Che cos'è Powershell? Come dovrei utilizzarlo? Perchè scrivere quando posso usare la GUI? Sessione di supporto psico-pratico per amministratori di sistema dipendenti da GUI. By Andrea Vai

3. • Introduced in 2006
• Implemented as an engine that can be embedded
in a GUI or used directly as a CLI
• Works with modules.
• PowerShell is not just a shell; it is a complete
scripting environment.
• PowerShell Core is the new generation of
PowerShell, it is open source and cross-platform
meaning it could now run on Linux, MacOS, and
Windows!

4. The ISE enables you to run commands and design, write, test,
and debug scripts in a Windows GUI
Windows
PowerShell
tabs
Script pane
Console pane Add-in
Tools pane
IntelliSense
suggestions

5. • Verb is the action the cmdlet performs:
• Get
• Set
• New
• Add
• Remove
• Noun is the resource the cmdlet affects:
• Service
• Process
• Prefixes are used to group related nouns:
• AD (Active Directory), SP (SharePoint), AzureAD

6. • Update-Help utilizes downloadable help content
to update your local Help
• No Help content is distributed with PowerShell
• Get-Help provides quick access to syntax help for
PowerShell commands
• Use –ShowWindow to display help in a floating
window
• Use –Example to quickly jump to usage examples
• Use –Online to display web-based version of help
in your system’s default web browser

7. • A PSProvider is basically a Windows PowerShell
adapter that makes some form of storage
resemble a disk drive.
• A PSDrive is an actual connection to a form of
storage.
• Run Get-PSDrive for a list
• Run New-PSDrive to map a new drive

8. • Windows PowerShell runs commands in a pipeline
• In the console, each complete command line is a
pipeline
• Pipelines can contain one or more commands,
with multiple commands separated by a vertical
pipe character (|)
• Commands execute from left to right, with the
output of each command being piped (passed) to
the command after it
• The output of the last command in the pipeline is
what appears on your screen

9. Get-ADUser –Filter * | Enable-ADAccount Enable
ADAccount
Cmdlet
Get-ADUser
Cmdlet
• The pipeline connects the output from one cmdlet to the
input of another cmdlet
• The combination of the first cmdlet, pipe, and second cmdlet
makes a pipeline
Process
Object
Pipe

10. Get-Service | Out-File ServiceList.txt
Get-Process | Get-Member
Get-ChildItem –Path C:Windows | Get-Member
Get-Service | Sort Status,Name
Get-Process | Measure-Object
Get-Service | Sort-Object -Property Status | Select-Object –First 10
Get-Service | Select-Object –Property Name,Status
Get-Service | Export-CSV C:TempServices.csv
Get-Service | Where Status –eq Running
Get-Service | Where {$PSItem.Status –eq 'Running' }
Get-Volume | Where {$PSItem.HealthStatus –ne 'Healthy‘ -or
$PSItem.SizeRemaining –lt 100MB }

11. FOREACH example
Get-ChildItem -Path C:TEMP -file | ForEach-Object LastAccessTime
SET CONTENT example
"One", "Two", "Three", "Four" | Set-Content -Path C:Temptmp.txt
MEASURE OBJECT example
Get-Content C:Temptmp.txt | Measure-Object -Character -Line –Word
List Network connections and categories
Get-NetConnectionProfile
Set network connection to “Private”
Set-NetConnectionProfile -InterfaceIndex <index number> -NetworkCategory
Private

12. List all services with dependencies on local computer
Get-Service | Where-Object {$_.dependentServices} | Format-List -Property
Name, DependentServices, @{Label="NotDependentServices";
Expression={$_.DependentServices.count}}
List last 20 Events in EventLog
Get-EventLog -Newest 20 -logname "<log name>"
List all Errors in a specified Log
Get-EventLog -LogName <logname> -EntryType Error
Get EventLog from multiple computers
Get-EventLog -LogName "Windows PowerShell" -ComputerName "localhost",
"Server01", "Server02"
List all Events containing a specified word in event description
Get-EventLog -LogName "Application" -Message "*failed*"

13. Set-ExecutionPolicy Unrestricted
$UserCredential = Get-Credential
$Session = New-PSSession -ConfigurationName
Microsoft.Exchange -ConnectionUri
https://outlook.office365.com/powershell-liveid/ -
Credential $UserCredential -Authentication Basic -
AllowRedirection
Import-PSSession $Session
#Solo analisi
Get-Mailbox -ResultSize 4000 | select
UserPrincipalName,ForwardingSmtpAddress,DeliverToMailboxAnd
Forward
#Creazione CSV
Get-Mailbox -ResultSize 4000 | select
UserPrincipalName,ForwardingSmtpAddress,DeliverToMailboxAnd
Forward | Export-csv c:tempOffice365Forwards.csv –
NoTypeInformation

14. <#
-> Dettagli OU Disabilitate
-> OU Vuote
-> OU Totale
-> Utenti con Nessuna Scadenza Password
-> Links GPO
-> Dettagli GPO
-> Account Inattivi
-> Gruppi con Privilegi Elevati
-> SchemaHistory
-> Stato w32tm2
-> Configurazione w32tm1
-> DC daig
-> Oggetti Computer
#>

15. # Caricamento Modulo Powershell per Active Directory
try{
Import-Module ActiveDirectory
$Inactivedays = "60" #Inserire il numero di giorni
desiderato
#date
$date = $((Get-Date).ToString('MM-dd-yyyy_hh-mm'))
#path
$path = ".AD_Reports_$date"
if (!(Test-path $path))
{
md $path | Out-Null
}}
catch{
Write-Host “Problema Rilevato durante la creazione della
cartella: $_.Exception.Message "}

16. Write-Host -ForegroundColor Green "!! Sto recuperando i dati
da Active Directory... !!"
try{
Write-Host "-------------------------------------------------"
Write-Host "Gathering inactive users details..."
Write-Host "-------------------------------------------------"
#Get inactive accounts details
$selection = "EmployeeID", "Name",
"SamAccountName","ObjectSid","ObjectGUID","Enabled",
"UserPrincipalName", "whenChanged", "whenCreated",
"PasswordNeverExpires", "PasswordLastSet", "LastLogonDate",
"lastLogonTimestamp", "DistinguishedName", "Description"
$resultInactive = Search-ADAccount -usersonly -accountinactive
-timespan $Inactivedays
$Inactiveuser = $resultInactive | Get-ADUser -Properties * |
select $selection
$INACount = $Inactiveuser.Count