Powershell
Shutdown Computer:
Stop-Computer
Restart Computer:
Restart-Computer
Shutdown remote computer:
Stop-Computer –computer DC1 –Credential domain\administrator
Get-Command -Noun computer
Name
---------------
Add-Computer
Checkpoint-Computer
Remove-Computer
Rename-Computer
Restart-Computer
Restore-Computer
Stop-Computer
Stop-process
Stop-Process -Name notepad
Stop-Process -ID 2668
Set-ExecutionPolicy
Set-ExecutionPolicy Unrestricted
• Restricted — Restricted is the default execution policy and locks PowerShell down so that commands can be entered only interactively. PowerShell scripts are not allowed to run.
• All Signed — If the execution policy is set to All Signed then scripts will be allowed to run, but only if they are signed by a trusted publisher.
• Remote Signed — If the execution policy is set to Remote Signed, any PowerShell scripts that have been locally created will be allowed to run. Scripts created remotely are allowed to run only if they are signed by a trusted publisher.
• Unrestricted — As the name implies, Unrestricted removes all restrictions from the execution policy.
Checking the IP addresses on the local system
ipconfig /all
Related commands:
•ipconfig /release -- releases currently assigned IP addresses
•ipconfig /renew -- acquires IP addresses from a DHCP server
Clearing the DNS cache on the local computer
ipconfig /flushdns
Related commands:
•ipconfig /displaydns -- displays the current DNS cache
•net start (or stop) dnscache -- turns on (or off) the local DNS cache client, flushing the DNS cache. Turning off the cache allows the system to resolve addresses: Each address will be resolved each time a request is made, rather than saving the IP address for that host.
Querying group policy settings
gpresult /R
For remote computers:
gpresult /S computername /U username /P password /R
Related commands:
•gpresult /H filename.html -- creates an HTML-formatted view of the group policy settings
Refreshing group policy settings
gpupdate /force
Shutting down a computer
shutdown /s
For remote computers:
shutdown /m \\computername /s
Related commands:
•shutdown /r -- performs shutdown and restart
•shutdown /a -- aborts a shutdown
•shutdown /r /t 120 /c "Shutting Down for maintenance" /f /d p:4:1 -- performs a shutdown in 120 seconds, gives a message to the user, forces applications closed and notes the shutdown reason in the event log
Query the audit settings
auditpol /get /category:*
Related commands:
•auditpol /get /category:* /r -- outputs results to CSV format
Perform a Windows Update check in
wuauclt /detectnow
Query the status of services
sc query state= all
For remote computers:
sc \\computername query state= all
Related commands:
•sc query service_name -- queries a specific service
•sc qc service_name -- obtains configuration information for a specific service
•sc \\computername stop service_name -- stops a service on a remote computer
•sc \\computername start service_name -- starts a services on a remote computer
Query the status of the Windows Firewall
netsh advfirewall show allprofiles
For remote computers:
netsh -r computername advfirewall show allprofiles (Note: Remote registry access must be available on the remote computer for this command to work.)
Related commands:
•netsh advfirewall set allprofiles state off -- turns off the firewall for all states
•netsh -r computername advfirewall set publicprofile state on -- turns on the remote computer's firewall for the public profile.
•netsh -r computername advfirewall set privateprofile state off -- turns off the remote computer's firewall for the private profile.
Execute a command against a group of computers
To query the firewall state for all computers in a Class C network and save results to individual filenames, enter the following:
FOR /L %i IN (1,1,254) DO netsh -r 192.168.1.%i advfirewall show allprofiles >192.168.1.%i.firewallstate.txt
Substitute your favorite remote command-line commands in place of the netsh command above.
Example:
FOR /L %i IN (1,1,254) DO gpresult /S 192.168.1.%i /F /H 192.168.1.%i.gpresult.html
Find the five processes using the most memory
ps | sort ws | select –last 5
Write errors in command to seperate file
[PS] C:\scripts>.\testscript.ps1 >permissions.txt 2>errorlog.txt
Windows Start | Run commands
| Description | Run Command |
|---|---|
| Accessibility Options | control access.cpl |
| Accessibility Options | utilman |
| Add Hardware Wizard | hdwwiz.cpl |
| Add/Remove Programs (Add New Programs) (Add Remove Windows Components) (Set Program Access & Defaults ) |
appwiz.cpl control appwiz.cpl,,1 control appwiz.cpl,,2 control appwiz.cpl,,3 |
| Administrative Tools | control admintools |
| Advanced User Accounts Control Panel | netplwiz |
| Authorization Manager | azman.msc |
| Automatic Update | control wuaucpl.cpl |
| Backup Status and Utility | sdclt |
| Bluetooth Transfer Wizard | fsquirt |
| Calculator | calc |
| Certificate Manager | certmgr.msc |
| Character Map | charmap |
| Check Disk Utility | chkdsk |
| Color Management | colorcpl.exe |
| Command Prompt | cmd |
| Component Services | dcomcnfg |
| Computer Management | CompMgmtLauncher compmgmt |
| Control Panel | control |
| Credential (passwords) Backup and Restore Wizard | credwiz |
| Date and Time Properties | timedate.cpl |
| Device Manager | devmgmt.msc |
| Direct X Control Panel (if installed) | directx.cpl |
| Direct X Troubleshooter | dxdiag |
| Disk Cleanup Utility | cleanmgr |
| Disk Defragmenter | dfrgui defrag |
| Disk Management | diskmgmt.msc |
| Disk Partition Manager | diskpart |
| Display Properties (Themes, Desktop, Screensaver) | control desktop |
| Display Properties (Resolution, Orientation) | desk.cpl |
| Display Properties (Color & Appearance) | control color |
| Driver Verifier Utility | verifier |
| DVD Player | dvdplay |
| Event Viewer | eventvwr.msc |
| File Signature Verification Tool | sigverif |
| Files and Settings Transfer Tool | windows\system32\migwiz\migwiz.exe |
| Firewall Control Panel | firewall.cpl |
| Folders Properties | control folders |
| Fonts | control fonts |
| Game Controllers | joy.cpl |
| Local Group Policy Editor | gpedit.msc |
| Internet Properties | inetcpl.cpl |
| IP Configuration | ipconfig |
| iSCSI Initiator | iscsicpl |
| Keyboard Properties | control keyboard |
| Language Pack Installer | lpksetup |
| Local Security Policy | secpol.msc |
| Local Users and Groups | lusrmgr.msc |
| Log out | logoff |
| Microsoft Malicious Software Removal Tool | mrt |
| Microsoft Paint | mspaint |
| Microsoft Support Diagnostic Tool | msdt |
| Mouse Properties | control mouse or main.cpl |
| Network Connections | control netconnections or ncpa.cpl |
| Notepad | notepad |
| ODBC Data Source Admin: 32-bit ODBC driver under 64-bit platform: 64 bit ODBC driver under 64-bit platform: |
C:\windows\sysWOW64\odbcad32.exe C:\windows\system32\odbcad32.exe |
| On Screen Keyboard | osk |
| Performance Monitor | perfmon.msc |
| Phone and Modem Options | telephon.cpl |
| Phone Dialer | dialer |
| Power Configuration | powercfg.cpl |
| Printers and Faxes | control printers |
| Private Character Editor | eudcedit |
| Regional Settings | intl.cpl |
| Registry Editor | regedit |
| Remote Assistance | msra |
| Remote Desktop | mstsc |
| Resultant Set of Policy | rsop.msc |
| Scheduled Tasks | control schedtasks |
| Security Center | wscui.cpl |
| Services | services.msc |
| Shared Creation Wizard | shrpubw |
| Shared Folders | fsmgmt.msc |
| Shut Down Windows | shutdown |
| Software Licensing/Activation | slui |
| Sounds and Audio | mmsys.cpl |
| Sound Recorder | soundrecorder |
| Sound Volume | sndvol |
| Syncronization Tool | mobsync |
| System Configuration Utility | msconfig |
| System File Checker Utility (Scan/Purge) | sfc |
| System Information | msinfo32 |
|
System Properties System Properties (Select a specific tab) |
sysdm.cpl SystemPropertiesAdvanced, SystemPropertiesComputerName, |
| Task Manager | taskmgr |
| Telnet Client | telnet |
| Trusted Platform Module Initialization Wizard | tpmInit |
| User Accounts (Autologon) | control userpasswords2 |
| Windows Features | optionalfeatures |
| Windows Firewall Windows Firewall with Advanced Security |
firewall.cpl wf.msc |
| Windows Image Acquisition (scanner) | wiaacmgr |
| Windows Magnifier | magnify |
| Windows Management Infrastructure | wmimgmt.msc |
| Windows Mobility Center (Mobile PCs only) | mblctr |
| Windows Security Action Center | wscui.cpl |
| Windows System Security Tool. Encrypt the SAM database. (boot password.) |
syskey |
| Windows Update | wuapp |
| Windows Update Standalone Installer | wusa |
| Windows Version (About Windows) | winver |
| WordPad | write |
Add control first and the the below command (example control wuaucpl.cpl)
Accessibility Options access.cpl
Add/Remove Programs appwiz.cpl
Add Hardware Wizard hdwwiz.cpl
Automatic Updates wuaucpl.cpl
Bluetooth Properties bthprops.cpl
Display Properties desk.cpl
Firewall Properties firewall.cpl
Game Controllers joy.cpl
Internet Options inetcpl.cpl
iSCSI Initiator iscsicpl.cpl
Java Control Panel jpicpl32.cpl
Licensing Mode liccpa.cpl
Mouse Properties main.cpl
Network Connections ncpa.cpl
Network Setup Wizard netsetup.cpl
ODBC Properties odbccp32.cpl
Power Options powercfg.cpl
Regional and Language Options intl.cpl
Sound and Audio Devices mmsys.cpl
Stored Passwords keymgr.cpl
System Properties sysdm.cpl
Telephone and Modem Properties telephon.cpl
Time and Date Settings timedate.cpl
User Accounts nusrmgr.cpl
Windows Security Center wscui.cpl
Wireless Link irprops.cpl
No Comments