22 Useful Powershell Commands for System Admins
PowerShell is a powerful automation tool that every Windows system administrator should master. With thousands of cmdlets available, it's easy to get lost. This article filters the noise and provides a focused list of cmdlets that help streamline daily administrative tasks, automate scripts, and reduce manual errors.
These commands are built for real-world use - whether you're managing remote systems, checking event logs, or writing advanced scripts with complex parameters.
Below is a curated list of the 22 most useful PowerShell commands for system administrators, based on current best practices and verified Microsoft documentation.
1. Get-Process
The Get-Process cmdlet retrieves information about the processes running on a local or remote computer. It's instrumental in monitoring system performance, identifying resource-intensive applications, and troubleshooting issues related to process management. By default, it provides details such as process names, IDs, CPU usage, and memory consumption.
Get-Process
2. Get-Service
Get-Service allows administrators to view the status of services on a system. It lists all services, indicating whether they are running, stopped, or paused. The Get-Service cmdlet is crucial for managing services, ensuring that essential services are operational, and diagnosing service-related problems.
Get-Service
3. Set-Place
Heads up: Set-place requires the Exchange Online PowerShell module (EXO V2). It is not part of the Microsoft.Graph module.
Set-Place updates metadata for resource mailboxes representing physical locations like meeting rooms. You can set properties such as capacity, floor, building, and equipment details to help users find and book rooms efficiently.
Set-Place -Identity "ConfRoom1@meetingroom365.com" -Capacity 12 -Floor 3 -Building "Main Office"
4. Restart-Computer
The Restart-Computer cmdlet enables the rebooting of local or remote computers. It's particularly useful for applying updates, recovering from errors, or performing maintenance tasks. When used with the -ComputerName parameter, it can target specific machines across a network, facilitating remote management.
Restart-Computer -ComputerName "Server01"
5. Get-Content
Get-Content reads the contents of a file, returning each line as a string. It's commonly used for viewing logs, configuration files, or any text-based files. The -Tail parameter is beneficial for monitoring the latest entries in log files, aiding in real-time diagnostics.
Get-Content "C:\Logs\error.log" -Tail 10
6. Set-ExecutionPolicy
This cmdlet sets the user preference for the PowerShell script execution policy. By configuring the execution policy, administrators can control the conditions under which PowerShell loads configuration files and runs scripts, enhancing security by preventing the execution of untrusted scripts.
Set-ExecutionPolicy RemoteSigned
7. Copy-Item
Copy-Item copies files and directories to a specified location. It's essential for tasks such as backing up data, deploying files, or duplicating directory structures. The -Recurse parameter allows for copying all items in a directory, including subdirectories and their contents.
Copy-Item "C:\Source" "D:\Backup" -Recurse
8. Get-ChildItem
Get-ChildItem cmdlet retrieves the items and child items in one or more specified locations. It's analogous to the traditional 'dir' command but offers more flexibility. With parameters like -Recurse, it can traverse subdirectories, making it invaluable for file system navigation and management.
Get-ChildItem -Path "C:\Users" -Filter "da*" -Name
9. Start-Process
This cmdlet initiates a process on the local computer. It's useful for launching applications or scripts from within PowerShell. The -Verb RunAs parameter allows the process to run with elevated permissions, which is necessary for tasks requiring administrative rights.
Start-Process notepad.exe -Verb RunAs
10. Get-Member
Get-Member reveals the properties and methods of objects. When working with PowerShell objects, this cmdlet helps administrators understand the structure and capabilities of the data they're handling, facilitating more effective scripting and data manipulation.
Get-Process | Get-Member
11. Select-Object
This cmdlet selects specific properties of an object or set of objects. It's commonly used to create custom views of data, limit the output to relevant information, or to create new properties through calculated expressions, enhancing data analysis and reporting
Get-Service | Select-Object Name, Status
12. Out-File
Out-File sends output to a file, allowing administrators to save command results for documentation, auditing, or further analysis. It's particularly useful for logging the output of scripts or commands over time.
Get-Service | Out-File -FilePath "C:\Reports\Services.txt"
13. ConvertTo-Html
This cmdlet converts .NET objects into HTML that can be displayed in a web browser. It's beneficial for creating reports or dashboards that present data in a structured and visually accessible format.
Get-Process | ConvertTo-Html | Out-File "C:\Reports\processes.html"
14. Get-Command
Get-Command lists all cmdlets, functions, workflows, aliases installed on your system. It's a discovery tool that helps administrators find the commands available for use, especially when exploring new modules or seeking specific functionalities.
Get-Command service
15. Invoke-Item
Invoke-Item opens files or directories using the default application associated with the file type. It's a quick way to access files or folders directly from the PowerShell prompt without navigating through the GUI.
Invoke-Item "C:\Reports\processes.html"
16. Get-WinEvent
Get-WinEvent retrieves events from event logs and event trace log (ETL) files. It supports filtering by log name, provider, event ID, level, user, and time, and works with both classic and modern event logs. Unlike Get-EventLog that is now outdated, it handles large log files more efficiently and supports XPath queries for precise filtering.
Get-WinEvent -LogName System -MaxEvents 20
17. New-Item
New-Item creates a new item, such as a file or folder. It's used in scripts to set up directory structures, create placeholder files, or initialize configurations. The -ItemType parameter specifies the type of item to create.
New-Item -Path "C:\Scripts\Logs" -ItemType Directory
18. Get-History
This cmdlet displays a list of the commands entered during the current session. It's helpful for reviewing previous commands, reusing them, or for auditing purposes. The history can also be exported for documentation.
Get-History
19. Get-NetIPAddress
Get-NetIPAddress retrieves IP address configuration information. It's crucial for network configuration, troubleshooting connectivity issues, and verifying network settings on local or remote systems.
Get-NetIPAddress
20. Format-Table
Formats PowerShell output into a table layout. Add the -AutoSize and -Property parameters to fine-tune column sizes and display.
Get-Process | Format-Table -Property Name, Id, CPU -AutoSize
21. Get-MgPlace
Retrieves place resources from Microsoft Graph, such as rooms or room lists. Use the -Property parameter to specify the type of place (e.g., room, roomList). Commonly used in Microsoft 365 environments to manage locations for meetings and workspace booking.
Get-MgPlace -Property room | Select-Object DisplayName, Capacity, Building, Floor
22. Set-CalendarProcessing
Heads up: Requires Exchange module and permissions to manage resource mailboxes.
Set-CalendarProcessing cmdlet configures calendar processing settings for resource mailboxes, such as automatic booking, booking windows, and conflict handling. This helps in managing how meeting requests are handled for rooms.
Set-CalendarProcessing -Identity "ConfRoom1@meetingroom365.com" -AutomateProcessing AutoAccept -BookingWindowInDays 180 -AllowConflicts $False
If you're handling daily system administration tasks, this list should stay close. These cmdlets aren't just useful - they're reliable building blocks for scalable automation tasks, error-free script execution, and consistent results across remote machines.Whether you're exporting output with Out-File, restarting systems with Restart-Computer, pulling service data using Get-Service, or working with event logs, this isn't just a collection - it’s a go-to reference for anyone with admin-level PowerShell access. Use them to reduce noise, avoid repetition, and get closer to clean, confident ops.