First published: 2019-08-02, modified 2022-01-03
I am more of a Unix guy but I get to administer more and more Microsoft systems as time goes by. Back in the day Windows had very limited commandline options to manage systems. It often felt that you were working on a car with the bonnet welded shut. Luckily things changed when Powershell arrived on the scene.
Powershell is a bit counter intuitive for someone that used Unix shells for 30 years but it is very powerful and you can do a lot with it. If you do system administration you quickly find a GUI very limiting. Powershell however provides the flexibility you need to overcome the GUI.
I will probably expand this post with commands I often use and Google is alway your friend. In the meantime you will find very useful powershell commands at the following two sites https://blogs.technet.microsoft.com/askds/2010/02/04/inventorying-computers-with-ad-powershell/ and https://activedirectorypro.com/powershell-commands/
Commands I often Use
General
You want to be on the latest version of powershell if possible. Older versions have less functionality and some commands lack options. To find the version you are running execute:
$PSVersionTable
At the time of writing:
Name Value
---- -----
PSVersion 5.1.14393.2636
PSEdition Desktop
PSCompatibleVersions {1.0, 2.0, 3.0, 4.0...}
BuildVersion 10.0.14393.2636
CLRVersion 4.0.30319.42000
WSManStackVersion 3.0
PSRemotingProtocolVersion 2.3
SerializationVersion 1.1.0.1
If you are a Unix person you cannot live without the tail -f <filename> command to follow logfile output as it happens.
In powershell you can use:
Get-Content <filename> -Tail 1 -Wait
to do the same.
Active directory
If you have a hybrid configuration with office 365 and Azure active directory you will probably run Azure AD Connect to schedule syncronisation changes between you on-premises Active directory and Azure Active directory.
Sometimes you want to sync an update immediatly rather than wait for the scheduled update. Use this command:
Start-ADSyncSyncCycle -PolicyType Delta
To get your current configuration use:
Get-ADSyncSchedule
For more detail you can have a look at: https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-sync-feature-scheduler
To get a list of computers in your Domain and their operating systems execute the following:
Get-ADComputer -Filter * -Property * | Format-Table Name,OperatingSystem,OperatingSystemServicePack,OperatingSystemVersion -Wrap –Auto
To get a list of users:
Get-ADUser -Filter *
or for a simpler list of users:
Get-ADUser -Filter *|ft name,samaccountname
Exchange
Export an exchange milbox to a PST file:
New-MailboxExportRequest -Mailbox someuser -FilePath "\\otherserver\PST_backups\someuser.pst"
Export all mailboxes on a server to PST files:
foreach ($i in (Get-Mailbox -server exchangeserver)) { New-MailboxExportRequest -Mailbox $i -FilePath "\\otherserver\PST_backups\$($i.Alias).pst" }
Check the status of the export jobs:
Get-MailboxExportRequest | Get-MailboxExportRequestStatistics
Delete the export jobs once they are done:
Get-MailboxExportRequest | Remove-MailboxExportRequest
Get exchange database sizes:
Get-MailboxDatabase -Status | select ServerName,Name,DatabaseSize
Get user logon times:
Get-LogonStatistics -Server "mailbox Server" | where {$_.clientname -eq "cas Server"}| ft username,servername,clientname
Get-MailboxStatistics | Sort LastLogonTime -Descending
Search all mailboxes:
Get-Mailbox | Search-Mailbox -SearchQuery 'fraud OR corruption OR bribe' -TargetMailbox "Discovery Search Mailbox" -TargetFolder "AllMailboxes-corruption" -LogLevel Full
Delete the messages containing the search string:
Get-Mailbox |Search-Mailbox -Searchquery 'Subject:"Staff Plan 2020"' -DeleteContent
Exchange Online
Log into Exchange Online:
Install-Module -Name PSWSMan
Set-ExecutionPolicy RemoteSigned
Install-Module -Name ExchangeOnlineManagement or Update-Module -Name ExchangeOnlineManagement
Connect-ExchangeOnline -UserPrincipalName <your_admin_username>
Check if you are logged in:
Get-Mailbox will get you a list of mailboxes.
Find users with automatic forwarding on:
get-mailbox | select userprincipalname,forwardingsmtpaddress,delivertomailboxandforward
Turn of automatic forwarding for a user:
set-mailbox -identity <username> -delivertomailboxandforward $false -forwardingsmtpaddress $null
Many On premises Exchange commands work in Exchange Online and vice versa. The accepted parameters may differ e.g.
Get-MailboxStatistics without parameters will list statistics for all mailboxes on a mailbox server if it is on premises exchange but online exchange requires parameters e.g Get-MailboxStatistics <user>