Windows PowerShell

Misc commands

Setting NTFS permissions with PowerShell

Using the replace operator with regular expressions, note the use of the `

"Hello Stephen" -replace "^Hello (.+)$", "Goodbye `$1"

Passing an array to a constructor

$certString = "MIIDT....."
$certBytes = [System.Convert]::FromBase64String($certString)
$cert = [System.Security.Cryptography.X509Certificates.X509Certificate2] $certBytes

Listing Windows Updates with PowerShell

Taken from a very useful article: The code is copied here in case the page gets removed.

Standard listing using WMI

Get-WmiObject -Class "win32_quickfixengineering" |
Select-Object -Property "Description", "HotfixID", @{Name="InstalledOn"; Expression={([DateTime]($_.InstalledOn)).ToLocalTime()}}

To get a list of hotfixes to transport to another system the PowerShell fragment below prints a command that can be executed on the remote system.

'$hotfixes = @("{0}")' -f ((Get-WmiObject win32_quickfixengineering | % {$_.HotFixID}) -join '","')

Full listing of updates

$Session = New-Object -ComObject "Microsoft.Update.Session"
$Searcher = $Session.CreateUpdateSearcher()
$historyCount = $Searcher.GetTotalHistoryCount()
$Searcher.QueryHistory(0, $historyCount) | Select-Object Title, Description, Date,
    @{name="Operation"; expression={switch($_.operation){
        1 {"Installation"}; 2 {"Uninstallation"}; 3 {"Other"}

Installed products

To get installed products:

Get-WmiObject win32_product | sort Vendor,Name | ft -Wrap -AutoSize Version,Name -GroupBy Vendor
dir HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ | % {$_.OpenSubkey($_.Path).GetValue("DisplayName")}

IIS Management with PowerShell

Exchange management

Taken from (I have not validated this code fragment).

SecureString password = new SecureString();
string str_password = "xxxxx";
string username = "";
foreach (char x in str_password) { password.AppendChar(x); }
PSCredential credential = new PSCredential(username, password);

WSManConnectionInfo connectionInfo = new WSManConnectionInfo(new Uri(""), "", credential);

Runspace runspace = RunspaceFactory.CreateRunspace(connectionInfo);

PowerShell powershell = PowerShell.Create();

PSCommand command = new PSCommand();
command.AddParameter("ResultSize", int.MaxValue);
powershell.Commands = command;
powershell.Runspace = runspace;
Collection usersList = powershell.Invoke();

Authenticated web request

The following fragment is useful for testing, both injecting credentials into a web request and ignoring certificate validation failures (this must only be used for testing/diagnostic purposes):

$url = "https://«host»/«path»"
$account = "«domain»\«username»"

if ($password -eq $null) {$password = read-host -AsSecureString "Enter password for $account"}

$source = @"
using System.Net;
using System.Net.Security;
using System.Security.Cryptography.X509Certificates;

public static class CustomCertificateValidationCallback {
    public static void Install() 
        ServicePointManager.ServerCertificateValidationCallback += CustomCertificateValidationCallback.CheckValidationResult;

    public static bool CheckValidationResult(
        object sender, 
        X509Certificate certificate, 
        X509Chain chain, 
        SslPolicyErrors sslPolicyErrors)
        // please don't do this. do some real validation with explicit exceptions.
        return true;
Add-Type -TypeDefinition $source -Language CSharp

[System.Reflection.Assembly]::LoadWithPartialName("System.Net") > $null
[System.Reflection.Assembly]::LoadWithPartialName("System.Net.Http") > $null
$cred = New-Object System.Net.NetworkCredential -ArgumentList $account,$password
$handler = New-Object System.Net.Http.HttpClientHandler
$handler.Credentials = $cred
$handler.PreAuthenticate = $True
$httpclient = New-Object System.Net.Http.HttpClient -ArgumentList $handler

Windows Features

# Get a list of windows features to install on another system
(Get-WindowsFeature | ? {$_.Installed} | ? {$_.SubFeatures.Length -Eq 0} | % {$_.Name}) -Join ","

PowerShell Command History File


Automating Remote Desktop configuration

Turning on Remote Desktop automatically, includes updating Remote Desktop User group:

Configuring the filrewall in unattend file – includes setting for key:

Disabling network level authentication


Select certificate for desktop services:

wmic /namespace:\\root\cimv2\TerminalServices PATH Win32_TSGeneralSetting Set SSLCertificateSHA1Hash=""

Hyper-V scripts and resources

PowerShell to mount CD in virtual machine

Get virtual host information from guest:

get-itemproperty 'HKLM:\SOFTWARE\Microsoft\Virtual Machine\Guest\Parameters'

Get virtual machine system information through PowerShell

$vmname = "xxx"
$SysInfo = Get-WmiObject -Class Msvm_VirtualSystemSettingData -Namespace Root\virtualization | ? {$_.ElementName -eq $vmname}

Re-attach virtual machines where no export has been performed

foreach($nextGuid in Get-ChildItem ("{0}\Virtual Machines" -f $newVMLocation) -Name *.xml | % {$_ -replace "^(.*)\.xml$","`$1"})
	$linkName = ("C:\ProgramData\Microsoft\Windows\Hyper-V\Virtual Machines\{0}.xml" -f $nextGuid)
	$xmlName = ("{0}\Virtual Machines\{1}.xml" -f $newVMLocation,$nextGuid)
	if (-Not (Test-Path $linkName))
		$linkCommand = ('cmd /c mklink "{0}" "{1}"' -f $linkName, $xmlName)
		Invoke-Expression $linkCommand

		icacls `"$linkName`" /grant `"NT VIRTUAL MACHINE\$nextGuid`"`:`(F`) /L

		icacls `"$newVMLocation`" /T /grant `"NT VIRTUAL MACHINE\$nextGuid`"`:`(F`)

Get machine serial number & name

wmic bios get serialnumber
wmic csproduct get name, identifyingnumber