==== Windows Powershell ====

Function: Systeminfo
Usage: systeminfo

Function: Check Uptime
Usage: Get-CimInstance Win32_OperatingSystem | Select-Object LastBootUpTime

Function: Check MSSQL Cluster Status

Function: Output services set to Automatic
Usage: Get-WmiObject -Class Win32_Service | Select-Object Name,State,StartMode | Where-Object {$_.StartMode -eq "Auto"}      

Function: Install from URL
Usage: mkdir c:\temp
invoke-webrequest -uri https://example.com/swap.ps1 | out-file c:\temp\swap.ps1
powerhell.exe c:\temp\swap.ps1

Function: Check Connection to BigFix Download
Usage: Test-NetConnection -ComputerName "example.com" -InformationLevel "Detailed"
test-netconnection -port 443

Function: Check for Active Connections
Usage: netstat | select-string 9997, 8089

Function: Check Disk Space
Usage: Get-WmiObject -Class Win32_logicaldisk

Get-WmiObject -Class Win32_logicaldisk | 
Select-Object -Property DeviceID, DriveType, VolumeName, 
@{L='FreeSpaceGB';E={"{0:N2}" -f ($_.FreeSpace /1GB)}},
@{L="Capacity";E={"{0:N2}" -f ($_.Size/1GB)}}

Function Get-DiskSize {
  $Disks = @()
  $DiskObjects = Get-WmiObject -namespace "root/cimv2" -query "SELECT Name, Capacity, FreeSpace FROM Win32_Volume"
  $DiskObjects | % {
    $Disk = New-Object PSObject -Property @{
      Name           = $_.Name
      Capacity       = [math]::Round($_.Capacity / 1073741824, 2)
      FreeSpace      = [math]::Round($_.FreeSpace / 1073741824, 2)
      FreePercentage = [math]::Round($_.FreeSpace / $_.Capacity * 100, 1)
    $Disks += $Disk
  Write-Output $Disks | Sort-Object Name
Get-DiskSize | ft Name,@{L='Capacity (GB)';E={$_.Capacity}},@{L='FreeSpace (GB)';E={$_.FreeSpace}},@{L='FreePercentage (%)';E={$_.FreePercentage}}

Function: Memory Averages (Unavailble AWS Metric Metric):
Usage: Get-WmiObject win32_OperatingSystem |%{"Total Physical Memory: {0}KB`nFree Physical Memory : {1}KB`nTotal Virtual Memory : {2}KB`nFree Virtual Memory  : {3}KB" -f $_.totalvisiblememorysize, $_.freephysicalmemory, $_.totalvirtualmemorysize, $_.freevirtualmemory}

Function: See top files
Usage: While in the C:\ drive

Function: Check Update History
Usage: wmic qfe list

Function: Less Detail Update History
Usage: get-wmiobject -class win32_quickfixengineering
Get-Hotfix -id kb----
Get-Hotfix -id KB5004244

Function: Get File Listing
Usage: $path = "C:\Windows\System32\config\systemprofile\AppData\Local\ScaleFT"
Get-ChildItem -Path $path | Format-Table

Function: Read File
Usage: get-content -path "C:\Program Files\SplunkUniversalForwarder\etc\apps\adc_deploymentclient\local\deploymentclient.conf" -tail 5

Function: Start Service
Usage: start-service SplunkForwarder

Function: Get IIS Version
Usage: C:\Windows\system32> Get-ItemProperty -Path registry::HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\InetStp\ | Select-Object

Function: Magic run command for if you get a "dcsadmin user is disabled" when trying to RDP
Usage: enable-adaccount -identity dcsadmin

Function: Is mcfee installed?
Usage: Get-ItemProperty HKLM:\Software\Microsoft\Windows\CurrentVersion\Uninstall\* |  Select-Object DisplayName, DisplayVersion, Publisher, InstallDate | Where-Object {$_.DisplayName -like "McAfee*"}

Function: SSM Permissions

Function: Logout Windows Users
Usage: query session to list off sessions
logoff # to log them off

Function: Get Log File Last 40 lines
Usage: gc 'C:\Program Files (x86)\BigFix Enterprise\BES Client\__BESData\__Global\Logs\20210401.log' | select -Last 40 

Function: Set Time Sync TIme
Usage: Press Windows key + X and select Command prompt(Admin).
Type each one of the command below and press enter.

net stop w32time
w32tm /unregister
w32tm /register
net start w32time
w32tm /resync

Function: Set Password
Usage: net user USERNAME NEWPASS
$Password = Read-Host -AsSecureString
$UserAccount = Get-LocalUser -Name "User02"
$UserAccount | Set-LocalUser -Password $Password

Function: What caused Reboot?
Usage: Get-WinEvent -FilterHashtable @{logname = 'System'; id = 1074} | Format-Table -wrap

Function: Check for live certificates
Usage: gci Cert:\CurrentUser\AuthRoot
Function: Add Certificate File
Usage: $certfile = 'c:\windows\temp\cert.pem'
Import-Certificate -FilePath $certfile -CertStoreLocation Cert:\LocalMachine\Root

Function: Get DNS 
Usage: Get-DnsClientServerAddress

Function: TLS (Download stubbarnly)
Usage: [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Ssl3, [Net.SecurityProtocolType]::Tls, [Net.SecurityProtocolType]::Tls11, [Net.SecurityProtocolType]::Tls12 

invoke-webrequest -usebasicparsing -uri https://example.com/kb5004859.msu | out-file c:\Windows\Temp\kb5004948.msu

Function: All else fails transfer
Usage: start-bitstransfer -source "https://example.com/kb5004859.msu" -destination c:\Windows\Temp\kb5004859.msu

Function: Disable a service
Usage: Stop-Service -Name Spooler -Force
Set-Service -Name Spooler -StartupType Disabled

Function: Set AD Password
Usage: Set-ADAccountPassword -Identity Administrator -Reset -NewPassword (ConvertTo-SecureString -AsPlainText "myNewPassword" -Force)
C:\Windows\system32> $password = Read-Host "Enter the new password:" -AsSecureString
C:\Windows\system32> Get-LocalUser -Name "Administrator" | Set-LocalUser -Password $password

Function: Missing AWS Routes to KMS
Usage: :missing the routes to the KMS server. You can fix this by running these commands in an Admin PowerShell:

Import-Module "C:\ProgramData\Amazon\EC2-Windows\Launch\Module\Ec2Launch.psd1"
slmgr /ato

Function: Fix AWS Routes
Usage: Import-Module c:\ProgramData\Amazon\EC2-Windows\Launch\Module\Ec2Launch.psm1 ; Add-Routes


"At the end of initial bootstrap (UserData) script, just append persist tag as shown below. Works perfectly."

    insert script here