Add PowerShell_SysAdmin_Command_Gui.md

2026-03-11 11:34:06 +00:00
parent dd69f2b839
commit 141191c688
1 changed files with 298 additions and 0 deletions
--- a/PowerShell_SysAdmin_Command_Gui.md
+++ b/PowerShell_SysAdmin_Command_Gui.md
@@ -0,0 +1,298 @@
+# Windows PowerShell SysAdmin Command Guide
+
+A focused command reference for **Windows System Administrators**
+performing real operational work: remote management, troubleshooting,
+file transfer, services, networking, and automation.
+
+------------------------------------------------------------------------
+
+# Table of Contents
+
+1.  Remote Management
+2.  Copying Files to Remote Systems
+3.  Remote Command Execution
+4.  Remote Troubleshooting
+5.  Service Management
+6.  Process Management
+7.  Event Log Investigation
+8.  Network Troubleshooting
+9.  Disk and Storage
+10. Active Directory Basics
+11. Performance Troubleshooting
+12. Useful One‑Liners
+
+------------------------------------------------------------------------
+
+# 1. Remote Management
+
+## Enable PowerShell Remoting
+
+Run on the target machine once:
+
+``` powershell
+Enable-PSRemoting -Force
+```
+
+## Connect to a remote system
+
+``` powershell
+Enter-PSSession -ComputerName SERVER01
+```
+
+Exit session:
+
+``` powershell
+Exit-PSSession
+```
+
+## Run command on remote system
+
+``` powershell
+Invoke-Command -ComputerName SERVER01 -ScriptBlock { Get-Service }
+```
+
+Multiple servers:
+
+``` powershell
+Invoke-Command -ComputerName SERVER01,SERVER02 -ScriptBlock { hostname }
+```
+
+## Run script remotely
+
+``` powershell
+Invoke-Command -ComputerName SERVER01 -FilePath C:\Scripts\patch.ps1
+```
+
+------------------------------------------------------------------------
+
+# 2. Copy Files to Remote Systems
+
+## Copy file to remote system
+
+``` powershell
+Copy-Item file.txt -Destination \\SERVER01\C$\Temp
+```
+
+## Copy file using PowerShell session
+
+``` powershell
+$s = New-PSSession SERVER01
+Copy-Item file.txt -Destination C:\Temp -ToSession $s
+```
+
+## Copy file from remote computer
+
+``` powershell
+Copy-Item C:\Temp\log.txt -FromSession $s -Destination C:\Logs
+```
+
+------------------------------------------------------------------------
+
+# 3. Remote Command Execution
+
+## Restart remote computer
+
+``` powershell
+Restart-Computer SERVER01 -Force
+```
+
+## Shutdown remote system
+
+``` powershell
+Stop-Computer SERVER01
+```
+
+## Check uptime
+
+``` powershell
+Get-CimInstance Win32_OperatingSystem -ComputerName SERVER01 |
+Select LastBootUpTime
+```
+
+------------------------------------------------------------------------
+
+# 4. Remote Troubleshooting
+
+## Check services remotely
+
+``` powershell
+Get-Service -ComputerName SERVER01
+```
+
+## Check processes remotely
+
+``` powershell
+Get-Process -ComputerName SERVER01
+```
+
+## Check disk space
+
+``` powershell
+Get-CimInstance Win32_LogicalDisk -ComputerName SERVER01 |
+Select DeviceID,FreeSpace,Size
+```
+
+## Check installed updates
+
+``` powershell
+Get-HotFix -ComputerName SERVER01
+```
+
+------------------------------------------------------------------------
+
+# 5. Service Management
+
+``` powershell
+Get-Service
+Start-Service spooler
+Stop-Service spooler
+Restart-Service spooler
+```
+
+Remote service:
+
+``` powershell
+Get-Service -ComputerName SERVER01 -Name spooler
+```
+
+------------------------------------------------------------------------
+
+# 6. Process Management
+
+``` powershell
+Get-Process
+Get-Process chrome
+Stop-Process -Name chrome -Force
+```
+
+Remote process kill:
+
+``` powershell
+Invoke-Command -ComputerName SERVER01 -ScriptBlock { Stop-Process -Name notepad }
+```
+
+------------------------------------------------------------------------
+
+# 7. Event Log Investigation
+
+Recent errors:
+
+``` powershell
+Get-WinEvent -LogName System -MaxEvents 50
+```
+
+Remote event logs:
+
+``` powershell
+Get-WinEvent -ComputerName SERVER01 -LogName System -MaxEvents 20
+```
+
+Find service failures:
+
+``` powershell
+Get-WinEvent -FilterHashtable @{
+LogName='System'
+Level=2
+}
+```
+
+------------------------------------------------------------------------
+
+# 8. Network Troubleshooting
+
+``` powershell
+Test-Connection SERVER01
+Test-NetConnection SERVER01 -Port 3389
+Resolve-DnsName server01.domain.com
+Get-NetTCPConnection -State Listen
+```
+
+Check network adapters:
+
+``` powershell
+Get-NetAdapter
+```
+
+Check DNS servers:
+
+``` powershell
+Get-DnsClientServerAddress
+```
+
+------------------------------------------------------------------------
+
+# 9. Disk and Storage
+
+``` powershell
+Get-Disk
+Get-Volume
+Get-Partition
+```
+
+Find large files:
+
+``` powershell
+Get-ChildItem C:\ -Recurse -ErrorAction SilentlyContinue |
+Sort Length -Descending |
+Select -First 20
+```
+
+------------------------------------------------------------------------
+
+# 10. Active Directory Basics
+
+Find computer:
+
+``` powershell
+Get-ADComputer SERVER01
+```
+
+Find user:
+
+``` powershell
+Get-ADUser jsmith
+```
+
+List computers in OU:
+
+``` powershell
+Get-ADComputer -SearchBase "OU=Servers,DC=domain,DC=com" -Filter *
+```
+
+------------------------------------------------------------------------
+
+# 11. Performance Troubleshooting
+
+Top CPU processes:
+
+``` powershell
+Get-Process | Sort CPU -Descending | Select -First 10
+```
+
+Memory usage:
+
+``` powershell
+Get-Process | Sort WS -Descending | Select -First 10
+```
+
+------------------------------------------------------------------------
+
+# 12. Useful One‑Liners
+
+Find stopped automatic services:
+
+``` powershell
+Get-Service | Where {$_.StartType -eq 'Automatic' -and $_.Status -ne 'Running'}
+```
+
+Find largest folders:
+
+``` powershell
+Get-ChildItem C:\ -Directory | Sort Length -Descending
+```
+
+Check listening ports:
+
+``` powershell
+Get-NetTCPConnection -State Listen
+```