This guide assumes that you have used PowerShell before and know how to run it as an admin. The beginner section will cover your environment, command names, commands, command help, and a peek into a few intermediate concepts.
Development Environment
I’ll make this short and sweet, the only environment you should be writing your PowerShell scripts in is in Visual Studio Code https://code.visualstudio.com PowerShell ISE is no longer supported, and will not be updated with newer versions of PowerShell, and although you can write scripts in other platforms like Notepad++, Visual Studio Code is the official Microsoft platform. Install VSC click on extension in the side bar, search for PowerShell, then click on install. There’s more customization you can do (make sure you pick the dark theme from the dropdown when it changes.) but for now leave things as default.
Command Names
PowerShell uses a “verb-noun” naming system. Each cmdlet (command) name consists of a standard verb hyphenated with a specific noun.
To see a list of approved verbs run the command:
Get-Verb
The output of that command might return something like:
Verb AliasPrefix Group Description
---- ----------- ----- -----------
Add a Common Adds a resource to a container, or attaches an item to another item
Clear cl Common Removes all the resources from a container but does not delete the container
Close cs Common Changes the state of a resource to make it inaccessible, unavailable, or unusab…
Copy cp Common Copies a resource to another name or to another container
Enter et Common Specifies an action that allows the user to move into a resource
Exit ex Common Sets the current environment or context to the most recently used context
Find fd Common Looks for an object in a container that is unknown, implied, optional, or speci…
Format f Common Arranges objects in a specified form or layout
Get g Common Specifies an action that retrieves a resource
Hide h Common Makes a resource undetectable
Join j Common Combines resources into one resource
Lock lk Common Secures a resource
Move m Common Moves a resource from one location to another
New n Common Creates a resource
Open op Common Changes the state of a resource to make it accessible, available, or usable
...
It’s valuable to understand the verb-noun relationship if only for one reason, when you look at the list of verbs and see they are just regular verbs like you are used to in English, it can really help you wrap your brain around PowerShell commands in general. With PowerShell, it’s very easy to infer commands or command structure based on previously seen commands, or even just guessing by using Tab-Completion (more on that later).
So you understand that commands are broken up into verbs and nouns, but what can you do with that information? Let’s say I want to pull information on the date a computer has. Looking at the list of verbs one jumps out as the right one to start with. “Get” is an extremely common verb to use when you are gathering information, or needing to run another command against a property meeting a certain criteria. Okay, so I have the verb of Get, but what’s the noun? Shockingly, it’s “Date”.
Get-Date
The output will look something like:
Friday, March 6, 2020 4:26:15 PM
Now you are feeling adventurous, what do you do when you want to set (hint) the date to something of your choosing?
Run this of course:
Set-Date
The names of commands are understood now, and how Microsoft designed the system. So while some commands might not make much sense at first glance, when you break it into the verb noun structure, even a command like the following makes sense.
New-AzNetworkWatcherConnectionMonitorProtocolConfigurationObject
What does that command do? It makes a new Azure network watcher connection monitor protocol configuration object of course, duh.
All of the commands!
Now that you are a command name expert, how do you find out if a command exists at all, and if you do find a command that might do what you want how do you know all the things it can do? I’ll start by saying just type PowerShell followed by what you want to do into Google, and I guarantee you will find examples for pretty much anything you can think of, perhaps on a site like this one.
Run:
Get-Command
The list might take a while to generate, and is a bit too much to parse just by scrolling, so next up we will talk about how to filter the list into something readable. It will be good to learn as that filtering will apply to everything, not just for this command. There are many ways to filter outputs and objects in PowerShell, we will go over a few of them in-depth, but for now we will use a simple wildcard.
Let’s say you want to see if there are any commands that deal with processes. You would run your command from before, but also add in a wildcard for your search term you are interested in. A wildcard is simply an * in PowerShell so if you surround your word like this *process* that will find the word “process” anywhere in the command name.
Get-Command *process*
The return might return some Cmlets like:
CommandType Name Version Source
----------- ---- ------- ------
Cmdlet Debug-Process 7.0.0.0 Microsoft.PowerShell.Management
Cmdlet Enter-PSHostProcess 7.0.1.0 Microsoft.PowerShell.Core
Cmdlet Exit-PSHostProcess 7.0.1.0 Microsoft.PowerShell.Core
Cmdlet Get-Process 7.0.0.0 Microsoft.PowerShell.Management
Cmdlet Get-PSHostProcessInfo 7.0.1.0 Microsoft.PowerShell.Core
Cmdlet Start-AzRecoveryServicesAsrSwitchProcessServerJob 2.9.1 Az.RecoveryServices
Cmdlet Start-Process 7.0.0.0 Microsoft.PowerShell.Management
Cmdlet Stop-Process 7.0.0.0 Microsoft.PowerShell.Management
Cmdlet Wait-Process 7.0.0.0 Microsoft.PowerShell.Management
It’s good to know what commands exist that might meet your needs, but in the next section we will be able to check those commands for their intended purpose
Command Help
So you know how PowerShell names commands, and how to search for keywords in the command name, but how do you know all of the things the command can actually do? There are a few ways to gather that information as well. The quickest way is often simply searching the command name on Google, but if we want to stay inside of PowerShell we will use two commands to give us insight.
To start, let’s prepare PowerShell to give us the most up-to-date and accurate information. Open an Admin PowerShell window, or use the Visual Studio Code terminal.
Run:
Update-Help
If you see a few errors, that’s okay. Now that the help database is updated, one way to see what a command can do is to run Get-Help followed by the command name.
Get-Help Get-Process
That will return something like:
NAME
Get-Process
SYNTAX
Get-Process [[-Name] <string[]>] [-Module] [-FileVersionInfo] [<CommonParameters>]
Get-Process [[-Name] <string[]>] -IncludeUserName [<CommonParameters>]
Get-Process -Id <int[]> [-Module] [-FileVersionInfo] [<CommonParameters>]
...
If you scroll down to remarks, you will see one of the most useful tips for seeing what a command can do for you, and that is to use the -Examples parameter.
Get-Help Get-Process -Examples
Having actual real world examples is by far the best way there is to understand how to use a command in PowerShell, and it’s why searching the command on google is so useful. One example it returned from the command we ran is below. Just in the one example alone there are already several concepts that you will use time and time again in your future scripting.
Get-Process | Where-Object {$_.WorkingSet -gt 20000000}
What is another way to get a deeper look into a command? When working with commands, it’s very handy to see what parameters (the -something that you see added as options on commands) a command has as well as what type of command PowerShell thinks it is (like system.string). To see this secret info we will make use of the “pipeline” which we can do with the | character (there will be an entire section on “the pipe” later). So let’s take Get-Process and “pipe” that to Get-Member.
Get-Process | Get-Member
That will return quite a bit, and there will be use cases for a lot of this information, but for now let’s focus on two areas. The first is the “TypeName”. This might not be too useful with this command, but it’s good to know where to get this information as you will need it for future commands.
The second area of focus is the property section:
TypeName: System.Diagnostics.Process
Name MemberType Definition
---- ---------- ----------
BasePriority Property int BasePriority {get;}
Container Property System.ComponentModel.IContainer Container {get;}
EnableRaisingEvents Property bool EnableRaisingEvents {get;set;}
ExitCode Property int ExitCode {get;}
ExitTime Property datetime ExitTime {get;}
Handle Property System.IntPtr Handle {get;}
HandleCount Property int HandleCount {get;}
HasExited Property bool HasExited {get;}
Id Property int Id {get;}
MachineName Property string MachineName {get;}
MainModule Property System.Diagnostics.ProcessModule MainModule {get;}
MainWindowHandle Property System.IntPtr MainWindowHandle {get;}
MainWindowTitle Property string MainWindowTitle {get;}
...
PrivateMemorySize64 Property long PrivateMemorySize64 {get;}
PrivilegedProcessorTime Property timespan PrivilegedProcessorTime {get;}
ProcessName Property string ProcessName {get;}
ProcessorAffinity Property System.IntPtr ProcessorAffinity {get;set;}
Responding Property bool Responding {get;}
SafeHandle Property Microsoft.Win32.SafeHandles.SafeProcessHandle SafeHandle {get;}
...
Those properties and their definitions can tell you a ton about a command and what operations you can do with it. Take the “ProcessName” property:
Get-Process | Where-Object {$_.ProcessName -eq 'Notepad'}
NPM(K) PM(M) WS(M) CPU(s) Id SI ProcessName
------ ----- ----- ------ -- -- -----------
10 2.02 11.33 7.88 2996 1 notepad
Summary
Thank you for taking the time to read through the beginner section of the guide, even if you knew all of these concepts already, the next sections will be far more fun.
We covered:
The development environment
The verb-noun structure of commands
Finding command names
Looking into what a command can do
And a few more advanced concepts like the pipe