As PowerShell’s (PS) acceptance continues to grow, the benefits provided by the management framework will surely increase alongside it. Whether it be managing desktops, servers, network services, and/or app-specific features–IT will come to appreciate how extensive, deep, and robust the cmdlets are. They hook into the underlying system, offering complete control that is unmatched while residing in a native package that excels at what it was designed to do, while minimally impacting resources.

In continuing to demonstrate how IT pros can leverage PS to troubleshoot problems as they are reported, you will find another set of cmdlets below that may be used to great effect resolve issues that IT commonly comes across in completing their daily tasks. Check out 10 below.

SEE: Manage Active Directory with these 11 PowerShell scripts (Tech Pro Research)

1. Resetting user passwords


PS: Set-ADAccountPassword -Identity USERNAME

2. List policies applied to clients

CMD: gpresult /h \\path\to\file.html

PS: Get-GPResultantSetOfPolicy -ReportType HTML -Path “\\path\to\file.html”

3. Output data on-screen to the printer


PS: | Out-Printer

Note: Prior to executing a cmdlet, append the suffix above to pipe the output to the default printer. To select a specific printer, use the -Name parameter and place the name of the local printer or UNC path to the shared printer to output the data to that device instead.

4. View and edit file/folder permissions

CMD: cacls \\path\to\file

PS: Get-Acl -Path \\path\to\file | Format-List

CMD: cacls \\path\to\file /E /G “SECURITYGROUP”:PERMISSION

PS: Get-Acl -Path “\\path\to\file1” | Set-Acl -Path \\path\to\file2

Note: Setting ACLs via PS requires you first read the ACL from a folder, that ACL may then be copied to the destination file/folder. If you wish to edit the permissions granularly, that requires a bit more setup and several more steps, see the example below:

$Aclvariable = Get-Acl “\\path\to\file”

$Permissionvariable = “DOMAIN\USERNAME”,”PERMISSION1″,”Allow”

$Accessvariable = Net-Object System.Security.AccessControl.FileSystemAccessRule $permissionvariable


$Aclvariable | Set-Acl “\\path\to\file”

SEE: Windows administrator’s PowerShell script kit (Tech Pro Research)

5. Synchronizing system time with domain controller

CMD: net time /SET /Y

PS: Invoke-Command -ComputerName “DCHostName” -ScriptBlock {Get-Date) | Set-Date -Date

Note: PowerShell lacks a cmdlet that exclusively syncs time/date. The cmdlets above allow for the retrieval and setting of time/date manually. Similar to the way Set-Acl works, the data may be copied from the DC and piped to the client as the example above displays.

For most uses, however, users are better off using the W32 Time Service command with the parameters below:

w32tm /resync /computer:DCHostName /nowait

6. Rename devices while remaining joined to the domain

CMD: netdom renamecomputer Computername /newname:newhostname /userid:DOMAIN\USERNAME /password:* /force /reboot:0

PS: Rename-Computer -ComputerName “OldHostName” -NewName “NewHostName” -DomainCredential DOMAIN\USERNAME -Force -Restart

7. Running cmdlet remotely on other devices

CMD: psexec \\remotecomputer command

PS: Invoke-Command -ComputerName “RemoteHostName” -ScriptBlock {cmdlet-to-run-remotely}

SEE: Admin spotlight: Saving time with PowerShell (Tech Pro Research)

8. Download files from the web

CMD: bitsadmin /transfer jobname /download /priority normal \\path\to\save\file.ext

PS: Start-BitsTransfer -Source “” -Destination “\\path\to\save\file.ext”

9. Update Group Policies on devices

CMD: gpupdate /force

PS: Invoke-GPUpdate -Force

10. Allow PowerShell commands to be executed on remote devices


PS: Enable-PSRemoting -Force

Note: By default, PSRemoting is disabled on newer versions of Windows. Due to security concerns, it should only be enabled, if needed. With that said, the cmdlet only needs to be run once per client for the listeners to become enabled. Once the listeners are enabled, client devices will process remote PS cmdlets received.