PowerShell Quickstart – How to get up and running fast!

If you’re seeking to get up and running quickly with PowerShell and you aren’t sure where to start, you’ve come to the right place!

PowerShell is an invaluable scripting tool for both system administrators and developers alike. Getting up to speed with it will make for a very useful addition to your toolkit.

In this article, I cover the key things you need to know about PowerShell to start being productive with it as soon as possible, including how to learn as you go along without even leaving the terminal.

PowerShell introduction

In the interests of getting started quickly, I will keep this introduction to PowerShell fairly brief.

PowerShell, as per its name, is a powerful shell that leverages the capabilities of .NET to provide a unique command-line experience.

While many other command-line tools return their output as text, everything in PowerShell is an object. This means that the results of one PowerShell command can be ‘piped’ to another to build up complex chains of commands. This is a very powerful concept and one that makes PowerShell extremely versatile.

PowerShell has evolved over time and there’s even a cross-platform version called ‘PowerShell Core’ which runs on macOS and Linux as well as Windows machines.

If you want to use PowerShell Core rather than the standard PowerShell which comes with Windows, check out the PowerShell Core section in my Windows Terminal blog post.

Before moving on, please note that most PowerShell commands are referred to as ‘cmdlets’, so where possible this is how I will refer to individual commands in the following sections. I’ll use the term ‘command’ to refer to a line of script code instead.

Getting started

To get started, let’s open a PowerShell terminal.

PowerShell has been integrated into Windows ever since Windows 7 and Windows Server 2008 R2 were released. Therefore if you’re running Windows you shouldn’t need to install anything in order to follow along.

Launch the terminal

The quickest way to launch PowerShell on Windows is to open the ‘Run’ dialog (WIN + R) then type the following command and press the Enter/Return key.

powershell

This should open up a new PowerShell window in the standard Console Host.

PowerShell
PowerShell

The terminal has a blue background by default to help differentiate it from a standard Command Prompt window.

An example command

Now for a quick example, as per the command shown in the screenshot above, type the following and then press the Enter/Return key.

Get-Process | Format-List

This command returns all currently running processes and outputs the results in a list format.

The ‘pipe’ character is used to pipe the collection of process objects which are returned by the Get-Process cmdlet to the Format-List cmdlet for display on the screen.

Most PowerShell cmdlets follow a familiar Verb-Noun convention e.g. Get-Process, Set-Process, Write-Host etc. This makes it possible to anticipate what cmdlets are likely to be available and speeds up the learning process.

Variables

PowerShell features variables, which are essential for full scripts but are also very useful when working in the terminal.

Variables work really well when operating via the terminal since you can use them in lots of different scenarios. This includes cases where you are executing regular ‘DOS’ commands.

Here’s a simple example.

$ipAddress = "192.168.1.1"
ping $ipAddress

Variables must begin with a dollar sign.

Once declared and initialised, a variable that is set within a terminal session can be used again when issuing further commands.

Getting help

Before we explore any further example commands let’s learn how to get help directly from the PowerShell terminal.

I believe that learning how to use the built-in help system greatly speeds up the process of learning PowerShell and creates a solid foundation to build upon.

As a PowerShell script creator, there are three help cmdlets that you need to know about, as follows.

  • Get-Help
  • Get-Command
  • Get-Member

With the above cmdlets at your disposal, you can find out almost everything you need to know regarding what is possible with PowerShell and how to use it.

Let’s cover each of these cmdlets in more detail in the following sub-sections.

Get-Help

If you are following along, execute the Get-Help cmdlet within a PowerShell session. This will output lots of information about the cmdlet, including examples.

One of the examples shown is as follows.

Get-Help Get-Process

This command will display help information regarding the Get-Process cmdlet.

You will notice, however, that only partial help is displayed. This is because PowerShell doesn’t include full offline help by default.

To correct this you can install offline help files directly from the PowerShell terminal.

Relaunch PowerShell as Administrator and then issue the following command.

Update-Help

This command will download all of the available help content for offline use. It will take a few minutes to run.

After the help content has finished downloading try reissuing the earlier command, as follows.

Get-Help Get-Process

After running the command again you should see that there is a lot more help content available than before.

The REMARKS section suggests running the following command.

Get-Help Get-Process -examples

This command outputs a range of examples.

One of the examples shown is as follows.

Get-Process | Where-Object {$_.WorkingSet -gt 20000000}

This command ‘pipes’ the output of the Get-Process cmdlet to the Where-Object cmdlet which then filters the results to only the processes which have a working set greater than 20 MB.

You should find the examples provided by the help system particularly useful as you continue to learn PowerShell.

Get-Command

Next up is Get-Command.

If you try running Get-Command on its own, you’ll be waiting for a while as PowerShell proceeds to list every single available alias, function and cmdlet available on your system!

Get-Command is a very useful cmdlet for finding out what PowerShell features you have available.

However, rather than displaying a full list, it is more often useful to apply a filter.

Get-Command | Where-Object {$_.Name -like "*process*"}

The above command filters the results from Get-Command to only show ‘commands’ with names that contain the text ‘process’. After issuing this command we can see that in addition to the Get-Process cmdlet which we’ve already come across there are a number of other process-related cmdlets such as Start-Process.

Now that we know Start-Process exists we can use the Get-Help cmdlet to find out more about it and/or include example commands, as follows.

Get-Help Start-Process -examples

After reviewing the examples we can very quickly establish how to launch Notepad in a maximised state and wait for it to close, as follows.

Start-Process -FilePath "notepad" -Wait -WindowStyle Maximized

That’s pretty neat!

Get-Member

Last but not least, there is the Get-Member cmdlet.

The basic usage of the cmdlet is as follows.

Get-Process | Get-Member

After issuing the above command, details regarding the type of object returned by the Get-Process cmdlet will be displayed, along with a list of all of the object properties.

This allows us to work out what properties we can access for display, filtering or other purposes.

As an example, we can see that there is StartTime property that is of type DateTime. Using this information we can filter processes that have been started within the last 10 minutes as follows.

Get-Process | Where-Object {$_.StartTime -gt (Get-Date).AddMinutes(-10)}

It’s very helpful to be able to access all of this information without having to leave the terminal.

By using Get-Help, Get-Command and Get-Member together you can very quickly garner the majority of the information required to accomplish what you need to do without having to search for help online.

Useful commands

Although the help cmdlets covered in the previous section are great and allow you to self-learn quickly, I want to cover some useful commands which should give you a headstart as you begin your PowerShell journey.

Write-Host

When learning any new language, it can be very useful as you are starting out to log debug messages to the console. This helps with determining the value of variables and understanding the flow of execution.

If you need to output something to the console from PowerShell you can use the Write-Host cmdlet.

Write-Host 'Processing...'

The above command will simply output the text ‘Processing…’ to the terminal.

Write-Host can be very useful for debugging scripts and you can use it in conjunction with PowerShell variables.

Note that the Get-Variable cmdlet can be used to return a list of all available PowerShell variables for reference.

Here’s an example of using a PowerShell variable.

Write-Host "Home directory: $HOME"

The above command outputs the Home directory of the currently logged-in user.

PowerShell string interpolation allows variables to be included inside strings that are surrounded by double quotes. If a string is surrounded by single quotes the string will be interpreted literally.

Note that there is also a Write-Output cmdlet that is very similar to Write-Host but allows the output to be passed along the pipeline to another cmdlet for further processing.

Get-Service

The Get-Service cmdlet provides information regarding installed services.

Whenever you run Get-Service without any parameters, the basic details of all services which are installed on your machine will be listed. This includes both Running and Stopped services.

Building on our previous knowledge, we can issue a command like the following.

Get-Service | Where-Object {$_.Name -like "*audio*"}

This command will filter the list of services to only those which have a name containing the text ‘audio’ to see all audio-related services.

We can put more of our prior knowledge into practice by running Get-Service through the Get-Member cmdlet, as follows.

Get-Service | Get-Member

After reviewing the output of the above command we can see that Get-Service returns ServiceController objects which have a Stop method.

This means that we could issue the following command to stop all audio-related services.

Get-Service | Where-Object {$_.Name -like "*audio*"} | ForEach-Object {$_.Stop()}

The above command gets all of the audio-related services and then pipes each filtered service object to the Foreach-Object cmdlet which calls the Stop method on each one.

Note that in PowerShell the ‘dollar underscore’ syntax is used to represent the current object within a loop.

There is also a Start-Service cmdlet. As per what we did earlier, the Get-Command cmdlet can be used to find other service-related cmdlets.

Get-EventLog

In addition to querying services, we can also inspect the Event Log of a machine.

Get-EventLog -LogName System -Newest 100

The above command gets System event logs and restricts the results which are returned to the 100 most recently logged entries.

There are a number of other optional parameters which we can pass to Get-EventLog to filter the list further e.g. we can use the -EntryType parameter to filter on Warnings, Errors etc.

You can use the Get-Help cmdlet to discover the full list of available parameters.

Out-GridView

PowerShell features a number of cmdlets such as Format-Table and Format-List which output data in a specific format.

One of my personal favourites is the Out-GridView cmdlet which outputs data to an interactive grid. The grid includes some really useful features such as filtering and sorting.

We can easily pipe the results of a cmdlet to Out-GridView for display e.g. the results of Get-EventLog or Get-Service from the previous sub-sections.

Get-Service | Out-GridView

Executing the above command results in a window similar to the following appearing on the screen.

PowerShell GridView
PowerShell GridView

Once you have the data filtered and sorted to your liking you can copy and paste selected rows from the grid to a spreadsheet or another data source for further processing.

Get-PSDrive

A very interesting feature of PowerShell is its ‘drive’ abstraction whereby things like the Certificate Store and Registry can be treated like filesystem drives and can be navigated as such.

If you run the Get-PSDrive cmdlet, the table which is returned will list several drive options including HKCU which allows us to interact with the Current User area of the Registry.

We can use the Set-Location cmdlet to connect to the Registry.

Set-Location HKCU:

Now type the following to list the contents of the Registry within the terminal.

dir

Pretty cool, right?

You can use other directory-style commands such as cd to change ‘directory’ within the Registry.

Get-WmiObject

You can interact with Windows Management Instrumentation using the Get-WmiObject cmdlet.

Get-WmiObject Win32_PhysicalMemory

The above command returns information regarding the memory which is installed on the current machine.

Here are a couple of additional examples.

Get-WmiObject Win32_Bios

The above command shows BIOS information including the Manufacturer and Version.

Get-WmiObject -Query "select * from win32_service where name='WinRM'" |
Format-List -Property PSComputerName, Name, ExitCode, Name, ProcessID, StartMode, State, Status

The above command is a little bit more complex. It runs an arbitrary WMI query, formats the results as a list, and uses the ‘Property’ parameter to specify the object properties to return.

Get-History

Whenever you’re working with a PowerShell terminal it’s often useful to see a history of the commands you have been running. You can do this using the Get-History cmdlet.

Running Get-History will output the ‘Id’ and ‘CommandLine’ of each command which has been issued in the current session.

If you need to re-execute a particular command you can do this using the Invoke-History cmdlet.

Invoke-History 7

The above command will execute command ID 7 from the history list.

New-Object

PowerShell is built around the .NET Framework which means that we have access to the full BCL (Base Class Library), just as we do with other .NET languages such as C# and F#.

The New-Object cmdlet allows us to create an object instance of any .NET class.

$version = New-Object -TypeName System.Version -ArgumentList "1.2.3.4"
Write-Host $version

The New-Object cmdlet also allows COM objects to be created via the -COMObject parameter.

Going further

After getting familiar with some of the most commonly used PowerShell cmdlets the next thing you’ll typically want to do is to put a series of commands together into a script that can automate a process for you.

ISE

As well as the PowerShell command-line interface, Windows comes with an Integrated Scripting Environment, the PowerShell ISE.

To launch the ISE open the ‘Run’ dialog (WIN + R) and type the following command, then press the Enter/Return key.

powershell_ise

This will open a new PowerShell ISE window, which looks like the image shown below.

PowerShell ISE
PowerShell ISE

The PowerShell ISE is a fully-featured scripting environment with Intellisense and debugging capabilities.

With the ISE you can very quickly create a script, run it, test it, and save it for future use.

PowerShell script files are saved with the .ps1 extension.

You can learn more about the PowerShell ISE in the Microsoft Docs.

Execution Policies

When you try to run a saved PowerShell script file for the first time on your machine you will get an error message similar to the following.

File C:\Users\Jonathan\Desktop\Get Recent Processes.ps1 cannot be loaded. The file C:\Users\Jonathan\Desktop\Get Recent 
Processes.ps1 is not digitally signed. You cannot run this script on the current system. For more information about running
scripts and setting execution policy, see about_Execution_Policies at https:/go.microsoft.com/fwlink/?LinkID=135170.
+ CategoryInfo : SecurityError: (:) [], ParentContainsErrorRecordException
+ FullyQualifiedErrorId : UnauthorizedAccess

This is by design. Windows does not allow un-signed PowerShell scripts to be run by default for security reasons.

To allow a locally created script to run, execute the following command via an elevated PowerShell terminal.

Set-ExecutionPolicy RemoteSigned

After executing the above command an Execution Policy Change warning will appear which you will need to acknowledge in order to proceed.

The ‘RemoteSigned’ execution policy is the next safest policy after the default ‘Restricted’ policy.

You can find out more about execution policies in the Microsoft Docs.

Remoting

Another great feature of PowerShell is its ability to execute commands remotely on other machines.

There are several options for remoting with PowerShell.

The most basic option allows a command to be executed on a single remote machine via the -ComputerName parameter which many cmdlets support, including the Get-Service cmdlet.

Get-Service -ComputerName machine-01

This is a quick way to get started with remoting, providing remote execution has been enabled by running the Enable-PSRemoting cmdlet via an elevated PowerShell terminal on the machine you are trying to connect to.

One of the most powerful remoting options is enabled by the New-PSSession cmdlet.

$session = New-PSSession -ComputerName machine-01, machine-02

The above command sets up a persistent connection to two separate machines on the network and stores the connection details in the $session variable.

The $session variable can then be passed to the Invoke-Command cmdlet along with a script block to execute.

Invoke-Command -Session $session {Get-NetIPAddress}

In addition to script blocks, you can also execute script files using Invoke-Command, as follows.

Invoke-Command -Session $session -FilePath C:\Scripts\LogIPAddress.ps1

This command will execute the ‘LogIPAddress.ps1’ script file on the machines which we are connected to via the session.

Summary

In summary, we have looked at the essential help cmdlets which will allow you to quickly get up to speed with the capabilities of PowerShell.

We’ve also covered a number of commands which are useful to know about when getting started with PowerShell.

Lastly, we’ve briefly looked at some of the more advanced features of PowerShell, including its script editor and remoting capabilities.

I trust that you found this article helpful in getting you up to speed quickly with PowerShell!

Comments

This site uses Akismet to reduce spam. Learn how your comment data is processed.