- \n
- Making a new firewall rule<\/li>\n
- Restarting the server or computer<\/li>\n
- Restating certain services<\/li>\n
- Checking the status of the service, and more<\/li>\n<\/ul>\n<\/div>\n
![\"CTA\"](\"https:\/\/no-cache.hubspot.com\/cta\/default\/5442029\/cb170909-0383-4fad-a48e-d167b3c0bc63.png\")
<\/a><\/span><\/span>\n<\/div>\n![\"WP](\"https:\/\/www.msp360.com\/resources\/wp-content\/uploads\/2020\/04\/PowerShell-script-for-managing-servers-remotely.png\")
<\/div>\n<\/div>\n1. Get-Help<\/h2>\n
Get-Help is a simple but very useful command that enables admins to obtain helpful information about other PowerShell cmdlets, scripts, etc. If you need to know how the Get-EventLog command works, all you need to do is type \u201cGet-Help -Name Get-EventLog\u201d and Windows displays the full command syntax.<\/p>\n
2. Get-Command<\/h2>\n
This displays the list of commands that correspond to the search parameter you entered. Admins can use this command by typing Get-Command followed by their search query. For instance, \u201cGet-Command *-service*\u201d displays all the commands associated with -service.<\/p>\n
3. Get-Service<\/h2>\n
This command provides you with the list of services installed on your system. If you include the -Name switch as well as the name of the service as parameters to the Get-Service command, Windows will display the state of the service.<\/p>\n
4. Get-Process<\/h2>\n
This command is similar to the Get-Service command. It\u2019s used to get the list of all running processes on your computer.<\/p>\n
5. Set-ExecutionPolicy<\/h2>\n
In line with security best practices, Windows has four built-in levels of access to the PowerShell environment. They are Restricted, All Signed, Remote Signed and Unrestricted.<\/p>\n
- \n
- Restricted<\/strong> \u2014 this locks down PowerShell and ensures that the environment is unable to run PowerShell scripts. You can only enter this command interactively.<\/li>\n
- Unrestricted<\/strong> \u2014 this removes all execution policy restrictions.<\/li>\n
- All Signed<\/strong> \u2014 in this mode, only scripts signed by trusted publishers are allowed to run.<\/li>\n
- Remote Signed<\/strong> \u2014 setting the execution policy to Remote Signed allows the execution of all scripts created locally. Scripts created remotely are allowed to run only if they are signed by trusted publishers.<\/li>\n<\/ul>\n
To prevent the execution of malicious code in the PowerShell environment, scripting is disabled by default \u2014 i.e. set to Restricted. The Set-ExecutionPolicy command allows you to select your preferred level of security. All you need to do is enter the Set-ExecutionPolicy command and the policy name. For instance, \u201cSet-ExecutionPolicy Unrestricted\u201d.<\/p>\n
\n\nPowerShell Remote Alerts<\/div>\n\nIn this document you'll find a PowerShell script that checks the status of the services listed below and sends an email alert if any of them is turned off:<\/p>\n
- \n
- Windows Firewall<\/li>\n
- Windows Defender<\/li>\n
- Windows Update Service<\/li>\n
- Any installed third-party antivirus<\/li>\n<\/ul>\n<\/div>\n
![\"CTA\"](\"https:\/\/no-cache.hubspot.com\/cta\/default\/5442029\/1555841d-7c2e-4434-84c6-e67830d5e7c1.png\")
<\/a><\/span><\/span>\n<\/div>\n![\"WP](\"https:\/\/www.msp360.com\/resources\/wp-content\/uploads\/2019\/12\/Powershell-alerts-icon.png\")
<\/div>\n<\/div>\n6. Get-ExecutionPolicy<\/h2>\n
As an IT admin working on unfamiliar computers and servers, you should first find out the status of the execution policy before running a script. The Get-ExecutionPolicy command helps you do this.<\/p>\n
7. Start-Service<\/h2>\n
The Start-Service command allows you to start any service on Windows \u2014 even if the service is disabled. To do this, append the name of the service to the Start-Service command. For example, \u2018Start-Service -Name \"WSearch\"\u2019 opens up Windows Search.<\/p>\n
8. Start-Process<\/h2>\n
This is quite similar to the Start-Service command and allows you to start one or more processes via PowerShell. Use the Start-Process command followed by the requisite parameters to start a process.<\/p>\n
9. Stop-Process<\/h2>\n
The Stop-Process command enables you to stop a process (or some of its instances) currently running on a computer. This is particularly useful when a process freezes up. Use the Get-Process command to get the process ID or name of the unresponsive process.<\/p>\n
Terminate the process by typing the Stop-Process command with the process ID or process name. For instance, you can stop all Notepad processes using the following command:<\/p>\n
Stop-Process -Name notepad<\/code><\/pre>\nYou can also stop a particular instance of a process using its process ID:<\/p>\n
Stop-Process -ID 1943<\/code><\/pre>\n10. ConvertTo-HTML<\/h2>\n
The ConvertTo-HTML command is a useful tool that admins can use to transfer the output of a PowerShell command\/script into a report for further analysis or to send to someone else. For example, you may want to create a report that lists all the running processes on a local computer, as well as their current status. To do this, you can use this command:<\/p>\n
Get-Process | ConvertTo-HTML -Property Name, Status > C:\\processes.htm<\/code><\/pre>\nThis command will store the list of all running processes (in the form of a Web report) in a file called processes.htm<\/p>\n
Advanced Scripts<\/h2>\n
Here are links to more-complex PowerShell scripts for advanced users. These scripts are particularly useful for automating IT admin tasks and solving challenges common to MSP operations.<\/p>\n
- \n
- Set user password on the local or remote machine<\/a>. This script allows admins to set passwords for user accounts on remote and local machines.<\/li>\n
- Check for stopped or hung services<\/a>. This script allows you to check if services (on remote systems you specify) are hung or stopped. If there are any such services, you\u2019ll receive a notification email. The script then stops hung services and attempts to restart them.<\/li>\n
- Reset password for specified users<\/a>. This script resets passwords for multiple user accounts. It\u2019s particularly useful when your IT admins need to reset the passwords for all users in client organizations.<\/li>\n
- Get network information of remote and local PC\/servers<\/a>. This script returns the network information (IP address, subnet, gateways, and DNS servers) of local and remote machines.<\/li>\n<\/ol>\n
Wrapping Up<\/h2>\n
IT admins looking to use PowerShell to manage remote client workstations must first enable PowerShell remoting on the system they want to connect to remotely. This feature is locked down by default and enabling it gives you access to several remote management functions supported by the Windows Remote Management (WinRM) service and the WS-Management protocol.<\/p>\n
\u00a0<\/a>![\"CTA\"](\"https:\/\/no-cache.hubspot.com\/cta\/default\/5442029\/763c150f-30b3-4ee2-a2a4-a13a79459ca1.png\")
<\/a><\/span><\/span><\/div>\nEnsure that your technicians configure all client workstations and servers to accept remote PowerShell connections from authorized personnel. The configuration procedure should be documented in your New PC Checklist<\/a>, standard operating procedures (SOPs), and other MSP documentation<\/a>.<\/strong><\/p>\n
- Check for stopped or hung services<\/a>. This script allows you to check if services (on remote systems you specify) are hung or stopped. If there are any such services, you\u2019ll receive a notification email. The script then stops hung services and attempts to restart them.<\/li>\n
- Set user password on the local or remote machine<\/a>. This script allows admins to set passwords for user accounts on remote and local machines.<\/li>\n
- Unrestricted<\/strong> \u2014 this removes all execution policy restrictions.<\/li>\n
- Restricted<\/strong> \u2014 this locks down PowerShell and ensures that the environment is unable to run PowerShell scripts. You can only enter this command interactively.<\/li>\n