Posts in Category: powershell

PowerShell – nslookup

If you want to check if machines fqdn is mapped to a ip address in dns, then on a windows machine you do:

start->enter “nslookup”

then type domain name, and hit enter, e.g.:

You should get an output like this:

Non-authoritative answer:
Addresses:  2a00:1450:4009:800::200e


PowerShell – Active Directory

Active Directory is a type of LDAP.

You can query active directory using set of powershell commands.

To do this you need to first turn on the AD windows feature. You do this on windows like this:

start -> control panel -> programs -> Program and Features -> Turn windows features on or off (left hand side column)

import the active directory module.

See Also:

Run LDAP query on Linux

PowerShell – Using WinSCP to copy files to/from Linux machines

It is possible to copy files to/from a linux machine using Powershell. This can be done using a free tool called winscp.

Winscp is actually a gui based tool, but you can use it from

# I created this script using the following as an inspiration:

# Load WinSCP .NET assembly
[Reflection.Assembly]::LoadFrom(“c:\path\to\WinSCPnet.dll”) | Out-Null

# Setup session options
$sessionOptions = New-Object WinSCP.SessionOptions
$sessionOptions.Protocol = [WinSCP.Protocol]::Sftp
$sessionOptions.HostName = $ServerName
$sessionOptions.UserName = $Username
$sessionOptions.Password = $password
#$sessionOptions.SshHostKeyFingerprint = “ssh-rsa 1024 xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx” # this feature is desabled in the next line.
# Note I disabled the above line, and enabled the line below using instructions from:
$sessionOptions.GiveUpSecurityAndAcceptAnySshHostKey = $true

$session = New-Object WinSCP.Session
# note for more info, see

# Connect

# Set transfer mode to binary
# note, for

Powershell – Make a permanent change to the “path” environment variable

A common task you often need to do is append a new path to the path environment variable:


The first way is simply to do:


But this change isn’t permenantly, $env:path will default back to what it was before as soon as you close your powershell terminal and reopen it again. That’s because you have applied the change at the session level and not at the source level (which is the registry level). To view the global value of $env:path, do:

Get-ItemProperty -Path ‘Registry::HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\Environment’ -Name PATH

or, more specifically:

(Get-ItemProperty -Path ‘Registry::HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\Environment’ -Name PATH).path

Now to change this, first we capture the original path that needs to be modified:

$oldpath = (Get-ItemProperty -Path ‘Registry::HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\Environment’ -Name PATH).path

Now we define what the new path should look like, in this case we are appending a new

Enable-psremoting while Virtualbox is installed

If you have virtualbox installed on your machine, then as a side effect, you’ll discover that the enable-psremoting no longer works. That’s because as part of the vb install, it created a “public network” adapter as a byproduct, which blocks enable-psremoting from working. This is actually a bug relating to virtualbox and can be fixed by adding the following entry in regedit:


1. Open regedit and navigate to HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}

2. Browse through the subkeys (named 0000, 0001, etc) until you find the subkey containing the virtualbox network adapter, this is the one where the “DriverDesc” key has “VirtualBox Host-Only Ethernet Adapter” as value.

3. Add a new DWORD value with a name of “*NdisDeviceType” and a value of “1

PowerShell – Working with providers

Chapter 5 – Working with providers

WordPress has things called plugins, which can extend wordpress’s features. Powershell has similar features which are called snapins and modules.

In PS, we have things called “PSDrives”. These are a bit like virtual hard drives (vhdds). Some of these virtual hdds stores a normal files system, that contains files and folders, whereas others are specialized “storage containers”, which can store all kinds of things, that are not of the traditional files/folders structure. So in other words we have different types of psdrives. These types have names called “psproviders”. To view a list of all the various types of psproviders do:

PS C:\> Get-PSProvider
Name            Capabilities            															

PowerShell – IIS automation

You can view the IIS gui conole by running “Inetmgr” on the commandline.



To automate IIS you first need to ensure you have the “webadministration”:


PS C:\Windows\system32> Get-Module -ListAvailable

    Directory: C:\Windows\system32\WindowsPowerShell\v1.0\Modules

ModuleType Version    Name                                ExportedCommands
---------- -------    ----                                ----------------
Manifest    ADRMS           															

PowerShell – Detect what version of .NET is installed


The tale given in the first answer in the above stackoverflow questions shows what to look for. Then do:


cd HKLM:\SOFTWARE\Microsoft\NET Framework Setup\NDP

This should give output that looks like:

cd HKLM:\SOFTWARE\Microsoft\NET Framework Setup\NDP

SKC  VC Name                           Property
---  -- ----                           --------
  1   0 CDF                           															

Powershell – Accessing the registry

There are 2 main cmdlets you use to identify and navigate the registry (instead of using regedit).

First of you navigate the registry in the same style as navigating a folder structure, i.e. you navigate it using cd and get-childitem. But the registry doesn’t reside inside the c:\ drive, instead it resides in it’s own drive called registry:

PS C:\> Get-PSProvider

Name                 Capabilities                                      Drives

PowerShell – Using psexec to automate UI tasks on remote machines

When you use PowerShell native remoting commands, e.g. invoke-command, the remote server acts as a terminal server, and doesn’t have an active UI session. This means that you can’t do something like this:

powershell -computername {name} -scriptblock {notepad.exe}

Officially there are no powershell cmdlets that you can use to remotely control the gui.

Instead you have to use another microsoft owned utility called “psexec”. This is a standalone exe that you can download for free. However psexec comes as part of a bundle of other exe. This bundle is called pstools.

So all you need to do is

  1. download pstools (which is a zip file),
  2. unblock it (right click on the zip file | properties | unblock button) if necessary,
  3. then just extract the psexec.exe
  4. Place the file in a memorable