Skip to main content

How to Read Help Files (Part 4 of 7)

By
Today we are continuing to look at the PowerShell help files and how to read them.  We are going to explore the detailed help files.  PowerShell can display help at various levels of detail depending on how much information you need.  To access a cmdlets’ detailed help file, just ask for help as you normally would, but add the –Detailed parameter for Get-Help.

Get-Help Stop-Process –Detailed

With the detailed help file you get 2 extra pieces of information the basic help file does not have.  Parameter help and Examples.  Below is a small sample of the parameter help.
ARAMETERS
    -Force []
        Stops the specified processes without prompting for confirmation. By default, Stop-Process prompts for confirmation before stopping any process that
        is not owned by the current user.
       
        To find the owner of a process, use the Get-WmiMethod cmdlet to get a Win32_Process object that represents the process, and then use the GetOwner
        method of the object.
       
    -Id
        Specifies the process IDs of the processes to be stopped. To specify multiple IDs, use commas to separate the IDs. To find the PID of a process, type
        "get-process". The parameter name ("Id") is optional.

Above is displaying the help files for 2 of the parameters –Force and –ID.  You can see that after the parameter name, the data type the parameter requires is shown.  Remember that even though –ID accepts integer data types, you can sometimes send it an object that can be converted to an integer.  Take a look at the example below.  We identified two instances of Notepad.  We sent Stop-Process an integer value to its –ID parameter in the first instance and a string in the second.  Since the string could be translated to an integer, it worked. Remember to test prior to relying on this functionality.

PS C:\> Get-process -Name Notepad

Handles  NPM(K)    PM(K)      WS(K) VM(M)   CPU(s)     Id  SI ProcessName                                                                                      
-------  ------    -----      ----- -----   ------     --  -- -----------                                                                                     
    141      11     1996       3208 ...63     1.56   2996   1 notepad                                                                                         
    141      11     1992       3112 ...63     3.52  11636   1 notepad                                                                                          



PS C:\> Stop-Process -id 2996

PS C:\> Stop-Process -id "11636"

PS C:\> 

The next added feature of the Detailed help file for a cmdlet is the Example section:
-------------------------- EXAMPLE 1 --------------------------
   
    PS C:\>stop-process -name notepad
   
    This command stops all instances of the Notepad process on the computer. (Each instance of Notepad runs in its own process.) It uses the Name parameter to
    specify the processes, all of which have the same name. If you were to use the ID parameter to stop the same processes, you would have to list the process
    IDs of each instance of Notepad.

This is just one example from Stop-Process.  You can see an example Stop-Process –name notepad and a description of what will happen if you execute that example.  A good help file will have multiple examples of how to use the cmdlet.  Take a look at example 4:

     -------------------------- EXAMPLE 4 --------------------------
   
    PS C:\>get-process lsass | stop-process
   
    Stop-Process : Cannot stop process 'lsass (596)' because of the following error: Access is denied
    At line:1 char:34
    + get-process lsass  | stop-process <<<<
   
    [ADMIN]: PS C:\>get-process lsass | stop-process
   
    Warning!
    Are you sure you want to perform this action?
    Performing operation 'Stop-Process' on Target 'lsass(596)'
    [Y] Yes  [A] Yes to All  [N] No  [L] No to All  [S] Suspend  [?] Help (default is "Y"):
    [ADMIN]: PS C:\>get-process lsass | stop-process -force
    [ADMIN]: PS C:\>
   
    These commands show the effect of using the Force parameter to stop a process that is not owned by the user.
   
    The first command uses the Get-Process cmdlet to get the Lsass process. A pipeline operator sends the process to the Stop-Process cmdlet to stop it. As
    shown in the sample output, the first command fails with an "Access denied" message, because this process can be stopped only by a member of the
    Administrator's group on the computer.
   
    When Windows PowerShell is opened with the "Run as administrator" option, and the command is repeated, Windows PowerShell prompts you for confirmation.
   
    The second command uses the Force parameter to suppress the prompt. As a result, the process is stopped without confirmation.

Much more detailed.  Many times I how found examples of what I was looking for in the example section.



Tomorrow we will look at the full help file.
Labels:

Comments

Post a Comment

Popular posts from this blog

How to list all the AD LDS instances on a server

By
AD LDS allows you to provide directory services to applications that are free of the confines of Active Directory.  To list all the AD LDS instances on a server, follow this procedure: Log into the server in question Open a command prompt. Type dsdbutil and press Enter Type List Instances and press Enter . You will receive a list of the instance name, both the LDAP and SSL port numbers, the location of the database, and its status.
Post a Comment
Read more

How to run GPResult on a remote client with PowerShell

By
In the past, to run the GPResult command, you would need to either physically visit this client, have the user do it, or use and RDP connection.  In all cases, this will disrupt the user.  First, you need PowerShell remoting enabled on the target machine.  You can do this via Group Policy . Open PowerShell and type this command. Invoke-Command –ScriptBlock {GPResult /r} –ComputerName <ComputerName> Replace <ComputerName> with the name of the target.  Remember, the target needs to be online and accessible to you.
Post a Comment
Read more

Error icon when creating a GPO Preference drive map

By
You may not have an error at all.  Take a look at the drive mapping below. The red triangle is what threw us off.  It is not an error.  It is simply a color representation of the Replace option of the Action field in the properties of the drive mappings. Create action This give you a green triangle. The Create action creates a new mapped drive for users. Replace Action The Replace action gives you a red triangle.  This action will delete and recreate mapped drives for users. The net result of the Replace action is to overwrite all existing settings associated with the mapped drive. If the drive mapping does not exist, then the Replace action creates a new drive mapping. Update Action The Update action will have a yellow triangle. Update will modify settings of an existing mapped drive for users. This action differs from Replace in that it only updates settings defined within the preference item. All other settings remain as configured on the mapped drive. If the
1 comment
Read more