Servers2.3 - Registry and Power Shell
What file extension belongs to a PowerShell script?
.psl
What are the 5 root keys in the Windows Registry?
1) HKEY_LOCAL_MACHINE -Information on every hardware component in the server 2) HKEY_CURRENT_USER -Profile information about desktop configuration for user account currently in system. 3) HKEY_USERS -Profile information for each user who has signed in to the computer. 4) HKEY_CLASSES_ROOT -Holds data to associate file extensions with programs. EX: for a .jpeg file extension, this root key could control if it opens in Paint or in Photo Editor 5) HKEY_CURRENT_CONFIG -Information about the current hardware profile
What are some common system administration tasks that PowerShell can perform?
1) Post-installation tasks 2) View, install, and remove roles and features 3) Configure and troubleshoot the network and firewall settings 4) Manage services and processes 5) Perform remote administration of computers
There are 5 execution policies that must be configured in PowerShell before being able to execute scripts. What are they?
1) Restricted - will not run any scripts 2) AllSigned - runs scripts from a trusted publisher 3) RemoteSigned - runs scripts that are downloaded via Internet only 4) Unrestricted - runs all scripts (some confirmation still required) 5) Bypass - runs all scripts (no warnings)
What is a PowerShell provider?
A PowerShell plug-in that provides functionality within PowerShell or enables PowerShell to interact with other parts of the system.
In PowerShell, what does a function do?
A function allows for multiple cmdlets to be ran in a given command line.
PowerShell Syntax: What is the name of the following characters as input into the PowerShell CLI? A) >> B) ; C) | D) $_
A) (>>) shell output redirection B) (;) command chaining C) (|) piping command, sends information between cmdlets to build more complex commands. D) ($_) placeholder that references each object file that was sent over via the pipe.
Of the following examples of PowerShell providers, list what each of them can perform for the business (at a high level): A) Filesystem provider B) Variable provider C) Environment provider D) Alias provider E) Function provider F) Certificate provider G) Registry provider
A) Filesystem provider - default provider that serves up filesystem on device. B) Variable provider - works with user-defined variables that exist within Windows PowerShell session. C) Environment provider - Works w/ variables that are normally set within the Windows OS. D) Alias provider - used to view and manage aliases E) Function provider - used to view and manage functions within PowerShell F) Certificate provider - used to view and manage encryption certificates G) Registry provider - used to view and modify Windows Registry keys.
What can be created in PowerShell that is essentially a shortcut to running commands?
Alias An alias is a shortcut for scripting in PowerShell.
What is an exit status, and what does it display?
Exit Status- what is displayed after executing the calc.exe command. 0 - calc.exe was successfully executed non-zero #'s - denotes error messages
True or False: PowerShell is a CLI and provides the same functionality as command prompt.
FALSE - PowerShell is a CLI, but it has vastly greater capabilities than the command prompt. Admins can almost perform any admin task needed on the server from PowerShell.
Fill in the blank: Windows Registry is ______ in structure and is made up of keys, subkeys, and entries.
Hierarchical Keys > Subkeys > Entries
In PowerShell, what defines an object that can be used to control nearly every aspect of the Windows OS?
Objects have: 1) Attributes - properties that describe the object 2) Methods - things that the object can do. Allows for control of things like: 1) Processes 2) Files 3) Network Sockets
How do we account for the issue of alias and function commands (variables) being destroyed after a user exits their PowerShell session?
PowerShell Profile Script Where we place commands like alias and function, in our Windows account that is associated with given user when they open PowerShell sessions. *By default no profiles are configured.
Poll Question: Which Server 2019 tool scans system files for integrity issues and replaces damaged files with the proper version?
System File Checker *Sigverif only checks for files that have the proper signature associated with them. It doesn't take that next step in actually replacing the files.
True or False: PowerShell scripts can contains both Windows commands and PowerShell cmdlets.
TRUE This also includes the ability to reuse PowerShell in different situations.
True or False: PowerShell has a capability to modify the output of a given command, into a format of our designation via command line.
TRUE 1) Format-Table*/gridView 2) -recurse 3) Sort-Object 4) Group-Object 5) ConverTo - Converts to given format 6) Export-CSV to output csv file *Format-Table is default format for cmdlets in PowerShell
True or False: A PowerShell script can be ran outside of PowerShell.
TRUE PowerShell can be run in the Windows CMD window and can supply script path as an argument.
True or False: Cmdlets are case-insensitive.
TRUE - Ex: 'Get-Host' and 'get-host' would query the same product.
What is the name of the database that contains all information the OS needs about the entire system, including hardware and software?
The Windows Registry
When a PowerShell script is executed in which direction is the command executed?
Top-to-bottom Which, is why we can have multiple lines of code in PowerShell.
What is WMI namespace?
Used to represent different types of WMI data. Similar to the same way a cabinet organizes files. CIMVv2 - WMI namespace, which can query the hardware and software components on systems as well as modify software components as necessary.-
In general, which 2 object types do the Registry's root keys affect?
User and Computer object types; AKA: Everything in the registry is pertinent to either that specific individual logged in and their settings, or that given client devices settings.
Fill in the Blank: A _____ is destroyed when a user exits Windows PowerShell.
Variable A variable is an area of storage within memory in current PowerShell Session. Variables are destroyed after sessions of PowerShell are closed.
Poll Question: Which term refers to disk storage used to expand the capacity of the physical RAM?
Virtual Memory - Copying memory out of RAM and writing it to disk, as we are out of physical RAM.
What is WMI and what are some components of it?
WMI - Windows Management Instrumentation Allows programs and system software to query hardware and software on Windows computer. Can be used to check status's/notifications, etc. Component 1 - WMI Consumers The programs and system software that can query WMI. Component 2 - WMI Infrastructure The components that are built into the OS that respond to WMI queries.
Poll Question: You want to manage your Windows 2019 Server from your MacBook, what tool can you use?
Windows Admin Center (Browser-based)
Poll Question: Which term refers to a database containing all information the operating system needs about hardware and software?
Windows Registry
What component must be enabled in order to run remote management in Windows PowerShell remotely?
winRM component.