1
00:00:01,040 --> 00:00:01,570
Next,

2
00:00:01,570 --> 00:00:05,100
let's turn our attention to running commands. As I

3
00:00:05,100 --> 00:00:06,540
showed you in the slides, really,

4
00:00:06,540 --> 00:00:09,340
all you need to do is once you know the command is just type

5
00:00:09,340 --> 00:00:12,910
it out and hit Enter. And I can, in this case, get all the

6
00:00:12,910 --> 00:00:16,100
processes on my computer. Now,

7
00:00:16,100 --> 00:00:20,550
in order to demonstrate some of these commands and the concepts and techniques,

8
00:00:20,550 --> 00:00:24,650
I'm going to use a command called Get‑Vegetable.

9
00:00:24,650 --> 00:00:26,480
Now, this is a command that I wrote,

10
00:00:26,480 --> 00:00:30,400
and it is part of a module called PS Teaching Tools,

11
00:00:30,400 --> 00:00:34,230
which you can install from the PowerShell gallery in the download

12
00:00:34,230 --> 00:00:36,840
materials. There's notes on how you can do that.

13
00:00:36,840 --> 00:00:43,740
I find that using a non‑technical example, like vegetable, sometimes

14
00:00:43,740 --> 00:00:48,880
helps a great deal in letting you focus on the techniques and concepts

15
00:00:48,880 --> 00:00:52,740
without getting hung up on the underlying technology, so you're not

16
00:00:52,740 --> 00:00:58,870
looking at services or user accounts or processes. We're just taking

17
00:00:58,870 --> 00:01:02,610
something generic and focusing on the concept. Because once you apply

18
00:01:02,610 --> 00:01:03,200
the concept,

19
00:01:03,200 --> 00:01:05,860
it doesn't matter whether we're applying it to vegetables, this

20
00:01:05,860 --> 00:01:09,120
fake object that I'm creating, or services.

21
00:01:09,120 --> 00:01:12,010
The concepts apply across PowerShell.

22
00:01:12,010 --> 00:01:13,410
Get some noun,

23
00:01:13,410 --> 00:01:17,100
so we get a verb, get, and a singular version of the thing we

24
00:01:17,100 --> 00:01:20,240
want to imagine, in this case, vegetables.

25
00:01:20,240 --> 00:01:20,710
There we go.

26
00:01:20,710 --> 00:01:25,320
So there's my default output. So I can do Get‑Vegetable, and I can

27
00:01:25,320 --> 00:01:28,930
also look for help on how to run this command.

28
00:01:28,930 --> 00:01:32,980
So you can see there are just a couple of parameters there, name, and

29
00:01:32,980 --> 00:01:39,260
whether it's a root only. So I could Get‑Vegetable ‑name corn.

30
00:01:39,260 --> 00:01:41,680
Remember, parameters, dash, the name of the

31
00:01:41,680 --> 00:01:48,080
parameter, a space, and then the value, and they were just the corn vegetables.

32
00:01:48,080 --> 00:01:51,140
Now that RootOnly parameter that you see up there,

33
00:01:51,140 --> 00:01:52,930
notice there's no value after that.

34
00:01:52,930 --> 00:01:55,040
That means it is a switch.

35
00:01:55,040 --> 00:01:58,790
I only have to use that parameter in order, in a

36
00:01:58,790 --> 00:02:00,780
sense, to turn that on in the command.

37
00:02:00,780 --> 00:02:03,990
You don't have to worry about what it's doing under the hood; the

38
00:02:03,990 --> 00:02:06,120
help will tell you. And in this case, it will say,

39
00:02:06,120 --> 00:02:10,440
hey, only show me vegetables that are classified as root vegetables.

40
00:02:10,440 --> 00:02:14,120
So if I run that here, and sure enough,

41
00:02:14,120 --> 00:02:21,400
those as far as I know are root vegetables. All commands have the verbose

42
00:02:21,400 --> 00:02:24,660
parameter because that's one of the common parameters.

43
00:02:24,660 --> 00:02:25,480
However,

44
00:02:25,480 --> 00:02:28,400
that parameter won't do anything unless the command has

45
00:02:28,400 --> 00:02:30,360
been coded to do something with it.

46
00:02:30,360 --> 00:02:34,580
So in my case, Get‑Verbose shows me a command that

47
00:02:34,580 --> 00:02:38,140
found 17 items, it's processing, and then it's ending.

48
00:02:38,140 --> 00:02:42,640
Not every command will do that; you won't know until you try.

49
00:02:42,640 --> 00:02:47,150
So now that we understand kind of the concepts from that generic command,

50
00:02:47,150 --> 00:02:50,340
let's go into PowerShell and try the same things.

51
00:02:50,340 --> 00:02:55,060
So let's use Get‑Service and let's find all of the services that

52
00:02:55,060 --> 00:03:00,280
start with win, and I'll use verbose just to show you that in

53
00:03:00,280 --> 00:03:01,800
this case it doesn't do anything.

54
00:03:01,800 --> 00:03:07,440
It doesn't hurt anything, but it also doesn't give me any added value.

55
00:03:07,440 --> 00:03:12,140
Now, some parameters, as I mentioned, in PowerShell are positional.

56
00:03:12,140 --> 00:03:16,730
If I do Get‑Service win*, PowerShell assumes that whatever I

57
00:03:16,730 --> 00:03:22,440
put immediately after the cmdlet name, I must mean the name parameter.

58
00:03:22,440 --> 00:03:23,180
And sure enough,

59
00:03:23,180 --> 00:03:27,760
that's what happens. Now you can see this in the help, if I do

60
00:03:27,760 --> 00:03:32,480
Help on Get‑Service and look at that name parameter, you can

61
00:03:32,480 --> 00:03:36,940
see there that it is not required, which means it's not mandatory,

62
00:03:36,940 --> 00:03:41,650
and it has a position of 0, meaning it's the first position.

63
00:03:41,650 --> 00:03:44,680
If it was required, it would be named.

64
00:03:44,680 --> 00:03:45,850
Let me show you that.

65
00:03:45,850 --> 00:03:51,240
Let's look at another parameter, requiredServices.

66
00:03:51,240 --> 00:03:52,750
There you can see that position.

67
00:03:52,750 --> 00:03:54,300
See, it says named.

68
00:03:54,300 --> 00:03:59,080
So if I wanted to use this parameter, I actually have to type it out.

69
00:03:59,080 --> 00:04:03,640
And in this case, I kind of have to type it out anyway because it is a switch.

70
00:04:03,640 --> 00:04:07,340
So I can do get service bits, so bits is the value for

71
00:04:07,340 --> 00:04:10,340
the name parameter which is positional.

72
00:04:10,340 --> 00:04:12,180
So I don't have to type ‑name,

73
00:04:12,180 --> 00:04:17,160
but I do need to type ‑RequiredServices if I want to use that parameter.

74
00:04:17,160 --> 00:04:22,940
So this is showing me all the required services that bits needs.

75
00:04:22,940 --> 00:04:23,530
All right,

76
00:04:23,530 --> 00:04:27,760
let's look at processes, just because there's some interesting

77
00:04:27,760 --> 00:04:31,040
things here to show you in terms of parameters.

78
00:04:31,040 --> 00:04:32,790
So I do help Get‑Process.

79
00:04:32,790 --> 00:04:36,340
You can see there are a number of ways that I can get

80
00:04:36,340 --> 00:04:41,840
a process, by name or process ID.

81
00:04:41,840 --> 00:04:45,660
So I'm going to try get‑process. $pid is a built‑in

82
00:04:45,660 --> 00:04:50,400
variable that shows you the current process ID of your

83
00:04:50,400 --> 00:04:53,590
PowerShell session. And that failed.

84
00:04:53,590 --> 00:04:55,790
But I see there there's Get‑Process,

85
00:04:55,790 --> 00:04:59,880
and I should be able to give it the Id. How come that didn't work? Well,

86
00:04:59,880 --> 00:05:02,720
if we come back here and look at help on get‑process

87
00:05:02,720 --> 00:05:07,270
and look at that Id parameter, you can see its position.

88
00:05:07,270 --> 00:05:08,200
It's named.

89
00:05:08,200 --> 00:05:11,080
I have to specify and tell PowerShell, hey,

90
00:05:11,080 --> 00:05:14,330
you need to use the Id parameter so that it knows what

91
00:05:14,330 --> 00:05:19,040
that value $pid what it goes to.

92
00:05:19,040 --> 00:05:23,760
So if I rerun the command and use ‑id and give it the value, now

93
00:05:23,760 --> 00:05:26,120
that works, and that's what I am expecting.

94
00:05:26,120 --> 00:05:29,990
So you have to be in the habit of reading the help so that you

95
00:05:29,990 --> 00:05:32,960
totally can understand what PowerShell is doing,

96
00:05:32,960 --> 00:05:37,140
why things work, or, more importantly, why things sometimes don't work.

97
00:05:37,140 --> 00:05:41,710
Look here then now at some mandatory parameters. If I run

98
00:05:41,710 --> 00:05:47,040
Get‑CimInstance and just stop it by itself,

99
00:05:47,040 --> 00:05:49,010
I get prompted, because it says, hey,

100
00:05:49,010 --> 00:05:53,510
there needs to be a ClassName for this command.

101
00:05:53,510 --> 00:05:58,140
I need to know what types of CimInstance information do you want me to get.

102
00:05:58,140 --> 00:06:01,380
So I'm just going to hit Enter just to get the error message, hey,

103
00:06:01,380 --> 00:06:06,140
you have to give me something. Okay, and let's go back and look at help.

104
00:06:06,140 --> 00:06:09,040
And I used wildcards here because I want to show you a couple things here.

105
00:06:09,040 --> 00:06:12,560
The ClassName is required and it's positional,

106
00:06:12,560 --> 00:06:12,900
which means,

107
00:06:12,900 --> 00:06:18,070
right, I don't have to specify, I don't have to type the ‑ClassName

108
00:06:18,070 --> 00:06:23,860
parameter. ComputerName, if we scroll down here, is not required,

109
00:06:23,860 --> 00:06:28,310
but it is a named parameter. So if I want to use it,

110
00:06:28,310 --> 00:06:31,740
I have to include the parameter name.

111
00:06:31,740 --> 00:06:36,740
So let's kind of put these things together here. Let's do Get‑CimInstance

112
00:06:36,740 --> 00:06:42,340
and get the win32_operating system for the localhost.

113
00:06:42,340 --> 00:06:46,670
And I'm going to throw in verbose output just because to show you, this

114
00:06:46,670 --> 00:06:50,610
particular cmdlet does have verbose output, and it will give you some

115
00:06:50,610 --> 00:06:54,740
additional information which may be of value to you.

116
00:06:54,740 --> 00:06:55,410
So there we go.

117
00:06:55,410 --> 00:07:02,040
So the ClassName is positional, no parameter name, but ComputerName is

118
00:07:02,040 --> 00:07:06,240
required. I have to specify that parameter if I want to do it.

119
00:07:06,240 --> 00:07:10,640
If I just ran that command without ‑ComputerName and just put in localhost,

120
00:07:10,640 --> 00:07:14,890
PowerShell would not know what parameter that belongs to.

121
00:07:14,890 --> 00:07:27,000
And I probably would be getting an error. Help again. That is the answer to figuring out why things work or why things won't work.