powershell
Last updated
Was this helpful?
Last updated
Was this helpful?
to execute powershell as administrator
right click 'Run As Administrator'
ctrl+r »
powershell
» ctrl + shift + enterto verify powershell running as admin
> (New-Object Security.Principal.WindowsPrincipal([Security.Principal.WindowsIdentity]::GetCurrent())).IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator) True
references
Write-Warning "hello"
Write-Error "hello"
Write-Output "hello" | Out-Null
[!NOTE|label:references:]
> $PROFILE | Get-Member -Type NoteProperty
TypeName: System.String
Name MemberType Definition
---- ---------- ----------
AllUsersAllHosts NoteProperty string AllUsersAllHosts=C:\Program Files\PowerShell\7\profile.ps1
AllUsersCurrentHost NoteProperty string AllUsersCurrentHost=C:\Program Files\PowerShell\7\Microsoft.Power…
CurrentUserAllHosts NoteProperty string CurrentUserAllHosts=C:\Users\marslo\OneDrive - Company\Documents\…
CurrentUserCurrentHost NoteProperty string CurrentUserCurrentHost=C:\Users\marslo\OneDrive - Company\Documen…
[!NOTE|label:references:]
REM cmd
> powershell -command "..."
REM example
> powershell -command "get-process | ? {$_.Description -eq 'Sysinter Process Explorer'} | select processname | out-file $env:APPDATA\example.txt"
REM execute ps file
> powershell -file /path/to/script.ps1
[!NOTE|label:references:]
> winget install --id Microsoft.Powershell --source winget
> winget install --id Microsoft.Powershell.Preview --source winget
# silent install
> curl -fsSL -O https://github.com/PowerShell/PowerShell/releases/download/v7.4.1/PowerShell-7.4.1-win-x64.msi
> msiexec.exe /package PowerShell-7.4.1-win-x64.msi /quiet ADD_EXPLORER_CONTEXT_MENU_OPENPOWERSHELL=1 ADD_FILE_CONTEXT_MENU_RUNPOWERSHELL=1 ENABLE_PSREMOTING=1 REGISTER_MANIFEST=1 USE_MU=1 ENABLE_MU=1 ADD_PATH=1
# check avaiable
> winget search Microsoft.PowerShell
Name Id Version Source
---------------------------------------------------------------
PowerShell Microsoft.PowerShell 7.4.1.0 winget
PowerShell Preview Microsoft.PowerShell.Preview 7.5.0.1 winget
for restriction
> Register-PSSessionConfiguration
> Update-Help -Scope AllUsers
> Enable-ExperimentalFeature -Scope AllUsers
> Set-ExecutionPolicy -Scope LocalMachine
> winget list --name PowerShell --upgrade-available
references:
S-1-5-32-544
:Administrators
S-1-5-32-545
:Users
S-1-5-32-547
:Power Users
> (New-Object Security.Principal.WindowsPrincipal([Security.Principal.WindowsIdentity]::GetCurrent())).IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)
True
# or
> $isAdmin = (new-object System.Security.Principal.WindowsPrincipal([System.Security.Principal.WindowsIdentity]::GetCurrent())).IsInRole("Administrators")
> echo $isAdmin
True
# or via SID
> $isAdmin = (new-object System.Security.Principal.WindowsPrincipal([System.Security.Principal.WindowsIdentity]::GetCurrent())).IsInRole(([System.Security.Principal.SecurityIdentifier]"S-1-5-32-544"))
> echo $isAdmin
True
or
$currentPrincipal = New-Object Security.Principal.WindowsPrincipal([Security.Principal.WindowsIdentity]::GetCurrent())
if (-not ($currentPrincipal.IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)))
{
Write-Warning "This script needs to be running as the administrator."
Exit 1
}
Write-Host "You are running as the administrator."
others
> echo $currentPrincipal
Identity : System.Security.Principal.WindowsIdentity
UserClaims : {http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name: WORKGROUP\marslo,
http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid:
S-1-5-21-1801674531-527237240-682003330-164699,
http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid: S-1-1-0,
http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid: S-1-2-0...}
DeviceClaims : {}
Claims : {http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name: WORKGROUP\marslo,
http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid:
S-1-5-21-1801674531-527237240-682003330-164699,
http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid: S-1-1-0,
http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid: S-1-2-0...}
Identities : {WORKGROUP\marslo}
references:
> New-ItemProperty `
-Path "HKLM:\SYSTEM\CurrentControlSet\Control\FileSystem" `
-Name "LongPathsEnabled" `
-Value 1 `
-PropertyType DWORD `
-Force
or via modify regedit
> REG ADD "HKLM\SYSTEM\CurrentControlSet\Control\FileSystem" /v "LongPathsEnabled" /t REG_DWORD /d 0x00000001 /f
REM .reg
REM Windows Registry Editor Version 5.00
REM [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\FileSystem]
REM "LongPathsEnabled"=dword:00000001
references:
> Get-AppxPackage –AllUsers | Select Name, PackageFullName
# or
> winget list
or search via keywords
PS C:\Users\marslo> Get-AppxPackage -Name *edge*
Name : Microsoft.MicrosoftEdgeDevToolsClient
Publisher : CN=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
Architecture : Neutral
ResourceId : neutral
Version : 1000.19041.1023.0
PackageFullName : Microsoft.MicrosoftEdgeDevToolsClient_1000.19041.1023.0_neutral_neutral_8wekyb3d8bbwe
InstallLocation : C:\Windows\SystemApps\Microsoft.MicrosoftEdgeDevToolsClient_8wekyb3d8bbwe
IsFramework : False
PackageFamilyName : Microsoft.MicrosoftEdgeDevToolsClient_8wekyb3d8bbwe
PublisherId : 8wekyb3d8bbwe
IsResourcePackage : False
IsBundle : False
IsDevelopmentMode : False
NonRemovable : True
IsPartiallyStaged : False
SignatureKind : System
Status : Ok
# or
> winget list chrome
Name Id Version Source
-------------------------------------------------
Google Chrome Google.Chrome 113.0.5672.93 winget
or
Get-AppxPackage | Get-AppxPackageManifest |
ForEach-Object {
$_.Package.Applications.Application.VisualElements.DisplayName
}
or exclude all ms-
Get-AppxPackage | Get-AppxPackageManifest |
ForEach-Object {
$_.Package.Applications.Application.VisualElements.DisplayName
} | Where-Object {
$_ -notmatch '^ms'
}
or show name and display name
$Packages=Get-AppxPackage -PackageTypeFilter Main
$PackageManager = New-Object Windows.Management.Deployment.PackageManager
foreach ($Package in $Packages) {
Write-Output $Package.PackageFullName
try {
$PackageUWP = $PackageManager.FindPackage($Package.PackageFullName)
Write-Output $PackageUWP.DisplayName
Write-Output ''
}
catch {
throw
break
}
}
Remove-Variable Packages,PackageManager,Package,PackageUWP
references:
> Get-AppXPackage -AllUsers | Where-Object {$_.InstallLocation -like "*SystemApps*"} | Foreach {Add-AppxPackage -DisableDevelopmentMode -Register "$($_.InstallLocation)\AppXManifest.xml"}
> Get-AppxPackage Microsoft.Windows.ShellExperienceHost | foreach {Add-AppxPackage -register "$($_.InstallLocation)\appxmanifest.xml" -DisableDevelopmentMode}
> Get-AppXPackage | Foreach {Add-AppxPackage -DisableDevelopmentMode -Register "$($_.InstallLocation)\AppXManifest.xml"}
references:
check policy
> Get-ExecutionPolicy
modify policy
> Set-ExecutionPolicy -Scope CurrentUser -ExecutionPolicy Unrestricted
revert to previous policy
> Set-ExecutionPolicy -Scope CurrentUser -ExecutionPolicy <policy>
# i.e.:
> Set-ExecutionPolicy -Scope CurrentUser -ExecutionPolicy Restricted
> WDSUTIL.exe /Set-Server /AnswerClients:None
# check macaddress
> (Get-NetAdapter "Ethernet").MacAddress
references:
> Get-AppXPackage -Name Microsoft.Windows.Search
Name : Microsoft.Windows.Search
Publisher : CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
Architecture : Neutral
ResourceId : neutral
Version : 1.14.9.19041
PackageFullName : Microsoft.Windows.Search_1.14.9.19041_neutral_neutral_cw5n1h2txyewy
InstallLocation : C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy
IsFramework : False
PackageFamilyName : Microsoft.Windows.Search_cw5n1h2txyewy
PublisherId : cw5n1h2txyewy
IsResourcePackage : False
IsBundle : False
IsDevelopmentMode : False
NonRemovable : True
IsPartiallyStaged : False
SignatureKind : System
Status : Ok
scan health and restore health
> DISM.exe /Online /Cleanup-image /Scanhealth
> DISM.exe /Online /Cleanup-image /Restorehealth
execute searching diagnostic
> msdt -ep WindowsHelp id SearchDiagnostic
> sc config wsearch start=disabled
> net stop wsearch
> esentutl.exe /d %AllUsersProfile%\Microsoft\Search\Data\Applications\Windows\Windows.edb
> sc config wsearch start=delayed-auto
> net start wsearch
reinstall windows search
> Get-AppXPackage -Name Microsoft.Windows.Search | Foreach {Add-AppxPackage -DisableDevelopmentMode -Register "$($_.InstallLocation)\AppXManifest.xml"}
reinstall cortana
> Get-AppXPackage -Name Microsoft.Windows.Cortana | Foreach {Add-AppxPackage -DisableDevelopmentMode -Register "$($_.InstallLocation)\AppXManifest.xml"}
reinstall StartMenuExperienceHost
> taskkill /f /im explorer.exe
SUCCESS: The process "explorer.exe" with PID 20256 has been terminated.
> Get-AppXPackage -Name Microsoft.Windows.StartMenuExperienceHost | Foreach {Add-AppxPackage -DisableDevelopmentMode -Register "$($_.InstallLocation)\AppXManifest.xml"}
> start explorer
status
PS C:\> Get-AppXPackage -Name Microsoft.Windows.StartMenuExperienceHost Name : Microsoft.Windows.StartMenuExperienceHost Publisher : CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US Architecture : Neutral
ResourceId : neutral
Version : 10.0.19041.1023
PackageFullName : Microsoft.Windows.StartMenuExperienceHost_10.0.19041.1023_neutral_neutral_cw5n1h2txyewy
InstallLocation : C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy
IsFramework : False
PackageFamilyName : Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy
PublisherId : cw5n1h2txyewy
IsResourcePackage : False
IsBundle : False
IsDevelopmentMode : False
NonRemovable : True
IsPartiallyStaged : False
SignatureKind : System
Status : Ok
re-build ShellExperienceHost
> taskkill /f /im explorer.exe
> taskkill /f /im shellexperiencehost.exe
> timeout /t 3 /NOBREAK > nul
> del %localappdata%\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\TempState\* /q
> timeout /t 2 /NOBREAK > nul
> start explorer
> @echo on
install
references:
> Get-AppXPackage -Name Microsoft.Windows.Cortana | Foreach {Add-AppxPackage -DisableDevelopmentMode -Register "$($_.InstallLocation)\AppXManifest.xml"}
remove the cache
> RD /S /Q "%LOCALAPPDATA%\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\RoamingState"
remove
> Get-AppxPackage -AllUsers Microsoft.549981C3F5F10
Name : Microsoft.549981C3F5F10
Publisher : CN=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
Architecture : X64
ResourceId :
Version : 4.2204.13303.0
PackageFullName : Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe
InstallLocation : C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe
IsFramework : False
PackageFamilyName : Microsoft.549981C3F5F10_8wekyb3d8bbwe
PublisherId : 8wekyb3d8bbwe
PackageUserInformation : {S-1-5-21-1801674531-527237240-682003330-164699 [Company\marslo]: Installed}
IsResourcePackage : False
IsBundle : False
IsDevelopmentMode : False
NonRemovable : False
Dependencies : {Microsoft.NET.Native.Framework.2.2_2.2.29512.0_x64__8wekyb3d8bbwe,
Microsoft.NET.Native.Runtime.2.2_2.2.28604.0_x64__8wekyb3d8bbwe,
Microsoft.VCLibs.140.00_14.0.30704.0_x64__8wekyb3d8bbwe,
Microsoft.VCLibs.140.00.UWPDesktop_14.0.30704.0_x64__8wekyb3d8bbwe...}
IsPartiallyStaged : False
SignatureKind : Store
Status : Ok
> Get-AppxPackage -allusers Microsoft.549981C3F5F10 | Remove-AppxPackage
references:
# check available version
> Get-WindowsCapability -Online | Where-Object Name -like 'OpenSSH*'
# install
> Add-WindowsCapability -Online -Name OpenSSH.Client~~~~0.0.1.0
> Add-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0
> Get-Service ssh-agent | Set-Service -StartupType Automatic -PassThru | Start-Service
start service
# Start the sshd service
Start-Service sshd
# OPTIONAL but recommended:
Set-Service -Name sshd -StartupType 'Automatic'
# Confirm the Firewall rule is configured. It should be created automatically by setup. Run the following to verify
if (!(Get-NetFirewallRule -Name "OpenSSH-Server-In-TCP" -ErrorAction SilentlyContinue | Select-Object Name, Enabled)) {
Write-Output "Firewall Rule 'OpenSSH-Server-In-TCP' does not exist, creating it..."
New-NetFirewallRule -Name 'OpenSSH-Server-In-TCP' -DisplayName 'OpenSSH Server (sshd)' -Enabled True -Direction Inbound -Protocol TCP -Action Allow -LocalPort 22
} else {
Write-Output "Firewall rule 'OpenSSH-Server-In-TCP' has been created and exists."
}
uninstall
# Uninstall the OpenSSH Client
Remove-WindowsCapability -Online -Name OpenSSH.Client~~~~0.0.1.0
# Uninstall the OpenSSH Server
Remove-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0
references:
prerequisites
> Install-WindowsFeature Web-Windows-Auth,Web-ISAPI-Ext,Web-Metabase,Web-WMI,BITS,RDC,NET-Framework-Features,Web-Asp-Net,Web-Asp-Net45,NET-HTTP-Activation,NET-Non-HTTP-Activ
# download SQLServer
> Set-VMDvdDrive -VMName SRV1 -Path c:\VHD\SQLServer2014SP2-FullSlipstream-x64-ENU.iso
> D:\setup.exe /q /ACTION=Install /ERRORREPORTING="False" /FEATURES=SQLENGINE,RS,IS,SSMS,TOOLS,ADV_SSMS,CONN /INSTANCENAME=MSSQLSERVER /INSTANCEDIR="C:\Program Files\Microsoft SQL Server" /SQLSVCACCOUNT="NT AUTHORITY\System" /SQLSYSADMINACCOUNTS="BUILTIN\ADMINISTRATORS" /SQLSVCSTARTUPTYPE=Automatic /AGTSVCACCOUNT="NT AUTHORITY\SYSTEM" /AGTSVCSTARTUPTYPE=Automatic /RSSVCACCOUNT="NT AUTHORITY\System" /RSSVCSTARTUPTYPE=Automatic /ISSVCACCOUNT="NT AUTHORITY\System" /ISSVCSTARTUPTYPE=Disabled /ASCOLLATION="Latin1_General_CI_AS" /SQLCOLLATION="SQL_Latin1_General_CP1_CI_AS" /TCPENABLED="1" /NPENABLED="1" /IAcceptSQLServerLicenseTerms
# elevated windows powershell
> New-NetFirewallRule -DisplayName "SQL Server" -Direction Inbound -Protocol TCP -LocalPort 1433 -Action allow
> New-NetFirewallRule -DisplayName "SQL Admin Connection" -Direction Inbound -Protocol TCP -LocalPort 1434 -Action allow
> New-NetFirewallRule -DisplayName "SQL Database Management" -Direction Inbound -Protocol UDP -LocalPort 1434 -Action allow
> New-NetFirewallRule -DisplayName "SQL Service Broker" -Direction Inbound -Protocol TCP -LocalPort 4022 -Action allow
> New-NetFirewallRule -DisplayName "SQL Debugger/RPC" -Direction Inbound -Protocol TCP -LocalPort 135 -Action allow
# download ADK : https://learn.microsoft.com/en-us/windows-hardware/get-started/adk-install
microsoft configuration manager
> $AdminKey = "HKLM:\SOFTWARE\Microsoft\Active Setup\Installed Components\{A509B1A7-37EF-4b3f-8CFC-4F3A74704073}"
> Set-ItemProperty -Path $AdminKey -Name "IsInstalled" -Value 0
> Stop-Process -Name Explorer
# download winmgmt (Microsoft Configuration Manager) : https://www.microsoft.com/en-us/evalcenter/evaluate-microsoft-endpoint-configuration-manager
# verify WMI
> Get-Service Winmgmt
Status Name DisplayName
------ ---- -----------
Running Winmgmt Windows Management Instrumentation
> Test-NetConnection -ComputerName 192.168.0.2 -Port 135 -InformationLevel Detailed
ComputerName : 192.168.0.2
RemoteAddress : 192.168.0.2
RemotePort : 135
AllNameResolutionResults :
MatchingIPsecRules :
NetworkIsolationContext : Internet
InterfaceAlias : Ethernet
SourceAddress : 192.168.0.2
NetRoute (NextHop) : 0.0.0.0
PingSucceeded : True
PingReplyDetails (RTT) : 0 ms
TcpTestSucceeded : True
# from bat
> C:\configmgr\SMSSETUP\BIN\X64\extadsch.exe
> adsiedit.msc
…
# re-enable IE Enhanced Security Configuration
> Set-ItemProperty -Path $AdminKey -Name "IsInstalled" -Value 1
> Stop-Process -Name Explorer
download mdop and install dart
prepare for zero touch installation
create a boot image for configuration manager
> Copy-Item -Path "C:\ProgramData\Microsoft\User Account Pictures\user.bmp" -Destination "C:\Sources\OSD\Branding\contoso.bmp"
create a windows 10 reference image
> Set-VMDvdDrive -VMName SRV1 -Path c:\VHD\w10-enterprise.iso
...
# setup hyper-v host computer
> New-VM -Name REFW10X64-001 -SwitchName poc-internal -NewVHDPath "c:\VHD\REFW10X64-001.vhdx" -NewVHDSizeBytes 60GB
> Set-VMMemory -VMName REFW10X64-001 -DynamicMemoryEnabled $true -MinimumBytes 1024MB -MaximumBytes 1024MB -Buffer 20
> Set-VMDvdDrive -VMName REFW10X64-001 -Path c:\VHD\LiteTouchPE_x86.iso
> Start-VM REFW10X64-001
> vmconnect localhost REFW10X64-001
add a windows 10 os image
> New-Item -ItemType Directory -Path "C:\Sources\OSD\OS\Windows 10 Enterprise x64"
> cmd /c copy /z "C:\MDTBuildLab\Captures\REFW10X64-001.wim" "C:\Sources\OSD\OS\Windows 10 Enterprise x64"
create a task sequence
finalize the os configuration
deploy windows 10 using pxe and configuration manager
> New-VM -Name "PC4" -NewVHDPath "c:\vhd\pc4.vhdx" -NewVHDSizeBytes 40GB -SwitchName poc-internal -BootDevice NetworkAdapter -Generation 2
> Set-VMMemory -VMName "PC4" -DynamicMemoryEnabled $true -MinimumBytes 512MB -MaximumBytes 2048MB -Buffer 20
> Start-VM PC4
> vmconnect localhost PC4
deploy PC4
> New-VM -Name "PC4" -NewVHDPath "c:\vhd\pc4.vhdx" -NewVHDSizeBytes 60GB -SwitchName poc-internal -BootDevice NetworkAdapter -Generation 2
> Set-VMMemory -VMName "PC4" -DynamicMemoryEnabled $true -MinimumBytes 1024MB -MaximumBytes 2048MB -Buffer 20
> Set-VMNetworkAdapter -VMName PC4 -StaticMacAddress 00-15-5D-83-26-FF
open configuration management property
> control.exe smscfgrc
replace a client with windows 10 using configuration manager
get network interface (NIC)
> Get-NetAdapter | Sort-Object -Property MacAddress
get ip route
# ipv4
> Get-NetRoute -AddressFamily IPv4 | Where-Object -FilterScript {$_.NextHop -ne '0.0.0.0'}
# ipv6
> Get-NetRoute -AddressFamily IPv6 | Where-Object -FilterScript {$_.NextHop -ne '::'}
[!NOTE|label:references:]
Console History File:
$env:APPDATA\Microsoft\Windows\PowerShell\PSReadLine\ConsoleHost_history.txt
PSReadLine history File:
(Get-PSReadlineOption).HistorySavePath
info
> Get-PSReadLineOption | select -ExpandProperty HistorySavePath
C:\Users\marslo\AppData\Roaming\Microsoft\Windows\PowerShell\PSReadLine\ConsoleHost_history.txt
# or
> (Get-PSReadlineOption).HistorySaveStyle
SaveIncrementally
> (Get-PSReadlineOption).HistoryNoDuplicates
True
> (Get-PSReadlineOption).MaximumHistoryCount
4096
> (Get-PSReadlineOption).HistorySavePath
C:\Users\marslo\AppData\Roaming\Microsoft\Windows\PowerShell\PSReadLine\ConsoleHost_history.txt
# list history with timeline
> Get-History | Format-List -Property *
backup
> Get-Content (Get-PSReadlineOption).HistorySavePath > D:\PowerShellHistory.txt
search in history
> Select-String '..keywords..' (Get-PSReadlineOption).HistorySavePath
rename
> rename-item -path $env:APPDATA\Microsoft\Windows\PowerShell\PSReadLine\ConsoleHost_history.txt -newname ConsoleHost_history_before.txt
remove
> remove-item -force -path $env:APPDATA\Microsoft\Windows\PowerShell\PSReadLine\ConsoleHost_history.txt
clear history
> Set-PSReadlineOption -HistorySaveStyle SaveNothing
> Set-PSReadlineOption -HistorySaveStyle SaveIncrementally
# or
> Clear-History
> Clear-History -count 1 -newest
> Clear-History -CommandLine *set-ad*
add history
> Get-History | Export-Clixml -Path C:\Users\marslo\commands_hist.xml
> Add-History -InputObject (Import-Clixml -Path C:\Users\marslo\commands_hist.xml)
# automatic import
> $HistFile = Join-Path ([Environment]::GetFolderPath('UserProfile')) .ps_history
> Register-EngineEvent PowerShell.Exiting -Action { Get-History | Export-Clixml $HistFile } | out-null
> if (Test-path $HistFile) { Import-Clixml $HistFile | Add-History }
[!NOTE|label:references:]
[!NOTE|label:references:]
> Get-InstalledModule
Version Name Repository Description
------- ---- ---------- -----------
1.13.0 7Zip4Powershell PSGallery Powershell module for creating and extracting...
1.6.3133.0 Microsoft.WinGet.Client PSGallery PowerShell Module for the Windows Package Man...
2.3.4 PSReadLine PSGallery Great command line editing in the PowerShell ...
1.0.1 PSWriteColor PSGallery Write-Color is a wrapper around Write-Host al...
2.2.16 VSSetup PSGallery Visual Studio Setup PowerShell Module
0.5.2 WebKitDev PSGallery PowerShell scripts for WebKit development on ...
> Get-PackageSource -ProviderName DockerMsftProvider
Name ProviderName IsTrusted Location
---- ------------ --------- --------
DockerDefault DockerMsftPro... False https://go.microsoft.com/fwlink/?LinkID=825636&clcid=0x409
> Get-PackageSource
Name ProviderName IsTrusted Location
---- ------------ --------- --------
PSGallery PowerShellGet False https://www.powershellgallery.com/api/v2
DockerDefault DockerMsftPro... False https://go.microsoft.com/fwlink/?LinkID=825636&clcid=0x409
[!NOTE|label:references:]
keys:
install
> Install-Module PSReadLine
# or
> Install-Module PSReadLine -RequiredVersion 2.1.0
> Import-Module PSReadLine
> Set-PSReadLineOption -PredictionSource History
# or
> Set-PSReadLineOption -PredictionSource HistoryAndPlugin
# change execution policy if necessary
> Set-ExecutionPolicy RemoteSigned
configure
[!TIP|label:references:]
# check profile
> Test-path $profile
# create profile file if necessary
> New-item –type file –force $profile
# edit profile
> notepad $profile
> cat $profile
# or
> cat %USERPROFILE%\Documents\WindowsPowerShell\Microsoft.PowerShell_profile.ps1
# or
> cat %USERPROFILE%\Documents\PowerShell\Microsoft.PowerShell_profile.ps1
# shows navigable menu of all options when hitting tab
Set-PSReadlineKeyHandler -Key Tab -Function MenuComplete
# autocompletion for arrow keys
Set-PSReadlineKeyHandler -Key UpArrow -Function HistorySearchBackward
Set-PSReadlineKeyHandler -Key DownArrow -Function HistorySearchForward
# auto suggestions
Import-Module PSReadLine
Set-PSReadLineOption -PredictionSource History
# emaics mode
Set-PSReadLineOption -EditMode Emacs
# Set-PSReadLineKeyHandler -Key Ctrl+p -Function HistorySearchBackward
# Set-PSReadlineKeyHandler -Key Ctrl+n -Function HistorySearchForward
# Set-PSReadLineKeyHandler -Key Ctrl+u -Function RevertLine
setup candidate color
> Set-PSReadLineOption -Colors @{emphasis = '#ff0000'; inlinePrediction = 'magenta'}
get info
> Get-PSReadLineKeyHandler
> Get-PSReadLineOption
# get value
> echo (Get-PSReadlineOption).HistorySavePath
C:\Users\marslo\AppData\Roaming\Microsoft\Windows\PowerShell\PSReadLine\ConsoleHost_history.txt
# or
> Test-Path ((Get-PSReadlineOption).HistorySavePath)
True
[!NOTE|label:references:]
> [Environment]::SetEnvironmentVariable("HTTP_PROXY", "http://username:password@proxy:port/", [EnvironmentVariableTarget]::Machine)
[!NOTE|label:references:]
get timezone
> tzutil /g
Dateline Standard Time
> Get-TimeZone
Id : Dateline Standard Time
DisplayName : (UTC-12:00) International Date Line West
StandardName : Dateline Standard Time
DaylightName : Dateline Daylight Time
BaseUtcOffset : -12:00:00
SupportsDaylightSavingTime : False
modify timezone
> tzutil /s "Samoa Standard Time"
> tzutil /g
# 引入 posh-git
Import-Module posh-git
# 引入 oh-my-posh
Import-Module oh-my-posh
# 引入 ps-read-line
Import-Module PSReadLine
# 设置 PowerShell 主题
Set-PoshPrompt -Theme gmay
#------------------------------- Import Modules END -------------------------------
#------------------------------- Set Hot-keys BEGIN -------------------------------
# 设置预测文本来源为历史记录
Set-PSReadLineOption -PredictionSource History
# 每次回溯输入历史,光标定位于输入内容末尾
Set-PSReadLineOption -HistorySearchCursorMovesToEnd
# 设置 Tab 为菜单补全和 Intellisense
Set-PSReadLineKeyHandler -Key "Tab" -Function MenuComplete
# 设置 Ctrl+d 为退出 PowerShell
Set-PSReadlineKeyHandler -Key "Ctrl+d" -Function ViExit
# 设置 Ctrl+z 为撤销
Set-PSReadLineKeyHandler -Key "Ctrl+z" -Function Undo
# 设置向上键为后向搜索历史记录
Set-PSReadLineKeyHandler -Key UpArrow -Function HistorySearchBackward
# 设置向下键为前向搜索历史纪录
Set-PSReadLineKeyHandler -Key DownArrow -Function HistorySearchForward
#------------------------------- Set Hot-keys END -------------------------------
#------------------------------- Functions BEGIN -------------------------------
# Python 直接执行
$env:PATHEXT += ";.py"
# 更新系统组件
function Update-Packages {
# update pip
Write-Host "Step 1: 更新 pip" -ForegroundColor Magenta -BackgroundColor Cyan
$a = pip list --outdated
$num_package = $a.Length - 2
for ($i = 0; $i -lt $num_package; $i++) {
$tmp = ($a[2 + $i].Split(" "))[0]
pip install -U $tmp
}
# update TeX Live
$CurrentYear = Get-Date -Format yyyy
Write-Host "Step 2: 更新 TeX Live" $CurrentYear -ForegroundColor Magenta -BackgroundColor Cyan
tlmgr update --self
tlmgr update --all
# update Chocolotey
Write-Host "Step 3: 更新 Chocolatey" -ForegroundColor Magenta -BackgroundColor Cyan
choco outdated
}
#------------------------------- Functions END -------------------------------
#------------------------------- Set Alias BEGIN -------------------------------
# 1. 编译函数 make
function MakeThings {
nmake.exe $args -nologo
}
Set-Alias -Name make -Value MakeThings
# 2. 更新系统 os-update
Set-Alias -Name os-update -Value Update-Packages
# 3. 查看目录 ls & ll
function ListDirectory {
(Get-ChildItem).Name
Write-Host("")
}
Set-Alias -Name ls -Value ListDirectory
Set-Alias -Name ll -Value Get-ChildItem
# 4. 打开当前工作目录
function OpenCurrentFolder {
param
(
# 输入要打开的路径
# 用法示例:open C:\
# 默认路径:当前工作文件夹
$Path = '.'
)
Invoke-Item $Path
}
Set-Alias -Name open -Value OpenCurrentFolder
#------------------------------- Set Alias END -------------------------------
#------------------------------- Set Network BEGIN -------------------------------
# 1. 获取所有 Network Interface
function Get-AllNic {
Get-NetAdapter | Sort-Object -Property MacAddress
}
Set-Alias -Name getnic -Value Get-AllNic
# 2. 获取 IPv4 关键路由
function Get-IPv4Routes {
Get-NetRoute -AddressFamily IPv4 | Where-Object -FilterScript {$_.NextHop -ne '0.0.0.0'}
}
Set-Alias -Name getip -Value Get-IPv4Routes
# 3. 获取 IPv6 关键路由
function Get-IPv6Routes {
Get-NetRoute -AddressFamily IPv6 | Where-Object -FilterScript {$_.NextHop -ne '::'}
}
Set-Alias -Name getip6 -Value Get-IPv6Routes
# Setup Standalone Root CA
> Add-WindowsFeature ADCS-Cert-Authority -IncludeManagementTools
> Install-ADcsCertificationAuthority -CACommonName “REBELAdmin Root CA” -CAType StandaloneRootCA -CryptoProviderName “RSA#Microsoft Software Key Storage Provider” -HashAlgorithmName SHA256 -KeyLength 2048 -ValidityPeriod Years -ValidityPeriodUnits 20
# DSConfigDN
> certutil.exe –setreg ca\DSConfigDN CN=Configuration,DC=rebeladmin,DC=com
# CDP Location
> Install-WindowsFeature Web-WebServer -IncludeManagementTools
# for virtual directory
> mkdir C:\CertEnroll
> New-smbshare -name CertEnroll C:\CertEnroll -FullAccess SYSTEM,"rebeladmin\Domain Admins" -ChangeAccess "rebeladmin\Cert Publishers"
# publish the CDP settings
> certutil -setreg CA\CRLPublicationURLs "1:C:\Windows\system32\CertSrv\CertEnroll\%3%8%9.crl \n10:ldap:///CN=%7%8,CN=%2,CN=CDP,CN=Public Key Services,CN=Services,%6%10\n2:http://crt.rebeladmin.com/CertEnroll/%3%8%9.crl"
# AIA Location (Authority Information Access)
> certutil -setreg CA\CACertPublicationURLs "1:C:\Windows\system32\CertSrv\CertEnroll\%1_%3%4.crt\n2:ldap:///CN=%7,CN=AIA,CN=Public Key Services,CN=Services,%6%11\n2:http://crt.rebeladmin.com/CertEnroll/%1_%3%4.crt"
# CA Time Limits
> certutil -setreg ca\ValidityPeriod "Years"
> certutil -setreg ca\ValidityPeriodUnits 10
# CRL Time Limits
> Certutil -setreg CA\CRLPeriodUnits 13
> Certutil -setreg CA\CRLPeriod "Weeks"
> Certutil -setreg CA\CRLDeltaPeriodUnits 0
> Certutil -setreg CA\CRLOverlapPeriodUnits 6
> Certutil -setreg CA\CRLOverlapPeriod "Hours"
> Restart-Service certsvc
# New CRL
> certutil -crl
Publish Root CA Data in to Active Directory
> certutil –f –dspublish "REBEL-CRTROOT_REBELAdmin Root CA.crt" RootCA
> certutil –f –dspublish "REBELAdmin Root CA.crl"
Setup Issuing CA
> Add-WindowsFeature ADCS-Cert-Authority -IncludeManagementTools
> Add-WindowsFeature ADCS-web-enrollment
> Install-ADcsCertificationAuthority -CACommonName “REBELAdmin IssuingCA” -CAType EnterpriseSubordinateCA -CryptoProviderName “RSA#Microsoft Software Key Storage Provider” -HashAlgorithmName SHA256 -KeyLength 2048
> Install-ADCSwebenrollment
Issue Certificate for Issuing CA
> certreq -submit "REBEL-CA1.rebeladmin.com_REBELAdmin IssuingCA.req"
go to Server Manager > Tools > Certificate Authority > Pending Certificates and the right click on the certificate > All Tasks > Issue
export
> certreq -retrieve 2 "C:\REBEL-CA1.rebeladmin.com_REBELAdmin_IssuingCA.crt"
> Certutil –installcert "C:\REBEL-CA1.rebeladmin.com_REBELAdmin_IssuingCA.crt"
> start-service certsvc
Post Configuration Tasks
# CDP Location
> certutil -setreg CA\CRLPublicationURLs "1:%WINDIR%\system32\CertSrv\CertEnroll\%3%8%9.crl\n2:http://crt.rebeladmin.com/CertEnroll/%3%8%9.crl\n3:ldap:///CN=%7%8,CN=%2,CN=CDP,CN=Public Key Services,CN=Services,%6%10"
# AIA Location
> certutil -setreg CA\CACertPublicationURLs "1:%WINDIR%\system32\CertSrv\CertEnroll\%1_%3%4.crt\n2:http://crt.rebeladmin.com/CertEnroll/%1_%3%4.crt\n3:ldap:///CN=%7,CN=AIA,CN=Public Key Services,CN=Services,%6%11"
# CA and CRL Time Limits
> certutil -setreg CA\CRLPeriodUnits 7
> certutil -setreg CA\CRLPeriod “Days”
> certutil -setreg CA\CRLOverlapPeriodUnits 3
> certutil -setreg CA\CRLOverlapPeriod “Days”
> certutil -setreg CA\CRLDeltaPeriodUnits 0
> certutil -setreg ca\ValidityPeriodUnits 3
> certutil -setreg ca\ValidityPeriod “Years”
> Restart-Service certsvc
> certutil -crl
run PKIView.msc
to verify the configuration.
F2
: list all candidates