# Windows PowerShell SysAdmin Command Guide A focused command reference for **Windows System Administrators** performing real operational work: remote management, troubleshooting, file transfer, services, networking, and automation. ------------------------------------------------------------------------ # Table of Contents 1. Remote Management 2. Copying Files to Remote Systems 3. Remote Command Execution 4. Remote Troubleshooting 5. Service Management 6. Process Management 7. Event Log Investigation 8. Network Troubleshooting 9. Disk and Storage 10. Active Directory Basics 11. Performance Troubleshooting 12. Useful One‑Liners ------------------------------------------------------------------------ # 1. Remote Management ## Enable PowerShell Remoting Run on the target machine once: ``` powershell Enable-PSRemoting -Force ``` ## Connect to a remote system ``` powershell Enter-PSSession -ComputerName SERVER01 ``` Exit session: ``` powershell Exit-PSSession ``` ## Run command on remote system ``` powershell Invoke-Command -ComputerName SERVER01 -ScriptBlock { Get-Service } ``` Multiple servers: ``` powershell Invoke-Command -ComputerName SERVER01,SERVER02 -ScriptBlock { hostname } ``` ## Run script remotely ``` powershell Invoke-Command -ComputerName SERVER01 -FilePath C:\Scripts\patch.ps1 ``` ------------------------------------------------------------------------ # 2. Copy Files to Remote Systems ## Copy file to remote system ``` powershell Copy-Item file.txt -Destination \\SERVER01\C$\Temp ``` ## Copy file using PowerShell session ``` powershell $s = New-PSSession SERVER01 Copy-Item file.txt -Destination C:\Temp -ToSession $s ``` ## Copy file from remote computer ``` powershell Copy-Item C:\Temp\log.txt -FromSession $s -Destination C:\Logs ``` ------------------------------------------------------------------------ # 3. Remote Command Execution ## Restart remote computer ``` powershell Restart-Computer SERVER01 -Force ``` ## Shutdown remote system ``` powershell Stop-Computer SERVER01 ``` ## Check uptime ``` powershell Get-CimInstance Win32_OperatingSystem -ComputerName SERVER01 | Select LastBootUpTime ``` ------------------------------------------------------------------------ # 4. Remote Troubleshooting ## Check services remotely ``` powershell Get-Service -ComputerName SERVER01 ``` ## Check processes remotely ``` powershell Get-Process -ComputerName SERVER01 ``` ## Check disk space ``` powershell Get-CimInstance Win32_LogicalDisk -ComputerName SERVER01 | Select DeviceID,FreeSpace,Size ``` ## Check installed updates ``` powershell Get-HotFix -ComputerName SERVER01 ``` ------------------------------------------------------------------------ # 5. Service Management ``` powershell Get-Service Start-Service spooler Stop-Service spooler Restart-Service spooler ``` Remote service: ``` powershell Get-Service -ComputerName SERVER01 -Name spooler ``` ------------------------------------------------------------------------ # 6. Process Management ``` powershell Get-Process Get-Process chrome Stop-Process -Name chrome -Force ``` Remote process kill: ``` powershell Invoke-Command -ComputerName SERVER01 -ScriptBlock { Stop-Process -Name notepad } ``` ------------------------------------------------------------------------ # 7. Event Log Investigation Recent errors: ``` powershell Get-WinEvent -LogName System -MaxEvents 50 ``` Remote event logs: ``` powershell Get-WinEvent -ComputerName SERVER01 -LogName System -MaxEvents 20 ``` Find service failures: ``` powershell Get-WinEvent -FilterHashtable @{ LogName='System' Level=2 } ``` ------------------------------------------------------------------------ # 8. Network Troubleshooting ``` powershell Test-Connection SERVER01 Test-NetConnection SERVER01 -Port 3389 Resolve-DnsName server01.domain.com Get-NetTCPConnection -State Listen ``` Check network adapters: ``` powershell Get-NetAdapter ``` Check DNS servers: ``` powershell Get-DnsClientServerAddress ``` ------------------------------------------------------------------------ # 9. Disk and Storage ``` powershell Get-Disk Get-Volume Get-Partition ``` Find large files: ``` powershell Get-ChildItem C:\ -Recurse -ErrorAction SilentlyContinue | Sort Length -Descending | Select -First 20 ``` ------------------------------------------------------------------------ # 10. Active Directory Basics Find computer: ``` powershell Get-ADComputer SERVER01 ``` Find user: ``` powershell Get-ADUser jsmith ``` List computers in OU: ``` powershell Get-ADComputer -SearchBase "OU=Servers,DC=domain,DC=com" -Filter * ``` ------------------------------------------------------------------------ # 11. Performance Troubleshooting Top CPU processes: ``` powershell Get-Process | Sort CPU -Descending | Select -First 10 ``` Memory usage: ``` powershell Get-Process | Sort WS -Descending | Select -First 10 ``` ------------------------------------------------------------------------ # 12. Useful One‑Liners Find stopped automatic services: ``` powershell Get-Service | Where {$_.StartType -eq 'Automatic' -and $_.Status -ne 'Running'} ``` Find largest folders: ``` powershell Get-ChildItem C:\ -Directory | Sort Length -Descending ``` Check listening ports: ``` powershell Get-NetTCPConnection -State Listen ```