish you had
question & answer
Resources www. microsoft. com/teched www. microsoft. com/learning Sessions On-Demand & Community Microsoft Certification & Training Resources http: //microsoft. com/technet http: //microsoft. com/msdn Resources for IT Professionals Resources for Developers www. microsoft. com/learning Microsoft Certification and Training Resources
Resources Microsoft Technet Script Center www. Scripting. Guys. com Daily Hey Scripting Guy! Article Script Center Script Repository Microsoft Press Scripting Books Microsoft Windows Powershell Step By Step Windows Power. Shell Scripting Guide
Advanced Windows Power. Shell Scripting HOL Introduction to Windows Power. Shell Fundamentals HOL Windows Power. Shell Programming HOL
Complete an evaluation on Comm. Net and enter to win!
© 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U. S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
Linux leger
Thin client vs thick client
Zero client vs thin client
Side indicator powershell
Powershell security best practices
Wine powershell
Github powercat
How to bypass uac with powershell
Kansa incident response
Jeffrey snover powershell training
Powershell alapok
Moar power
Bcp powershell
Powershell snmp get
Powershell lateral movement
Powershell org
Pstrami
Get tombstone lifetime powershell
Trustpki enterprise non-activex client
Putting the enterprise into the enterprise system
Putting the enterprise into the enterprise system
Nut outline
Client database
Bacula windows client configuration
Lufttryck formel
Ellika andolf
Densitet vatten
Elektronik för barn
Tack för att ni har lyssnat
Smärtskolan kunskap för livet
Sju principer för tillitsbaserad styrning
Epiteltyper
Skriven med rytm och rim
Vad är ett minoritetsspråk
Magnetsjukhus
