Skip to content

Microsoft Notebook


  • Generate a GUID: [guid]::NewGuid()
  • Check if a path exists: Test-Path
  • Ping a server using Powershell:
    PS> $ping = New-Object System.Net.NetworkInformation.Ping
    PS> $ping.Send("<em>server_name</em>", <port>)
  • You can configure startup operations for Powershell in the profile file. This great article shows how
  • Powershell sometimes block the user from executing script. This is a security feature to protect the user from malicious scripts. You can change the execution policy by running Set-ExecutionPolicy policy_name. The possible policy names are Unrestricted, RemoteSigned, and AllSigned. You can read more about PS execution policies at TechNet
  • Creating a file in unix is simple – touch . In PS it is a bit more complicated, but still one line: New-Item -Type filename -Path path
  • Open a file using it’s default program with Invoke-Item [filename]
  • The parallel to tail -f in powershell is Get-Content -tail 1 -wait [filename]
  • Get information about the computer: Get-WMIObject -class Win32_ComputerSystem
  • Test a port in a server is accessible and if someone is listening on the other side: New-Object System.Net.Sockets.TcpClient machinename, 1337
  • Powershell works with objects, so you can’t simply take the output of a command and treat it like a string. This came up when I was trying to filter a list of services with a specific text in their name. But as usual, there is a good workaround – the cmdlet Out-String transforms the output of a command to a string. So using my example, I wanted to search for all stopped services, so I did Get-Service | Out-String -Stream | Select-String "Stopped". It is important to use the -Stream flag, otherwise Out-String will create one long string with all the output, with means you will not be able to filter rows from a list


WMI (Windows Management Instrumentation) is the infrastructure for management data and operations on Windows-based operating systems. See this source for more information. WQL (WMI Query Language) is a subset of SQL that can be used to query WMI. See this source for more information. The following WQL query will return all services in a windows computer:

SELECT * FROM Win32_Service

(you can run the query in PowerShell with Get-WmiObject -query [your query here]) To see what a specific Name will be when a role is installed, you can run: WMIC /namespace:\root\cimv2 path Win32_ServerFeature get * /format:list


Windows Events

Create an event from the command line: eventcreate.exe /ID /T /d "" /l "". For help on this command, to eventcreate.exe /?.

Active Directory

  • Query active directory with PS: (New-Object DirectoryServices.DirectorySearcher “”).FindOne(). See this page for more information on how to query the directory for more information


Azure PS

  • Add an azure account to your local machine: Add-AzureAccount. This opens a login page where you put the credentials used to login to Azure. It will import all the subscriptions that are associated with this account
  • For many operations you need to select a specific azure subscription. This is done with Select-AzureSubscription. You may also need to set the default storage for this subscription, which is going to be used when you upload stuff to azure. This is done with flag -CurrentStorageAccountName storageName
  • List azure VMs in a subscription: Get-AzureVM
  • Get the configuration of all azure virtual networks: (Get-AzureVNetConfig).XMLConfiguration
  • Set a static internal IP for a VM in an azure VNet: Get-AzureVM -ServiceName "serviceName" -name "VMName" | Set-AzureStaticVNetIP -IPAddress IP Address | Update-AzureVM


  • klist is a utility to list and work with Kerberos tickets. I found it while searching for a way to delete all Kerberos tickets from a machine, which is simply done with klist purge.


  • Love how you can easily install stuff in Linux using all kinds of package managers? You can also do this in Windows using Chocolately

Be First to Comment

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.