This document discusses 8 PowerShell commands that every Windows administrator should know: 1. Get-Help provides help and documentation for PowerShell cmdlets. 2. Get-ExecutionPolicy and Set-ExecutionPolicy get and set the PowerShell execution policy which controls script execution. 3. Get-Process lists running processes and can be used with Sort and Select to find the top 10 processes by CPU or memory usage. 4. Stop-Process and Start-Service stop and start system services and processes. 5. Export-CSV saves PowerShell output like lists of processes or Active Directory users to CSV files. 6. Get-Service, Stop-Service, and Start-Service get, stop, and

1. www.danapardaz.net/en
DANA PARDAZ CO.
8 POWERSHELL COMMANDS EVERY
WINDOWS ADMINISTRATOR SHOULD
KNOW

2. www.danapardaz.net/en
1. GET-HELP
• It is perhaps the most important cmdlet an administrator
should know. The cmdlet provides help, details and examples
of other cmdlets if available. For example, the following
command shows the help of Get-Process cmdlet:
Get-Help -Name Get-Process
• Note that PowerShell is not case-sensitive, that is it doesn’t
matter whether you capitalize the cmdlet commands or not, but
people often capitalize the words to make it more readable.

3. www.danapardaz.net/en
2. GET-EXECUTIONPOLICY
• By default, PowerShell scripts are disabled to prevent malicious script
from harming your machine. Execution policy indicates whether it is
allowed to execute PowerShell scripts or not. It has 4 state as follows:
1. Restricted: default execution policy that locks PowerShell down so that
commands can be entered only interactively. PowerShell scripts cannot
run.
2. All Signed: execution policy in which scripts will be allowed to run, but
only if they are signed by a trusted publisher.
3. Remote Signed: execution policy that allows any PowerShell scripts that
have been locally created to run. Remotely created scripts are only allowed
to run if they are signed by a trusted publisher.
4. Unrestricted: policy that removes all restrictions from the execution policy.
Here, you are free to run scripts locally and remotely.

4. www.danapardaz.net/en
3. SET-EXECUTIONPOLICY
• The previous cmdlet, Get-ExecutionPolicy, shows the current
execution policy. In case you want to change it, try Set-
ExecutionPolicy:
Set-ExecutionPolicy Unrestricted

5. www.danapardaz.net/en
4. FIND THE 10 PROCESSES USING THE
MOST MEMORY OR CPU
• The Get-Process is a cmdlet to see the list of processes running
on your machine. You can use ps or gps instead since they are
its aliases. The following commands get the list of all
processes, then sort them by CPU or memory usage, and then
filter the output to show the 10 most consumers. The
commands are fairly self-explanatory.
ps | sort -p CPU -descending | select -first 10
ps | sort -p ws -descending | select -first 10

6. www.danapardaz.net/en
4. FIND THE 10 PROCESSES USING THE
MOST MEMORY OR CPU

7. www.danapardaz.net/en
5. STOP-PROCESS
• Administrators often encounter a frozen process they want to
get rid of. As we mentioned, Get-process or ps for short
returns the list of all processes. You can end the process by its
name or ID (you can obtain by Get-Process), as follows:
Stop-Process -Name explorer
Stop-Process -ID 2185
• Keep in mind that the process ID may change from session to
session.

8. www.danapardaz.net/en
6. EXPORT-CSV
• The Export-CSV cmdlet simplifies saving data as a comma-separated
values (CSV) file. To use this cmdlet, first generate data you want by
any other cmdlet, and then pipe that with Export-CSV to save the
output into a CSV file. For example, the following command save all
processes into a csv file:
ps | Export-Csv c:exporttest.csv
• As another cool example, the following command export all Active
Directory users into ADExport.csv file:
Get-ADUser –filter * | Export-Csv c:exportADExport.csv
• Read this article (How to Export Users from Active Directory to CSV
file?) to learn more about Active Directory exporting.

9. www.danapardaz.net/en
7. GET-SERVICE, STOP-SERVICE AND
START-SERVICE
• As it can be easily guessed from their name, Get-Service lists
all services regardless of their status (stopped, running, etc).
You can stop or start the service by Stop-Service and Start-
Service cmdlet. Write this command following “-Name” and the
actual name of the service. For example, you can stop and start
Spooler service (printer spooler service which is usually
restarted by admins when printer service stop working) as
follows:
Stop-Service -Name Spooler
Start-Service -Name Spooler

10. www.danapardaz.net/en
8. SET-SCHEDULEDJOB
• Automatically running a job at specific time has becoming one
the most wanted feature of administration process. The Set-
ScheduledJob cmdlet was first introduced in PowerShell 3.0 that
allows administrators to run any PowerShell script at a specific
time or on periodic schedule.

11. www.danapardaz.net/en
FOLLOW US AT:
• linkedin:
https://www.linkedin.com/showcase/13308693/
• Facebook:
https://www.facebook.com/Dana-Pardaz-Co-1276798922374926/
• Twitter:
https://twitter.com/danapardazen
• WordPress
http://danapardaz.wordpress.com/
• Read our blog at Danapardaz.net:
http://www.danapardaz.net/site/en/blog