Windows Server Powershell Commands

From DFWLPiki
Jump to: navigation, search

Locate AD Account Lockout Events (must run this powershell on the PDC Emulator)

get-addomain | select PDCEmulator
Get-WinEvent -FilterHashtable @{logname='security'; id=4740} | fl

Create new DNS record

Add-DnsServerResourceRecordA -Name hostname -ZoneName fqdn.domain.com -IPv4Address 192.168.99.21

Install Domain Controller with DNS and DHCP

Install-windowsfeature -name AD-Domain-Services, DNS, DHCP -IncludeManagementTools

Install Remote Access and Remote Desktop Gateway

Install-WindowsFeature NPAS, RDS-Gateway, DirectAccess-VPN, RSAT-RemoteAccess-Mgmt, RSAT-RDS-Gateway -IncludeManagementTools

Install Hyper-V Role

Install-WindowsFeature Hyper-V, RSAT-Hyper-V-Tools

Install iSCSI Target and NFS Services

Install-WindowsFeature FS-FileServer, FS-Resource-Manager, FS-VSS-Agent, FS-iSCSITarget-Server, FS-NFS-Service,  RSAT-File-Services, iSCSITarget-VSS-VDS -IncludeManagementTools

Install Windows Server Updates Service

Install-WindowsFeature UpdateServices -IncludeManagementTools

Uninstall Windows Server Updates Service

Uninstall-WindowsFeature -Name UpdateServices,Windows-Internal-Database -Restart
Then remove the contents of C:\Windows\WID\

Install Standard File and Print Services

Install-WindowsFeature Print-Services, Print-Server, FS-FileServer, FS-Resource-Manager -IncludeManagementTools

Check when a user was created (or check how old a domain is, by checking administrator)

Get-ADUser <UserName> -Properties whenCreated | Format-List Name,whenCreated

Windows Storage Manager shows all mgmt options greyed out

Update-StorageProviderCache

Query AD for a list of computers

Get-ADComputer -Filter 'operatingSystem -like "*Windows 7*"' -Properties * | Select -Property Name,IPv4Address,OperatingSystem,OperatingSystemVersion
Get-ADComputer -Filter 'operatingSystem -like "*Windows 10*"' -Properties * | Select -Property Name,IPv4Address,OperatingSystem,OperatingSystemVersion
Get-ADComputer -Filter 'operatingSystem -like "*Windows 11*"' -Properties * | Select -Property Name,IPv4Address,OperatingSystem,OperatingSystemVersion
Get-ADComputer -Filter 'operatingSystem -like "*Windows Server*"' -Properties * | Select -Property Name,IPv4Address,operatingSystem,OperatingSystemVersion
Get-ADComputer -Filter 'Name -like "*CV*"' -Properties * | Select -Property Name,IPv4Address,operatingSystem,OperatingSystemVersion

Remove a computer from the domain:

Remove-Computer
Remove-ADComputer -Identity "ComputerName"

Set the timezone on a server:

Set-TimeZone -Name "Central Standard Time"

Example of setting my iSCSI interface addresses via powershell

New-NetIPAddress -InterfaceAlias NIC3 -IPAddress 172.16.32.11 -PrefixLength 24
New-NetIPAddress -InterfaceAlias NIC4 -IPAddress 172.16.33.11 -PrefixLength 24

Setting DNS address for interface

Set-DnsClientServerAddress -InterfaceAlias Ethernet -ServerAddresses "IPADDRESS1","IPADDRESS2"

Disable/Enable Windows Firewall

Set-NetFirewallProfile -Profile Domain,Public,Private -Enabled False
Set-NetFirewallProfile -Profile Domain,Public,Private -Enabled True

Create new Network Team

Get-NetAdapter
New-NetLBFOTeam Team0 NIC1, NIC2

Installing Dell Openmanage on Windows Server Core

msiexec /i SysMgmt.msi
netsh advfirewall firewall add rule name="Dell OpenManage Server Administrator Web GUI" dir=in action=allow protocol=TCP localport=1311
 or with powershell
New-NetFirewallRule -Name Dell_OMSA -DisplayName "Dell OMSA" -Description "Dell OMSA Web Management" -Protocol TCP -Enabled True -Profile Any -Action Allow -LocalPort 1311

Check or Relocate Domain FSMO Roles

Get-ADDomain | Select-Object InfrastructureMaster, RIDMaster, PDCEmulator
Get-ADForest | Select-Object DomainNamingMaster, SchemaMaster
Get-ADDomainController -Filter * | Select-Object Name, Domain, Forest, OperationMasterRoles | Where-Object {$_.OperationMasterRoles} | Format-Table -AutoSize
Move-ADDirectoryServerOperationMasterRole -OperationMasterRole 0,1,2,3,4 -Identity SERVERNAME

Verify the current WSUS Updates source for the client

REG QUERY "HKLM\Software\Policies\Microsoft\Windows\WindowsUpdate"

Deleting partitions that appear to be undeletable

diskpart
list disk
select disk n
list partition
select partition n
delete partition override
exit

Search Event Logs about shutdown events:

Get-EventLog System | Where-Object {$_.EventID -eq "1074" -or $_.EventID -eq "6008" -or $_.EventID -eq "1076"} | ft Machinename, TimeWritten, UserName, EventID, Message -AutoSize -Wrap

Search Event Logs about IP Conflict events:

Get-EventLog System | Where-Object {$_.EventID -eq "4199"} | ft Machinename, TimeWritten, UserName, EventID, Message -AutoSize -Wrap

Clear Dirty Shutdown Event Tracker (run from admin command promt)

reg Delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Reliability /v DirtyShutdown /f
reg Delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Reliability /v DirtyShutdownTime /f

Running Windows Backup:

wbadmin start backup -backuptarget:D: -include:C: -allcritical -quiet
wbadmin get versions

Equivalent of 'grep'ing in Unix:

netstat -p TCP | Select-String -Pattern 3389

Joining a domain:

Add-Computer -Credential corp\administrator -DomainName corp.domain.com
Add-Computer -Credential corp\administrator -DomainName corp.domain.com -OUPath 'ou=Desktops,dc=corp,dc=domain,dc=com'
Add-Computer -Credential corp\administrator -DomainName corp.domain.com -OUPath 'ou=Servers,dc=corp,dc=domain,dc=com' -NewName ServerName

List all Possible windows features

Get-WindowsFeature

Installing SNMP: (and it will also install SNMP-Service too)

Install-WindowsFeature SNMP-WMI-Provider

Installing Windows Backup Service

Install-WindowsFeature Windows-Server-Backups
Install-WindowsFeature SNMP-WMI-Provider,  Windows-Server-Backup

Installing .net 3.5 (mount the Server 2012 DVD first)

Install-WindowsFeature –name NET-Framework-Core –source D:\sources\sxs

Windows Update Client check in to WSUS server

wuauclt /detectnow

Windows Update Client has not checked into server in a long time but client is online

wuauclt /resetauthorization /detectnow

Verify WSUS client Settings:

REG QUERY "HKLM\Software\Policies\Microsoft\Windows\WindowsUpdate"

Extending a file system, such as after you extend the disk within VMware and you want to avoid logging onto the system to finish the file system extend

 "rescan" | diskpart
 $MaxSize = (Get-PartitionSupportedSize -DriveLetter d).sizeMax
 Resize-Partition -DriveLetter d -Size $MaxSize

Shrinking a file system might give an error about not enough disk space, so defrag it first:

defrag -c -w -v

Export and Import Network Shares

reg export HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer\Shares %UserProfile%\Desktop\Shares-Backup.reg
reg import HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer\Shares %UserProfile%\Desktop\Shares-Backup.reg


Below are deprecated versions of commands:

Print out all available features:

PS C:\Windows\system32> dism.exe /online /get-features

Install Windows Backup Service:

PS C:\Windows\system32> dism.exe /online /enable-feature /featurename:WindowsServerBackup

Install .net 3.5. There is sometimes an error dectecting the source files, so we specify the CD sources instead.

PS C:\Windows\system32> dism.exe /online /enable-feature /all /featurename:NetFX3 /Source:D:\sources\sxs