The Basics of Managing a Windows 10 System with PowerShell

PowerShell isn’t just a command-line tool for system administrators. Even savvy Windows 10 users can take advantage of the capabilities built-in. There are many PowerShell commands that expose advanced functionality built within Windows or just make performing GUI based operations even simpler.

In this article, we are going to group these commands into two buckets, gathering information and performing operations.

Gathering Information

  • Get-ComputerInfo
  • Get-EventLog
  • Get-AppXPackage
  • Get-Process
  • Get-LocalUser
  • Get-MpComputerStatus

Performing Operations

  • Restart-Computer
  • Start-Process
  • Remove-AppxPackage
  • Update-MpSignature
  • New-SmbShare

To use PowerShell, simply type Start→Run→”powershell” in the run dialog box. The version that will launch, by default, will be PowerShell 5.1, which is the last built-in version of PowerShell. Running the latest version, with its many performance enhancements and features, is recommended. You will want to navigate to the PowerShell development page, click on the Windows (x64) .msi under Downloads (Stable) and install the package.

Image #1 Expand
Untitled 38

 

At this point, you can type Start→Run→”pwsh” in the run dialog box, and you will be running the latest version of PowerShell, 7.0.3 at the time of this writing.

Gathering Information

PowerShell has a number of great commands for gathering information on a system. The ones listed below are some of them. In case you want to go further into the Windows operating system, reading through the help for PowerShell should point you in the right direction.

Get-ComputerInfo

Built-in to Windows is a function that allows you to easily pull specific system information all at once. As you can see from the screenshot below, Get-ComputerInfo shows information related to system information, user information, and the Windows installation itself.

Get-ComputerInfo

 

Untitled 39

Get-EventLog

Of course, things can and will go wrong on your Windows 10 system. Most of these failures are recorded in the Application and System event logs. Although you can parse and filter those logs in the GUI, sometimes it is much easier to just pull those from the command line. Get-EventLog will easily show those details for you, and you can even filter by the -Newest number of entries, or the type of record, such as Information, Warning, or Error.

Get-EventLog -LogName Application -Newest 5 -EntryType Error

 

Untitled 40

If you find that Get-EventLog is not available, you may be running PowerShell 7 (Core), as recommended. If this is the case, you simply need to install the WindowsCompatibility module and import the [Microsoft.PowerShell.Management](<http://microsoft.PowerShell.Management>) Windows PowerShell module.

Install-Module WindowsCompatibility
Import-WinModule Microsoft.PowerShell.Management

 

Untitled 41

Get-AppXPackage

One of the big enhancements to Windows 10 was the new packaging model that was created for Windows Store packages, known as AppX. If you use the Windows Store GUI, it’s possible to manage these applications, but it is often far quicker to do so on the command line.

In the example below, we are filtering out Microsoft applications, as there are many, and also returning only the Name and Version properties to make the output easier to read.

Get-AppXPackage | Where-Object Publisher -NotMatch "Microsoft" | Select-Object Name, Version
Untitled 42

To see all of the AppX packages, simply remove the Where-Object command in the pipeline and you will see all Microsoft Packages as well.

Get-Process

When your system starts to runs slowly, many folks will reach to see what is in the Task Manager. This is useful, especially to see a constantly updated graph of usage. But if you need to see more in depth information on a given process, then the Get-Process command will show much more than can be seen in the Task Manager.

Get-Process
Untitled 43

As you can see, running Get-Process by itself will show a similar view to task manager, but by telling it to retrieve all properties of a single process, you can discover much more. As seen in the image below, you can see the process path, it’s version, when it was started, and much more that isn’t shown in the screenshot below.

 

Untitled 44

Get-LocalUser

Every time you login to Windows you are using a user that is contained within a group or groups. Sometimes these are local users, those that are not in a domain (if you are in a corporate environment), or Microsoft Accounts. In the example below, we are selecting specific properties, one of which is PrincipalSource and is very useful to enumerate what type of account you are looking at, such as a Microsoft Account.

Get-LocalUser | Select-Object Name, FullName, Enabled, PrincipalSource, Description | Format-Table -AutoSize
Untitled 45

Get-MpComputerStatus

Finally, we will look at Get-MpComputerStatus for when you need to see if the Windows Defender antivirus is functioning properly, and to make sure that all relevant scans have been running as intended.

Get-MpComputerStatus

 

Untitled 46

Performing Operations

As useful as gathering information is, sometimes you do need to take action to perform an operation based on what you have learned.

Restart-Computer

Simply running Restart-Computer will tell the system to start a restart process. You can use the -Force command to not wait for any processes and force an immediate system restart.

Restart-Computer -Force

Start-Process

Like using the Start→Run dialog, you can similarly start processes using the Start-Process cmdlet. This could be applications such as Notepad, Calculator, or even the modern control panel, as seen below. In the example, the following command will directly open the Display dialog.

Start-Process "ms-settings:display"

 

Untitled 47

Remove-AppXPackage

Previously, we explored listing out AppX Packages that were installed on the system. What if we want to simply remove one of those packages? First we would find the package, using the same Get-AppXPackage command and then “pipe” the results to the Remove-AppXPackage command. As you can see in the example below, we are removing the Microsoft.ZuneMusic package, as it’s not needed.

Get-AppxPackage Microsoft.ZuneMusic | Remove-AppxPackage

 

Untitled 48

Update-MpSignature

Finally, it’s important to make sure that your antivirus is kept up to date. To make sure the latest signatures are installed for Windows Defender, you can run the Update-MpSignature cmdlet to force the signatures to update to the latest version.

Update-MpSignature

Conclusion

As you can see there are many different ways that PowerShell can be used to gather information, perform operations, and manage your system. This article only scratches the surface of the different ways that PowerShell can enhance how you use your Windows 10 system!