PowerShell: Where do I start?

Published on
25,599 Points
10 Endorsements
Last Modified:
Community Pick
This article is intended to be a 2 part Primer to get someone up and running quickly and efficiently in Powershell, but also including small useful tips that you might not find elsewhere.  

One of the things I see often is people starting out using Powershell, and not realizing what’s out there to help.  My main job is to manage both Servers and Users in our domain.  If you manage Servers and Users for a living, this article might just make your life a whole lot easier.

If you haven't read the article: http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/Windows_Server_2008/A_3296-The-Absolute-Beginner's-Guide-to-Powershell.html you should before continuing on with this one.  It's a great basic explanation of the structure of Powershell and will guide you well in your journey to becoming proficient with Powershell.

Powershell Part 1:
You’ve downloaded Powershell, and set the execution policy to unrestricted.  Now what?  You will need to get a few prerequisites installed to make your job easier: Quest AD CMDlets from www.quest.com and if you’re running an Exchange 2007 or 2010 environment, you’re going to want to install the Exchange Management console on your work computer.  The goal is to never have to remote into any servers to get any management done.  You can do it all from your workstation.

Powershell Part 2:
You’ve installed all of the pre-requisites and you’re wanting to help out your team by being there in a flash to help them out.  Here are some things you can work on developing that are fairly easy:
An administration script to manage users and do simple functions like unlock accounts, reset passwords, and check on an account to see if it’s been created yet
A script to create a user in Powershell while putting a static value in for everything that doesn’t change from user to user like logon scripts, expiration date, and default password
A startup script
Let me go in detail with some examples and why they are important:

Administration Script
When a user walks into your office or calls you up on the phone, they want to be fixed quickly, efficiently, and most importantly correctly.  How often have you reset someone’s password to the wrong password and had to reset it again causing more work?  How often have you fumbled to bring up Active Directory Users and Computers, Right-Clicked on the domain, hit find, put in the user’s name, and finally realize that the user isn’t locked out and they’ve been staring at you the entire time while you were wasting theirs?  

This can all be alleviated by an administration script.  Which also ties into the Startup script.

Your first script that runs on Powershell is actually a file called “Microsoft.Powershell_profile.ps1” if it is available to your profile.  All you need to do is create a folder in your “my documents” folder called WindowsPowershell, and then create a text file in that folder with the name above.

This script is your lifeblood.  It sets up the playing field evenly between the members of your team and allows everyone to fix things quickly and efficiently.  The first thing they should be reaching for is that toolkit with the ability to unlock that user.  I recommend leaving the Admin script up in the background when you’re using your computer ready and waiting for your commands.

Recommended: Create startup script that installs the Quest Active Directory CMDLets and installs the Exchange Management Console.  Lastly, the admin script is ran.
#Leave any comments with the # sign
#Install Quest Active Directory CMDLets
Write-Host “Installing Quest Active Directory Tools.  Please wait…”
Add-PSSnapin Quest.ActiveRoles.ADManagement
Write-Host “Installing Exchange Management Tools.  Please wait…”
Add-PSSnapin Microsoft.Exchange.Management.Powershell.Admin
#Next line is to change directory to your scripts folder.  Recommend C:\Scripts
CD C:\Scripts
#Next line is to run your Admin script

Open in new window

First Admin Tool: Unlock User Account
The first script I made ever in Powershell for our domain was to create a new user.  The second script I created was an unlocking script.  I then refined it and created a pretty simple script that is very effective.
#This script unlocks a users account with the credentials of the user logged in
$name = Read-Host "Account Username or last name"
if ($Name.contains(".")) #Most user accounts are first.last
Unlock-QADUser "DOMAIN\$name"
$LastNameMatches = get-qaduser $Name
if ($LastNameMatches -eq $null){
Write-Host "No Matches Found!"
$Pause = Read-Host "Press Enter to Continue..."
	if ($LastNameMatches.count -gt "1"){
	Write-Host "Matches found:"
	$counter = [int]0
	foreach ($Name in $LastNameMatches){
		$Description = $name.description
		$UnlockStatus = $Name.accountislockedout
		Write-Host "$counter : $Name - $Description - Locked Out: $UnlockStatus"
	$Selection = Read-Host "Select a user by number only"
	$user = $lastnamematches[$selection]
	unlock-qaduser $user
	Write-Host "Unlocked $User"
	unlock-qaduser $LastNameMatches
	Write-Host "Unlocked $LastNameMatches"
	}#end if

	} #end if

}#end if

$Pause = Read-Host "Press Enter to Continue..."

Open in new window

You can do the same thing for a reset password script or a Disable/Enable User script.

Here's the code that I've written for my Admin Script:

Do  #Ensures user has input a proper value
"Welcome to the Account Administration Script"
Write-Host "Pick from the following options" -foreground "yellow"
"1. Create New Account" 
"2. Unlock Account"
"3. Reset Account Password"
"4. Enable/Disable Account"
"5. Account Status"

[int]$strChoice = Read-Host "Enter Choice(1-5)"
	if ($strChoice -eq ""){$strChoice = 1}
} #end do for Description

While (($strChoice -lt 1) -or ($strChoice -gt 5))#-gt means Greater Than as opposed to '>' symbol
#Depending on what user inputs, chooses the proper assignment of variable
    Switch ($strChoice) 
            1 {.\accounts.ps1}
            2 {.\Unlock.ps1}
            3 {.\ResetPW.ps1}
            4 {.\EnableAccount.ps1}
            5 {.\StatusAccount.ps1}
            Default {.\Accounts.ps1}
        } #end Switch Statement

Open in new window

We live in the time of Google, so I’m not really doing anything but putting all the information into one place up until this point in this article.

Lastly, there is something that I’ve cooked up that I haven’t seen from anyone yet.  I created the system because we had issues when someone would update a script, not everyone would get the update due to various reasons.  Not everyone on your team codes Powershell.  They don’t know how to troubleshoot error codes like you do.  They don’t know how to go into the script and make the necessary changes.  When you make changes to your scripts, sometimes it’s not just updating the menu.  Sometimes your OU structures get changed and your scripts have to be changed accordingly.  Sometimes you get a stoke of genius at midnight and feel compelled to create a new script and add it to your admin toolbox, but no one else has the time to add their new code to their admin toolbox or add the new script to their own computer.  Maybe you create a better startup script and want to give that to your teammates to help them stay ahead of the customer.  Whatever your reasons, it’s always important to have a way of updating scripts for other people.  

Since I’m the only Powershell guy on my team, I’m forced to either send an email out with simple instructions or manually remote into their C:\ drive and replace it on their computer.  It’s not as quick and easy as a script, that’s for sure.

If you are interested in how to update your scripts across multiple machines and team members, the article is now published and ready to view.  It's geared towards those that are more familiar with Powershell, but can be implemented by anyone.  If you liked this article, be sure and recommend it to others and mark it as helpful.  If you're trying to implement this into your environment and are having any issues, please feel free to comment on this article.
Author:Dale Harris
Ask questions about what you read
If you have a question about something within an article, you can receive help directly from the article author. Experts Exchange article authors are available to answer questions and further the discussion.
Get 7 days free