Qamba Knowledge Base

PowerShell Commands for IT Helpdesk Staff

You are here:

Please Note:
Unlike many of the articles on this site, this article is written for “IT people” and relates to technical subject matter.
Only follow the below info if suitable to your specific situation and you understand and accept all risk.

Powershell’s not just for System Administrators, Software Developers, Scripters or those who manage your RMM tools. It can and should be used to make helpdesks & service desk staff more efficient.

You don’t need to know how to write complex scripts or read “PowerShell in a month of lunches” to start gaining benefits of PowerShell. You just need to know and try out a few simple commands that can save a lot of time compared to going through the graphical user interface. You can collect useful commands in a note or template out changes before they are requires and simply paste the command into PowerShell.

The below commands will need to be run on a server that relates to what you are doing, running Active directory commands on a server that is not a domain controller won’t work. Also some command may need you to run PowerShell as admin, depending if they need that level of permission or not.

Active Directory Commands

Check to See if a users account is expired or locked out:
Search-ADAccount -PasswordExpired
Search-ADAccount -LockedOut

The above will quickly list all account that have passwords expired or locked out, so you can quickly know if that’s t
he issue or not

Unlock an Account:
Unlock-ADaccount -identity "USERNAME"
Replace username with the username of the account you are targeting.

Unlock multiple accounts:
search-adaccount -lockedout | out-gridview -passthru | unlock-adaccount
This will display all locked out accounts in a nice list, you can then apply a filter and any remaining accounts will be unlocked once you press ok.

Reset a Password:
Set-ADAccountPassword USERNAME -NewPassword (Read-Host "Enter the new password" -AsSecureString) –Reset
Reset a password and force user to set a new one on next login, this will prompt you for the password, replace USERNAME with the user you want to target. Remove the -reset if you don’t want to force the user to change the password on their next logon.

Sync Account changes in Active Directory with Azure AD :
Start-ADSyncSyncCycle -PolicyType Delta
Sick of waiting for a password change or newly created account to sync up with your Microsoft 365 tenancy. Run this to start the sync straight away instead of the usual once every 30 minutes delay.

Add a user to a Active Directory Group:
Add-ADGroupMember -Identity 'GROUPNAME' -Members 'USERNAME','USERNAME2'
Replace Groupname and Usernames, you can add extra users by adding a comma and then listing multiple users.

Software Documentation

Remove all TeamViewer installs, you can change this to other software instead of TeamViewer but not all support this uninstall method, and make sure to test.
Get-WmiObject -Class Win32_Product -Filter "Vendor LIKE 'TeamViewer' " | Foreach { ($_).uninstall() }

List all Installed 32bit software:
Get-ItemProperty HKLM:\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\* | Select-Object DisplayName, DisplayVersion, Publisher, InstallDate 

List all Installed 64bit software:
Get-ItemProperty HKLM:\Software\Microsoft\Windows\CurrentVersion\Uninstall\* | Select-Object DisplayName, DisplayVersion, Publisher, InstallDate | Where-Object Displayname -notlike ""

List all installed software:
$Software_List = @(); $Software_List += Get-ItemProperty HKLM:\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\* | Select-Object DisplayName, DisplayVersion, Publisher, InstallDate; $Software_List += Get-ItemProperty HKLM:\Software\Microsoft\Windows\CurrentVersion\Uninstall\* | Select-Object DisplayName, DisplayVersion, Publisher, InstallDate ; $Software_List

List all installed AppXpackages for all Users
Get-AppxPackage -AllUsers

Local Computer Commands

List all local user accounts:
Get-LocalUser

Get useful info on Computer:
get-ComputerInfo

Same as above but with less details:
Get-ComputerInfo CsName,WindowsProductName,CsDomain,CsProcessors,LogonServer,OsVersion,BiosReleaseDate

Download a file from a known URL to C:\temp\ and Rename it:
Invoke-WebRequest 'https://www.dropbox.com/download?os=win' -OutFile 'c:\temp\DropboxInstaller.exe'

Empty Recycling Bin for C:
Clear-RecycleBin -force -driveletter C

List Important Computer Information:
Get-computerinfo

Get printer information:
Get-Printer

Rename a computer and restart it:
Rename-Computer -newname DESKTOPNAMEHERE -Restart

Restart the Print Spoolter Service:
Restart-Service -Name Spooler

Restart a computer or shut it down
Restart-Computer
Stop-Computer

Force an immediate restart:
Restart-Computer -Force

List all processes that contain a specific word.
get-process | where-object name -like "*word*"
Replace the text ‘word’ to what you are looking for.

Stop all process that contain a specific work (be careful with this command):
get-process | where-object name -like "*word*" | stop-process
Strongly recommend you run the command without the ‘| stop-process’ part first to confirm what will be stopped.

Find all file paths longer than 220 characters in current folder (Use set-location (or ‘cd’) to select the folder first)
(get-Childitem -Recurse).fullname | Where-Object length -gt 220

Event log commands

Find reason for unexpected shutdown on a server
Get-EventLog -LogName system -Source user32 | Select-Object TimeGenerated, Message | Sort-Object message

Get the last 100 events in the system log
Get-EventLog -LogName system -Newest 100

Networking Commands

Test basic connectivity to a device or the internet
Test-connection google.com
Test-connection 10.1.1.1

Clear DNS Cache
Clear-DnsClientCache

Check if domain computers domain trust is working, and repair it.
Test-ComputerSecureChannel

Repair domain computers domain trust.
Test-ComputerSecureChannel -Repair

Check if an outbound port is open
Test-NetConnection -Port 80

Getting the Output

You can combine multiple PowerShell commands to format the output or place it in a file (or your clipboard).
Add the following to any PowerShell command with an text output to save even more time:

Put the output into the clipboard
| Clip
E.g. get-printer | clip

This will mean you don’t need to highlight and copy the output, PowerShell will put it straight into your clipboard.

Format the output as a List or a table
| Format-List
| Format-Table
e.g. Get-Printers | Format-List

This will change how the output is formatted, most commands will show either a list or a table, you can use this to reformat it.

Save output to a file
| Out-FIle C:\temp\PowershellOutput.txt
e.g. Get-Service | Out-FIle C:\temp\PowershellOutput.txt
Will save the output to a file.

View the Output in filterable and sortable list
| Out-Gridview
e.g. Get-Service | Out-Gridview

Further Reading

Table of Contents