Windows PowerShell for the Administrator

Windows PowerShell is an entirely new tool made available by Microsoft to make administering easier with the speed and flexibility of a command line interface. I know it is quite challenging to pick up the operations of PowerShell in a snap and if you have been using UNIX and now Linux you are not satisfied with PowerShells functionality.

Its release as a Knowledge Base update for older Microsoft Operating Systems and its core integration in Microsoft Exchange 2007, Windows Server 2008, SQL Server 2008, and now Windows 7 is just a sign to show that it is here to stay. Therefore you might as well gdive it a chance and you will probably find it powerful as the name states and a quite handy addition to your administration pen knife.

It is general knowledge that with great power comes great risk. The Windows PowerShell can easily cause massive configuration changes. It is advisable to protect your system by using a testing environment and also using the -confirm parameter to test you configuration commands.

With PowerShell you can retrive a list of all the USB devices installed in your system. This trick is particularly helpful if you’re trying to compile a list of servers that have USB license devices installed on them.

If you are an Admin the you have probably heard of Windows Management Instrumentation. Windows PowerShell can make a WMI call as follows:

gwmi Win32_USBControllerDevice -computername snettsblog (or the name of the computer) |fl Antecedent,Dependent

This applies a filter | fl to bring back the Antecedent and Dependent fields from the computer. You can as well ignore the filter in order to bring out a full export of the USB devices on the system.

Killing processes has been made easy using the Task Manager and even faster using the normal Windows command line. Powershell has made it even more interactive as shown:

get-process BadPr*

This command will fetch all the details on the process BadProcess (please not the way the command get-process has been issued to find this process). Once the information has been returned you can kill the process using its process ID as follows:

stop-process -id 2329

To kill the process by name you would enter the command:

stop-process  name badprocess

On pressing enter the BadProcess will be hard stopped and this is handy if you had a problem stopping it from the Task Manager.