Learn Windows PowerShell in a Month of Lunches

1. PowerShell is a Command-Line Shell, Not Just a Scripting Language

I realized that PowerShell isn’t really a scripting language. It’s really a command-line shell where you run command-line utilities.

Shell First. PowerShell is fundamentally a command-line shell, similar to Cmd.exe or Unix shells. Its primary function is to execute commands and utilities, making it an interactive tool for system administration. While it possesses scripting capabilities, these are secondary to its core function as a shell.

Command-Centric Approach. The initial focus should be on running individual commands and understanding their parameters. This approach allows users to quickly achieve practical results without immediately delving into complex scripting concepts. Many familiar commands from Cmd.exe, such as dir, cd, copy, and del, are available as aliases in PowerShell, easing the transition for users accustomed to the traditional command-line interface.

Gradual Scripting. As users become more comfortable with running commands, they can gradually transition to scripting by combining commands into reusable sequences. This approach allows users to build upon their existing knowledge and skills, making the learning process more manageable and effective. PowerShell's ability to run external command-line utilities alongside native cmdlets provides a bridge for administrators familiar with traditional tools.

2. Mastering the Help System is Key to PowerShell Proficiency

If you aren’t willing to read PowerShell’s help files, you won’t be effective with PowerShell.

Discoverability. PowerShell's help system is a crucial tool for discovering commands and understanding their usage. It provides detailed information on cmdlet syntax, parameters, and examples, enabling users to effectively utilize the shell's capabilities. The Get-Help cmdlet is the primary means of accessing the help system.

Comprehensive Information. The help system includes not only cmdlet-specific information but also background topics and conceptual overviews. These "about" topics provide valuable context and understanding of PowerShell's underlying principles. The -online parameter of Get-Help provides access to the most up-to-date help content on Microsoft's TechNet website.

Practical Application. The help system is essential for troubleshooting errors and understanding how to connect commands in a pipeline. By mastering the help system, users can effectively learn and use PowerShell in a production environment. The Help function pipes the output to More so that you get a nice paged view instead of seeing all the help fly by at once.

3. The Pipeline Enables Powerful Command Combinations

The pipeline is simply a way for one command to pass, or pipe, its output to another command, so that the second command has something to work with.

Connecting Commands. The pipeline is a fundamental concept in PowerShell, allowing users to connect multiple commands together to perform complex tasks. The output of one command is passed as input to the next, creating a seamless flow of data. The | symbol is used to create a pipeline.

Data Transformation. The pipeline enables users to transform data from one format to another. For example, the output of Get-Process can be piped to Export-Csv to save the process information to a CSV file. The Export-CliXML cmdlet creates a generic command-line interface (CLI) Extensible Markup Language (XML) file.

Efficient Workflow. The pipeline reduces the need for intermediate steps and temporary files. By connecting commands directly, users can streamline their workflow and achieve results with less typing. The Diff cmdlet is designed to take two sets of information and compare them to each other.

4. Extending PowerShell with Modules and Snap-ins

The goal behind Windows PowerShell is that Microsoft builds 100 percent of a product’s administrative functionality in the shell.

Extensibility. PowerShell's extensibility allows it to manage a wide range of technologies and products. Modules and snap-ins provide a means of adding new commands and functionality to the shell. Installing the management tools for products like Exchange Server, SharePoint Server, and SQL Server typically adds PowerShell extensions.

Modules vs. Snap-ins. Modules are designed to be more self-contained and easier to distribute than snap-ins. Modules don't require advanced registration. Snap-ins (PSSnapins) were first created for PowerShell v1.

Discovering and Adding Extensions. The Get-Module -ListAvailable cmdlet lists available modules, while Add-Module loads a specific module. The Get-PSSnapin -Registered cmdlet lists registered snap-ins, and Add-PSSnapin loads a snap-in. The Get-Command cmdlet can be used to discover the commands added by a module or snap-in.

5. Objects: The Foundation of PowerShell Data Handling

The truth is that PowerShell doesn’t actually contain a Dir command, or a Type command, or any of those other commands. Instead, PowerShell defines those as aliases to some of PowerShell’s native cmdlets.

Object-Oriented Approach. PowerShell treats all data as objects, which have properties (attributes) and methods (actions). This object-oriented approach enables users to manipulate data in a structured and consistent manner. The Get-Member cmdlet (alias Gm) is used to discover the properties and methods of an object.

Properties and Methods. Properties contain information about an object, such as its name, size, or status. Methods are actions that can be performed on an object, such as starting, stopping, or deleting it. The Sort-Object cmdlet sorts objects based on their properties.

Collections. A collection is a set of objects. PowerShell's pipeline passes collections of objects from one command to another. The Select-Object cmdlet selects specific properties from a collection of objects.

6. Remote Control: PowerShell's Reach Across Networks

The goal behind Windows PowerShell is that Microsoft builds 100 percent of a product’s administrative functionality in the shell.

Remote Management. PowerShell's remoting capabilities enable users to manage remote computers from a central location. This feature is essential for automating tasks across a network. PowerShell uses the Windows Remote Management (WinRM) service, which is based on the Web Services for Management (WS-MAN) protocol.

One-to-One and One-to-Many Remoting. PowerShell supports two types of remoting: one-to-one (1:1) and one-to-many (1:n). One-to-one remoting involves establishing an interactive session with a single remote computer, while one-to-many remoting involves sending commands to multiple remote computers simultaneously. The Enter-PSSession and Exit-PSSession cmdlets are used for 1:1 remoting.

Invoke-Command. The Invoke-Command cmdlet is used for 1:n remoting. It allows users to execute commands on multiple remote computers in parallel. The -ComputerName parameter specifies the target computers, and the -ScriptBlock parameter specifies the commands to be executed.

7. WMI: Accessing a Wealth of System Information

The goal behind Windows PowerShell is that Microsoft builds 100 percent of a product’s administrative functionality in the shell.

Centralized Management. Windows Management Instrumentation (WMI) provides a standardized way to access management information about Windows systems. It allows users to query system hardware, software, and configuration settings. WMI is organized into namespaces, classes, and instances.

WMI Providers. WMI relies on providers, which are components that expose management information for specific technologies. For example, the DNS Server role installs a WMI provider that allows users to query DNS records. The Get-WmiObject cmdlet is used to query WMI.

WMI Explorer. The WMI Explorer tool can be used to browse the WMI repository and discover available classes and properties. The -filter parameter of Get-WmiObject allows users to specify criteria for retrieving specific instances.

8. Background Jobs: Multitasking in PowerShell

The goal behind Windows PowerShell is that Microsoft builds 100 percent of a product’s administrative functionality in the shell.

Asynchronous Execution. PowerShell's background jobs feature enables users to run commands asynchronously, allowing them to continue working in the shell while the commands execute in the background. This is particularly useful for long-running tasks. The Start-Job cmdlet creates a local job.

Job Management. PowerShell provides several cmdlets for managing background jobs, including Get-Job, Receive-Job, Stop-Job, and Remove-Job. The Get-Job cmdlet lists available jobs and their status. The Receive-Job cmdlet retrieves the results of a job.

WMI and Remoting as Jobs. The -AsJob parameter can be added to Get-WmiObject and Invoke-Command to run those commands as background jobs. This allows users to perform WMI queries and remote administration tasks without blocking the shell.

9. Automating Mass Management: Efficiently Handling Multiple Objects

The goal behind Windows PowerShell is that Microsoft builds 100 percent of a product’s administrative functionality in the shell.

Batch Cmdlets. Many PowerShell cmdlets are designed to accept batches of objects as input, allowing users to perform actions on multiple items simultaneously. This approach is more efficient than enumerating objects one at a time. The Stop-Service, Start-Service, Move-ADObject, and Move-Mailbox cmdlets are examples of batch cmdlets.

WMI Methods. WMI methods can be used to perform actions on multiple objects. The Invoke-WmiMethod cmdlet is used to execute methods on WMI objects. The ForEach-Object cmdlet can be used to enumerate objects and execute methods on each one.

Object Enumeration. The ForEach-Object cmdlet can be used to enumerate objects and perform actions on each one. This approach is useful when there is no batch cmdlet available or when you need to perform custom actions on each object.

10. Security First: Protecting Your PowerShell Environment

The goal behind Windows PowerShell is that Microsoft builds 100 percent of a product’s administrative functionality in the shell.

Execution Policy. PowerShell's execution policy is a security feature that controls the scripts that can be executed. The default setting, Restricted, prevents scripts from being executed at all. The Get-ExecutionPolicy cmdlet displays the current execution policy.

Code Signing. Digital code signing is the process of applying a cryptographic signature to a script. This signature verifies the identity of the script author and ensures that the script has not been modified. The Set-AuthenticodeSignature cmdlet is used to sign scripts.

Security Recommendations. Microsoft recommends using the RemoteSigned execution policy, but a more secure approach is to use AllSigned and sign all scripts with a code-signing certificate. The .PS1 filename extension is not considered an executable file type by Windows, and the shell does not search the current directory for scripts.

11. Variables: Storing and Manipulating Data

The goal behind Windows PowerShell is that Microsoft builds 100 percent of a product’s administrative functionality in the shell.

Storing Values. Variables are used to store data in PowerShell. Variable names start with a dollar sign ($). The assignment operator (=) is used to assign a value to a variable.

Data Types. PowerShell automatically determines the data type of a variable based on the value assigned to it. However, you can explicitly declare a variable's type using square brackets (e.g., [int]$number = 100). The Get-Member cmdlet (alias Gm) is used to discover the properties and methods of a variable.

String Manipulation. String objects have a variety of methods for manipulating text, including IndexOf(), Split(), Join(), Replace(), ToLower(), and ToUpper(). The -join and -split operators are designed to convert arrays to delimited lists and vice versa.

12. Scripting Essentials: Logic, Loops, and Functions

The goal behind Windows PowerShell is that Microsoft builds 100 percent of a product’s administrative functionality in the shell.

Conditional Logic. The If construct is used to execute commands based on a condition. The ElseIf and Else keywords can be used to create more complex conditional logic. The Switch construct is used to compare a value against multiple possible values.

Loops. The For construct is used to repeat a block of commands a specific number of times. The ForEach construct is used to enumerate a collection of objects and execute a block of commands for each object.

Functions. Functions are reusable blocks of code that can be called by name. Functions can accept parameters and return values. The Param() block is used to define parameters for a function.

Last updated: April 10, 2025