Post

Useful PowerShell Commands

Posted Updated
By Tino
2 min read
Useful PowerShell Commands

PowerShell Commands

These are some useful PowerShell commands that I find myself using over and over. This list will be updated often

Searching AD for a specific mobile number

This can be modified to search through other AD user properties also

1

Get-ADUser -filter * -properties DisplayName,mobile | select DisplayName,mobile | Select-String 1234

Get User account information

1

Get-ADUser -Identity <USERNAME> -Properties *

View all locked accounts

1

Search-ADAccount -LockedOut | Select-Object Name, SamAccountName, LockedOut, LastLogonDate, DistinguishedName

Get Group information

1

Get-ADGroup -Identity <SECURITY_GROUP> -Properties *

Get Group Member in a table format

1

Get-ADGroupMember <GROUP> | FORMAT-Table

Get Group Members, but only their names (or ObjectClass, or DisplyName)

1

Get-ADGroupMember <GROUP> -Recursive | Get-ADUser -Property DisplayName | Select Name,ObjectClass,DisplayName

cmd to get public IP and Country

1
2

curl ifconfig.io/ip | Out-String -Stream| Select-String "Content"
curl ifconfig.io/country_code | Out-String -Stream| Select-String "Content"

Find Listening ports (22/SSH for example)

1
2

netstat -ano | select-string "LISTENING"
netstat -ano | select-string ":22"

Find process using that port

Grab process ID (Last column from previous command)

1

tasklist /fi "PID eq 1528"

Get Domain Controller name

This is the DC your session is currently connected to

1

$env:LogOnServer

Running Active Directory cmdlets as another user

If you need to run AD cmdlets as another user - perhaps your admin account - you can do the following

1

$admin = Get-Credential

This will pop-up a dialog box so you can input your desired user credentials. This will be saved under the $admin alias (can be changed to whatever you want)

Then you can run your desired commands like this

1

Set-ADAccountExpiration -Credential $admin -Identity john.doe -DateTime "03/11/2029"

Changing A User Password

1

Set-ADAccountPassword -Identity john.doe -Reset -NewPassword (ConvertTo-SecureString -AsPlainText "SuperCoolNewPassword" -Force)

Get a list of GPOs installed

1

Get-GPO -All

Export GPO

1

Get-GPOReport -Name "SetWallpaper" -ReportType HTML -Path ".\SetWallpaper.html"

List GPOs that were recently modified

1

Get-GPO -All | Where-Object { $_.ModificationTime } | Select-Object DisplayName,ModificationTime

Example

1
2
3
4
5
6
7

PS C:\Users\Administrator\Desktop> Get-GPO -All | Where-Object { $_.ModificationTime } | Select-Object DisplayName, ModificationTime

DisplayName                                ModificationTime
-----------                                ----------------
Default Domain Policy                      10/14/2024 12:19:28 PM
Default Domain Controllers Policy          10/14/2024 12:17:30 PM
SetWallpaper                               10/31/2024 1:01:04 PM

-eof-

Windows
network powershell cmd snippet
This post is licensed under CC BY 4.0 by the author.