5.2 KiB
5.2 KiB
Windows PowerShell SysAdmin Command Guide
A focused command reference for Windows System Administrators performing real operational work: remote management, troubleshooting, file transfer, services, networking, and automation.
Table of Contents
- Remote Management
- Copying Files to Remote Systems
- Remote Command Execution
- Remote Troubleshooting
- Service Management
- Process Management
- Event Log Investigation
- Network Troubleshooting
- Disk and Storage
- Active Directory Basics
- Performance Troubleshooting
- Useful One‑Liners
1. Remote Management
Enable PowerShell Remoting
Run on the target machine once:
Enable-PSRemoting -Force
Connect to a remote system
Enter-PSSession -ComputerName SERVER01
Exit session:
Exit-PSSession
Run command on remote system
Invoke-Command -ComputerName SERVER01 -ScriptBlock { Get-Service }
Multiple servers:
Invoke-Command -ComputerName SERVER01,SERVER02 -ScriptBlock { hostname }
Run script remotely
Invoke-Command -ComputerName SERVER01 -FilePath C:\Scripts\patch.ps1
2. Copy Files to Remote Systems
Copy file to remote system
Copy-Item file.txt -Destination \\SERVER01\C$\Temp
Copy file using PowerShell session
$s = New-PSSession SERVER01
Copy-Item file.txt -Destination C:\Temp -ToSession $s
Copy file from remote computer
Copy-Item C:\Temp\log.txt -FromSession $s -Destination C:\Logs
3. Remote Command Execution
Restart remote computer
Restart-Computer SERVER01 -Force
Shutdown remote system
Stop-Computer SERVER01
Check uptime
Get-CimInstance Win32_OperatingSystem -ComputerName SERVER01 |
Select LastBootUpTime
4. Remote Troubleshooting
Check services remotely
Get-Service -ComputerName SERVER01
Check processes remotely
Get-Process -ComputerName SERVER01
Check disk space
Get-CimInstance Win32_LogicalDisk -ComputerName SERVER01 |
Select DeviceID,FreeSpace,Size
Check installed updates
Get-HotFix -ComputerName SERVER01
5. Service Management
Get-Service
Start-Service spooler
Stop-Service spooler
Restart-Service spooler
Remote service:
Get-Service -ComputerName SERVER01 -Name spooler
6. Process Management
Get-Process
Get-Process chrome
Stop-Process -Name chrome -Force
Remote process kill:
Invoke-Command -ComputerName SERVER01 -ScriptBlock { Stop-Process -Name notepad }
7. Event Log Investigation
Recent errors:
Get-WinEvent -LogName System -MaxEvents 50
Remote event logs:
Get-WinEvent -ComputerName SERVER01 -LogName System -MaxEvents 20
Find service failures:
Get-WinEvent -FilterHashtable @{
LogName='System'
Level=2
}
8. Network Troubleshooting
Test-Connection SERVER01
Test-NetConnection SERVER01 -Port 3389
Resolve-DnsName server01.domain.com
Get-NetTCPConnection -State Listen
Check network adapters:
Get-NetAdapter
Check DNS servers:
Get-DnsClientServerAddress
9. Disk and Storage
Get-Disk
Get-Volume
Get-Partition
Find large files:
Get-ChildItem C:\ -Recurse -ErrorAction SilentlyContinue |
Sort Length -Descending |
Select -First 20
10. Active Directory Basics
Find computer:
Get-ADComputer SERVER01
Find user:
Get-ADUser jsmith
List computers in OU:
Get-ADComputer -SearchBase "OU=Servers,DC=domain,DC=com" -Filter *
11. Performance Troubleshooting
Top CPU processes:
Get-Process | Sort CPU -Descending | Select -First 10
Memory usage:
Get-Process | Sort WS -Descending | Select -First 10
12. Useful One‑Liners
Find stopped automatic services:
Get-Service | Where {$_.StartType -eq 'Automatic' -and $_.Status -ne 'Running'}
Find largest folders:
Get-ChildItem C:\ -Directory | Sort Length -Descending
Check listening ports:
Get-NetTCPConnection -State Listen