Systems admins managing Windows clients should brush up on these PowerShell cmdlets when performing common administrative tasks on their domain-connected devices.
Seasoned admins have their Windows management tasks down pat—they probably have a variety of scripts or processes in place to handle common issues that afflict clients regularly without breaking a sweat. While many of these tried-and-true fixes work beautifully right now, Microsoft has made it clear that the future of systems management is aimed squarely at PowerShell (PS).
By aggressively integrating—and continuing to develop—support for just about all aspects of the OS and specialized applications Microsoft has written, it is the preferred tool for managing clients and servers moving forward. So much so that Microsoft purchased GitHub and made PowerShell open source, integrating the Linux Subsystem into PS (and vice-versa), allowing Windows admins to manage Linux devices and Linux admins to manage Windows clients.
SEE: Resolve IT issues quickly with these 10 PowerShell cmdlets (free PDF) (TechRepublic)
With that said, below are some common scenarios IT will encounter while managing Windows client devices and the PowerShell cmdlets that can be used to resolve the issues when they arise. The best part? These PowerShell cmdlets can be run remotely. Note: The PowerShell cmdlets may be locally inaccessible over the network; otherwise, they may be run remotely by enabling PowerShell Remoting from a command or via Group Policy .
How to join a device to the domain
New-ADComputer -Name ComputerName -Server DC.DomainName.ext -Path "OU=Computers,DC=Domain,DC=ext" -Enabled $True -Restart Force
How to fix a broken trust between devices and domain
Test-ComputerSecureChannel
If it comes back as True, the trust is intact; if it comes back as False, it needs to be repaired.
Test-ComputerSecureChannel -Repair -Credential
Sometimes the trust is fine, but the machine password is not and needs to be reset. The following command will accomplish that.
Reset-ComputerMachinePassword
How to check Active Directory replication status
To check the replication status for the domain, including last known synchronization:
Get-ADReplicationPartnerMetadata -Target "domain.ext" -Scope Domain
To obtain a list of replication failures for a given domain controller:
Get-ADReplicationFailure -Target DC.DomainName.ext
To obtain a list of failures for the forest:
Get-ADReplicationFailure -Target DomainName.ext -Scope Forest
How to modify network connection settings
To set the network settings, we must perform two cmdlets. The first one sets the IP-related settings on the active network card:
New-NetIPAddress -IPAddress XXX.XXX.XXX.XXX -DefaultGateway XXX.XXX.XXX.XXX -Prefixlength 24 -InterfaceIndex (Get-NetAdapter).InterfaceIndex
The second cmdlet sets the DNS Server settings on the active network card. Multiple servers may be included when separated with commas:
Set-DNSClientServerAddress -InterfaceIndex (Get-NetAdapter).InterfaceIndex -ServerAddress XXX.XXX.XXX.XXX, XXX.XXX.XXX.XXX
How to install managed Microsoft Store apps
For standalone apps:
Add-AppxProvisionedPackage -Online -FolderPath \\path\to\server\share\file.AppxBundle
For apps with dependencies (separated by comma):
Add-AppxProvisionedPackage -Online -FolderPath \\path\to\server\share\file.AppxBundle -DependencyPackagePath "\\path\to\server\share\file1.Appx", "\\path\to\server\share\file1.Appx" -SkipLicense
0 Comments