To retrieve the full Windows version using PowerShell, you can use the Get-ComputerInfo cmdlet which provides detailed information about the system, including the version of Windows. Specifically, you can extract the Windows version using the WindowsVersion, WindowsBuildLabEx, or WindowsBuildLab properties from the output of Get-ComputerInfo. Alternatively, you can use the Get-WmiObject cmdlet with the Win32_OperatingSystem class and then access the Version property to obtain the version number, which includes the major, minor, build, and revision numbers. Another way is to use the [System.Environment]::OSVersion or [System.Runtime.InteropServices.RuntimeInformation]::OSDescription to get an overview of the operating system version. These methods will display the current Windows version details directly in the PowerShell console.
Best Powershell Books to Read in February 2025
What is PowerShell?
PowerShell is a task automation and configuration management framework from Microsoft, consisting of a command-line shell and associated scripting language. Initially developed for Windows, PowerShell is now open-source and cross-platform, available on Windows, macOS, and Linux.
Here are some key features and components of PowerShell:
- Command-Line Interface (CLI): PowerShell CLI is a powerful command-line tool that allows users to automate and manage system tasks. Commands, known as cmdlets, are designed to perform specific functions and return results in the form of objects.
- Scripting Language: PowerShell includes a scripting language built on the .NET Common Language Runtime (CLR). This makes it highly powerful and flexible, enabling users to write scripts that can automate complex administrative tasks.
- Cmdlets: These are specialized .NET classes that implement specific operations, such as managing files, processes, and system configuration. Cmdlets are the building blocks of PowerShell scripts and can be combined to perform complex tasks.
- Pipelines: PowerShell supports piping, which allows the output of one cmdlet to be used as input to another. This capability enables chaining of commands and streamlining of task automation.
- Integrated Scripting Environment (ISE): PowerShell ISE is a graphical user interface that provides an environment for writing, testing, and debugging PowerShell scripts. It offers features like syntax highlighting, tab completion, and context-sensitive help.
- Modules and Functions: PowerShell supports modular programming through modules, which are packages of related cmdlets, functions, and other resources. This allows for better organization and reuse of code.
- Remoting: PowerShell makes it possible to manage and execute commands on remote systems, facilitating centralized administration and configuration of multiple machines.
- Extensibility: PowerShell can be extended with custom cmdlets and functions using the scripting language or by programming in .NET languages like C#.
With its powerful automation capabilities, PowerShell is widely used for system administration, especially in environments heavily reliant on Microsoft technologies, but also increasingly in heterogeneous IT ecosystems due to its cross-platform support.
How to check if PowerShell is installed on Windows?
To check if PowerShell is installed on a Windows system, you can follow these steps:
- Using the Run Dialog: Press Win + R to open the Run dialog. Type powershell and press Enter. If a PowerShell window opens, it means PowerShell is installed.
- Using the Command Prompt: Open Command Prompt by searching for cmd in the Start menu and pressing Enter. Type powershell and press Enter. If it switches from Command Prompt to a PowerShell session, it's installed.
- Through the Start Menu: Click on the Start button or press the Windows key. Scroll through the list of applications to find the Windows PowerShell folder. If you see "Windows PowerShell," it indicates that it is installed.
- Using File Explorer: Navigate to C:\Windows\System32\WindowsPowerShell\v1.0 or C:\Windows\System32\WindowsPowerShell using File Explorer. If you find powershell.exe in the directory, PowerShell is installed.
- Check PowerShell Version (Optional): Open a PowerShell window using one of the methods above. Type and execute the command: $PSVersionTable.PSVersion This command will display the version of PowerShell installed on your system.
Using any of these methods will help you determine if PowerShell is installed on your Windows system.
How to get hardware information using PowerShell?
You can retrieve detailed hardware information using PowerShell by utilizing various cmdlets that interact with the system's Windows Management Instrumentation (WMI) objects. Here are some common ways to gather hardware information:
Using Get-ComputerInfo
This cmdlet provides comprehensive information about the computer, including hardware details:
1
|
Get-ComputerInfo
|
This will display a wide array of system information. You may filter specific properties related to hardware by using the Select-Object cmdlet.
Using Get-WmiObject or Get-CimInstance
Get-WmiObject (or its newer version Get-CimInstance) can query WMI classes that contain hardware information. Below are several examples:
- CPU Information: Get-CimInstance -ClassName Win32_Processor
- Memory Information: Get-CimInstance -ClassName Win32_PhysicalMemory
- Disk Drive Information: Get-CimInstance -ClassName Win32_DiskDrive
- BIOS Information: Get-CimInstance -ClassName Win32_BIOS
- Network Adapter Information: Get-CimInstance -ClassName Win32_NetworkAdapter | Where-Object { $_.NetEnabled -eq $true }
Using Get-PhysicalDisk
For information related to physical disks, especially in newer versions of Windows:
1
|
Get-PhysicalDisk
|
Using Get-Disk
For information about disks available to the system:
1
|
Get-Disk
|
Using Get-NetAdapter
For detailed network adapter information:
1
|
Get-NetAdapter
|
Each of these cmdlets will provide you with a wealth of data, and you can use filtering and selection techniques to narrow down the output to the specific information you need. Use the Select-Object cmdlet to choose specific properties, such as:
1
|
Get-CimInstance -ClassName Win32_Processor | Select-Object Name, NumberOfCores, NumberOfLogicalProcessors
|
These examples should give you a good starting point for retrieving hardware information using PowerShell.
What is the Set-ExecutionPolicy command in PowerShell?
The Set-ExecutionPolicy command in PowerShell is used to change the execution policy for the shell sessions on a Windows system. The execution policy determines the conditions under which PowerShell scripts are allowed to run. It is a security feature that helps prevent the execution of malicious scripts.
PowerShell supports several execution policies:
- Restricted: This is the default setting which does not allow any scripts to run. It's the most secure setting but limits the functionality for script users.
- AllSigned: Requires that all scripts and configuration files be signed by a trusted publisher, even on the local system.
- RemoteSigned: Allows scripts to run if they are created locally (and not downloaded from the internet) or if they are digitally signed by a trusted publisher. This is often a preferred setting for security without too much inconvenience.
- Unrestricted: Scripts can run without any restrictions but might prompt for confirmation before running any script downloaded from the internet.
- Bypass: No restrictions at all, and PowerShell won't block any scripts or prompt any warnings. Useful for programmatic control without interruption, but it should be used with caution.
- Undefined: The execution policy is not set in the current scope, which effectively means "Restricted" for the local computer scope.
Here's how you might use the Set-ExecutionPolicy command:
1
|
Set-ExecutionPolicy RemoteSigned
|
This command sets the execution policy to RemoteSigned, allowing locally-created scripts to run, and only requiring signatures for scripts downloaded from the web.
It's important to run PowerShell as an administrator to change the execution policy. Moreover, any change in execution policy must be made with an understanding of the security implications, as more permissive policies can expose the system to risks.
You can check the current execution policy by running:
1
|
Get-ExecutionPolicy
|
And to view all the policies for different scopes, you can use:
1
|
Get-ExecutionPolicy -List
|
Always ensure that you set an execution policy that best fits your balance of security and utility needs.
What is PowerShell's Get-EventLog cmdlet used for?
PowerShell's Get-EventLog cmdlet is used to retrieve and display entries from the event logs on local or remote computers. Event logs are collections of event information from Windows operating systems, which can include details about system, security, application, and other events that occur on a computer.
Here are some key features and uses of the Get-EventLog cmdlet:
- Fetching Log Entries: It allows users to fetch entries from specific event logs such as "Application", "System", "Security", etc.
- Filtering Based on Time Frame: You can specify a date range to view logs from a particular time frame using parameters like -After and -Before.
- Filtering by Entry Types: It can filter logs by entry types such as "Error", "Warning", "Information", etc.
- Searching by Source: It allows you to filter logs based on the source of the events, such as a specific application or system component generating the events.
- Remote Access: You can retrieve event logs from remote computers by using the -ComputerName parameter.
- Paging and Limiting Results: The cmdlet provides options to limit the number of results or to skip a number of entries, useful for paging through large sets of event data.
- Viewing Log Details: Retrieves detailed information about each log entry, including event ID, time of occurrence, source, message, user, and other details.
- Legacy Support: Get-EventLog is more suited for older event logs on legacy systems. For newer Windows systems that use the newer Windows Event Log technology, you may want to use the Get-WinEvent cmdlet instead.
The typical syntax for using Get-EventLog might look something like this:
1
|
Get-EventLog -LogName Application -Newest 10
|
This example retrieves the ten most recent entries from the Application event log.
While powerful and useful, Get-EventLog is considered somewhat limited for newer systems due to its inability to handle the XML query language used by the newer event logging system, hence the recommendation to use Get-WinEvent for newer and more complex needs.
How to enable PowerShell remoting?
Enabling PowerShell remoting involves setting up a computer to receive PowerShell commands from another computer over the network. This is particularly useful for managing remote systems. Here are the steps to enable PowerShell remoting:
Prerequisites
- You need administrative privileges.
- The computers should be in the same domain or properly configured for remote communication.
Enabling PowerShell Remoting
- Open PowerShell as Administrator: Search for "PowerShell" in the Start menu. Right-click on "Windows PowerShell" and select "Run as administrator."
- Enable Remoting: Run the following command: Enable-PSRemoting -Force This command does several things: It starts the WinRM service. Sets the service startup type to Automatic. Creates a listener for HTTP which listens on all IP addresses. Enables a firewall exception for WS-Management communications.
- Verify the Listener: To ensure the listener is active, you can run: Get-WSManInstance -ResourceURI winrm/config/listener -Enumerate Look for entries related to HTTP and HTTPS.
- Configure Trusted Hosts (if necessary): If the computers are not in a domain, you need to set up trusted hosts: Set-Item wsman:\localhost\Client\TrustedHosts -Value "RemoteComputerName" -Concatenate Replace "RemoteComputerName" with the name or IP address of the remote computer.
- Test the Configuration: You can test whether remoting is working by running the following from another PowerShell session on the remote computer: Test-WsMan RemoteComputerName Replace "RemoteComputerName" with the appropriate name or IP.
Security Considerations
- HTTPS Listener: For added security, especially when remoting over untrusted networks, consider creating an HTTPS listener.
- Firewall Rules: Ensure that your firewall allows traffic on port 5985 for HTTP and 5986 for HTTPS.
- Limited Access: Only enable PowerShell Remoting on systems and for users who genuinely need this access.
Disabling Remoting
- If you wish to disable PowerShell remoting, you can use: Disable-PSRemoting -Force
Enabling PowerShell remoting provides a powerful way to manage systems remotely, but it's critical to balance functionality with security by following best practices and ensuring your network is securely configured.
