Useful PowerShell commands

24th June 2020

List AD users that haven't logged on in 30 days

Import-Module activedirectory
Get-ADUser -Filter {Enabled -eq $TRUE} -SearchBase $OU -Properties Name,SamAccountName,LastLogonDate | Where {($_.LastLogonDate -lt (Get-Date).AddDays(-30)) -and ($_.LastLogonDate -ne $NULL)} | Sort | Select Name,SamAccountName,LastLogonDate

See if a tcp port is open/blocked/closed
Test-NetConnection -ComputerName COMPUTER_NAME -Port PORT_NUMBER



Set an interface to type public/private/domain
Get-NetConnectionProfile

Name : wtf.local
InterfaceAlias : Internal
InterfaceIndex : 12
NetworkCategory : DomainAuthenticated
IPv4Connectivity : LocalNetwork
IPv6Connectivity : LocalNetwork

Name : Network
InterfaceAlias : Internet
InterfaceIndex : 13
NetworkCategory : Public
IPv4Connectivity : LocalNetwork
IPv6Connectivity : LocalNetwork

Set-NetConnectionProfile -InterfaceIndex 13 -NetworkCategory Private


see what DOMAIN user is logged on to a remote PC
query user /server:$SERVERNAME

#powershell version
$PSVersionTable

#show what software needs upgrading
winget upgrade
#update all software
winget upgrade --all

#enable powershell remoting
Enable-PSRemoting -force

#show what users are logged onto this pc.  may work from cmd too
query user /server:$SERVER

#Flush the DNS cache on a domain controller
Clear-DnsServerCache

#export GroupPolicy for support case or documentation
Import-Module GroupPolicy
# Export a specific GPO
Get-GPOReport -Name "Default Domain Policy" -ReportType Html -Path Default.html
Get-GPOReport -Name "Default Domain Policy" -ReportType Xml -Path Default.xml
# Export all GPOs
Get-GPOReport -All -ReportType Html -Path All.html
Get-GPOReport -All -ReportType Xml -Path All.xml

#get a cmd prompt on a remote pc, works in cmd too
WinRS -r:MYSERVER "cmd.exe"