PowerShell One Liners

Display Server Information

get-wmiobject -class win32_OperatingSystem | Select-Object -Property CSName,ProductType,Caption,Version,OSArchitecture,CSDVersion

Display all installed Roles and Features on 2012 Server

Import-module servermanager ; Get-WindowsFeature | where-object {$_.Installed -eq $True} | Sort-Object FeatureType, DisplayName | format-list DisplayName,FeatureType

Displays events for who shut down the system

Get-EventLog -LogName System | Where {$_.eventid -eq 1074} | format-List -Property *

Get all Shutdown events

Get-EventLog -LogName System | Where {(($_.eventid -eq 1074) -or($_.eventid -eq 6008) -or ($_.eventid -eq 6009))}

Display installed programs and the date installed

get-wmiobject -class win32_Product | Select-Object -Property Name,InstallDate | Sort-Object InstallDate -Descending

Checking for Journal Wrap

Get-EventLog -LogName “File Replication Service” | Where {$_.eventid -eq 13568} | Sort-Object TimeGenerated | format-Table -Property TimeGenerated,EventID,Source

Network Adapter Info for all VMs on a Host

Get-VM | Select -ExpandProperty NetworkAdapters | Select VMName, MACAddress, IPAddresses, Status

Displays events for account lockout

Run on a DC

Get-EventLog -LogName Security | Where {$_.eventid -eq 4740} | format-List -Property *

Displays a count by source of errors in the system log

Get-EventLog -LogName system -EntryType error | Group source,eventid | Sort count -desc | Select -first 5 | Ft count,name

Change Ft count,name to Export-Csv c:\SystemErrors.csv -Not to export

Find Bug Checks on multi systems

$computers = “Computer1″,”Computer2”

Foreach ($computer in $computers){

get-EventLog -ComputerName $computer -LogName System -Source “BugCheck” | Where {$_.eventid -eq 1001} | Export-Csv -Append -Path c:\temp\bugchk.csv

}

List NIC Team Members

foreach ($i in ((Get-NetLbfoTeam).name)) { {Write-Host “`nTeam Name – “$i`n”Team Members: “Get-NetAdapter (Get-NetLbfoTeamMember -Team $i).Name | FT} }

Enable Enhanced Session Mode Policy in Hyper-V

Set-VMhost -EnableEnhancedSessionMode $TRUE

Cashed accounts

rundll32.exe keymgr.dll,KRShowKeyMgr

Delete all reg keys that match under a key

Get-ChildItem -path “HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\PackageIndex” -Recurse | where { $_.Name -match ‘~amd64~en-US’} | Remove-Item -Force

Get all VMs in Hyper-V cluster

Get-vm -ComputerName (Get-ClusterNode -Cluster (Get-Cluster).Name | Select Name).Name

Get Integration Services Version Hyper-V Cluster

Get-vm -ComputerName (Get-ClusterNode -Cluster (Get-Cluster).Name | Select Name).Name | ft ComputerName,Name,IntegrationServicesVersion,IntegrationServicesState

Mellanox Driver Check

Get-NetAdapter -InterfaceDescription *Mellanox* | select Name,InterfaceDescription,DriverVersion

Get all Driver versions

Get-WmiObject Win32_PnPSignedDriver| select DeviceName, DriverVersion, Manufacturer | Sort DeviceName

Check Integration Services Version Hyper-V Standalone

Get-vm -ComputerName $Env:computername | ft ComputerName,Name,State,IntegrationServicesVersion,IntegrationServicesState

Categories: Uncategorized

Leave a Reply

%d bloggers like this: