Administration PowerShell

Commandes PowerShell essentielles pour l'administration Windows Server

snippetbeginner 2025-05-10 3 min read

windowspowershelladministrationservercmdlet

Navigation et fichiers

powershell

# Navigation
Set-Location C:\Windows
Get-Location                    # pwd
Get-ChildItem                   # ls / dir
Get-ChildItem -Recurse -Filter "*.log"
# Fichiers
New-Item -ItemType File fichier.txt
New-Item -ItemType Directory dossier
Copy-Item source.txt dest.txt
Move-Item ancien.txt nouveau.txt
Remove-Item fichier.txt
Remove-Item dossier -Recurse -Force
# Contenu
Get-Content fichier.txt
Get-Content fichier.txt -Tail 50   # dernières 50 lignes
Set-Content fichier.txt "contenu"
Add-Content fichier.txt "nouvelle ligne"

Processus et services

powershell

Variables

{{SERVICE}}Nom du service

# Processus
Get-Process
Get-Process -Name {{SERVICE}}
Stop-Process -Name {{SERVICE}} -Force
Stop-Process -Id {{PID}} -Force
Start-Process notepad.exe
# Services
Get-Service
Get-Service -Name {{SERVICE}}
Start-Service {{SERVICE}}
Stop-Service {{SERVICE}}
Restart-Service {{SERVICE}}
Set-Service {{SERVICE}} -StartupType Automatic
Set-Service {{SERVICE}} -StartupType Disabled
# Services en cours
Get-Service | Where-Object {$_.Status -eq "Running"}
Get-Service | Where-Object {$_.StartType -eq "Automatic" -and $_.Status -eq "Stopped"}

Utilisateurs et groupes locaux

powershell

Variables

{{USER}}Utilisateur cible

# Utilisateurs locaux
Get-LocalUser
New-LocalUser -Name "{{USER}}" -Password (ConvertTo-SecureString "{{PASSWORD}}" -AsPlainText -Force)
Remove-LocalUser -Name "{{USER}}"
Enable-LocalUser -Name "{{USER}}"
Disable-LocalUser -Name "{{USER}}"
# Groupes locaux
Get-LocalGroup
Get-LocalGroupMember -Group "Administrators"
Add-LocalGroupMember -Group "Administrators" -Member "{{USER}}"
Remove-LocalGroupMember -Group "Administrators" -Member "{{USER}}"

Réseau

powershell

Variables

{{SERVER_IP}}IP du serveur

{{TARGET}}IP, range ou FQDN

{{PORT}}Ex: 80,443 ou 1-1000

{{TARGET_DOMAIN}}Domaine AD ou DNS

# Configuration réseau
Get-NetIPAddress
Get-NetIPConfiguration
Get-NetAdapter
# Configurer une IP statique
New-NetIPAddress -InterfaceAlias "Ethernet" -IPAddress "{{SERVER_IP}}" -PrefixLength 24 -DefaultGateway "192.168.1.1"
Set-DnsClientServerAddress -InterfaceAlias "Ethernet" -ServerAddresses "8.8.8.8","8.8.4.4"
# Connexions actives
Get-NetTCPConnection -State Listen
Get-NetTCPConnection | Where-Object {$_.State -eq "Established"}
# Tests réseau
Test-NetConnection -ComputerName {{TARGET}} -Port {{PORT}}
Test-NetConnection google.com -TraceRoute
Resolve-DnsName {{TARGET_DOMAIN}}

Registre Windows

powershell

Variables

{{SERVICE}}Nom du service

# Lire une clé
Get-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion"
Get-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\{{SERVICE}}"
# Créer / modifier une valeur
Set-ItemProperty -Path "HKLM:\SOFTWARE\MyApp" -Name "Debug" -Value 1
New-Item -Path "HKLM:\SOFTWARE\MyApp"
New-ItemProperty -Path "HKLM:\SOFTWARE\MyApp" -Name "Version" -Value "1.0" -PropertyType String
# Supprimer
Remove-ItemProperty -Path "HKLM:\SOFTWARE\MyApp" -Name "Debug"
Remove-Item -Path "HKLM:\SOFTWARE\MyApp" -Recurse

Gestion des logs

powershell

# Journaux d'événements
Get-EventLog -LogName Application -Newest 50
Get-EventLog -LogName Security -EntryType Error,Warning -Newest 20
Get-EventLog -LogName System -Source "Service Control Manager"
# Avec Get-WinEvent (plus puissant)
Get-WinEvent -LogName Application -MaxEvents 100
Get-WinEvent -FilterHashtable @{LogName='Security'; Id=4625}   # Échecs de connexion
Get-WinEvent -FilterHashtable @{LogName='Security'; Id=4624}   # Connexions réussies
Get-WinEvent -FilterHashtable @{
    LogName='System'
    StartTime=(Get-Date).AddHours(-1)
    Level=2  # Error
}

WMI / CIM — Informations système

powershell

# Infos système
Get-CimInstance -ClassName Win32_ComputerSystem
Get-CimInstance -ClassName Win32_OperatingSystem
Get-CimInstance -ClassName Win32_Processor
Get-CimInstance -ClassName Win32_PhysicalMemory
# Disques
Get-CimInstance -ClassName Win32_LogicalDisk | Select-Object DeviceID, Size, FreeSpace
Get-PSDrive -PSProvider FileSystem
# Résumé mémoire
$mem = Get-CimInstance -ClassName Win32_OperatingSystem
[Math]::Round(($mem.TotalVisibleMemorySize - $mem.FreePhysicalMemory) / $mem.TotalVisibleMemorySize * 100, 1)

Exécution à distance

powershell

Variables

{{SERVER_IP}}IP du serveur

# Activer WinRM
Enable-PSRemoting -Force
# Session distante interactive
Enter-PSSession -ComputerName {{SERVER_IP}} -Credential (Get-Credential)
# Commande distante one-shot
Invoke-Command -ComputerName {{SERVER_IP}} -ScriptBlock { Get-Service } -Credential (Get-Credential)
# Sur plusieurs serveurs
$servers = @("srv01", "srv02", "srv03")
Invoke-Command -ComputerName $servers -ScriptBlock { hostname; Get-Service | Where Status -eq "Stopped" }

💡 Tip —

Toujours utiliser ConvertTo-SecureString pour les mots de passe dans les scripts, jamais en clair. Pour les scripts automatisés, utiliser des credentials stockés dans le Windows Credential Manager ou un secret manager.

Sur cette page

Actions rapides

Exporter MD

OPS·BRAIN v1.09 notes · SysAdminlocal