Microsoft Notebook


  • Generate a GUID: [guid]::NewGuid()
  • Check if a path exists: Test-Path
  • Ping a server using Powershell:
    PS> $ping = New-Object System.Net.NetworkInformation.Ping
    PS> $ping.Send("<em>server_name</em>", <port>)
  • You can configure startup operations for Powershell in the profile file. This great article shows how
  • Powershell sometimes block the user from executing script. This is a security feature to protect the user from malicious scripts. You can change the execution policy by running Set-ExecutionPolicy policy_name. The possible policy names are Unrestricted, RemoteSigned, and AllSigned. You can read more about PS execution policies at TechNet
  • Creating a file in unix is simple – touch . In PS it is a bit more complicated, but still one line: New-Item -Type filename -Path path
  • Open a file using it’s default program with Invoke-Item [filename]
  • The parallel to tail -f in powershell is Get-Content -tail 1 -wait [filename]
  • Get information about the computer: Get-WMIObject -class Win32_ComputerSystem
  • Test a port in a server is accessible and if someone is listening on the other side: New-Object System.Net.Sockets.TcpClient machinename, 1337
  • Powershell works with objects, so you can’t simply take the output of a command and treat it like a string. This came up when I was trying to filter a list of services with a specific text in their name. But as usual, there is a good workaround – the cmdlet Out-String transforms the output of a command to a string. So using my example, I wanted to search for all stopped services, so I did Get-Service | Out-String -Stream | Select-String "Stopped". It is important to use the -Stream flag, otherwise Out-String will create one long string with all the output, with means you will not be able to filter rows from a list


WMI (Windows Management Instrumentation) is the infrastructure for management data and operations on Windows-based operating systems. See this source for more information. WQL (WMI Query Language) is a subset of SQL that can be used to query WMI. See this source for more information. The following WQL query will return all services in a windows computer:

SELECT * FROM Win32_Service

(you can run the query in PowerShell with Get-WmiObject -query [your query here]) To see what a specific Name will be when a role is installed, you can run: WMIC /namespace:\root\cimv2 path Win32_ServerFeature get * /format:list


Windows Events

Create an event from the command line: eventcreate.exe /ID /T /d "" /l "". For help on this command, to eventcreate.exe /?.

Active Directory

  • Query active directory with PS: (New-Object DirectoryServices.DirectorySearcher “”).FindOne(). See this page for more information on how to query the directory for more information


Azure PS

  • Add an azure account to your local machine: Add-AzureAccount. This opens a login page where you put the credentials used to login to Azure. It will import all the subscriptions that are associated with this account
  • For many operations you need to select a specific azure subscription. This is done with Select-AzureSubscription. You may also need to set the default storage for this subscription, which is going to be used when you upload stuff to azure. This is done with flag -CurrentStorageAccountName storageName
  • List azure VMs in a subscription: Get-AzureVM
  • Get the configuration of all azure virtual networks: (Get-AzureVNetConfig).XMLConfiguration
  • Set a static internal IP for a VM in an azure VNet: Get-AzureVM -ServiceName "serviceName" -name "VMName" | Set-AzureStaticVNetIP -IPAddress IP Address | Update-AzureVM


  • klist is a utility to list and work with Kerberos tickets. I found it while searching for a way to delete all Kerberos tickets from a machine, which is simply done with klist purge.


  • Love how you can easily install stuff in Linux using all kinds of package managers? You can also do this in Windows using Chocolately

This site uses Akismet to reduce spam. Learn how your comment data is processed.