I am trying to disable unnecessary features on windows 10 to optimize the os performance. I thought of creating Powershell DSC Configuration, refer the Windows Feature Resource inside it and disable the features i want.
To mention the feature name i have to run the Get-WindowsFeature command and see what features are there.But that command is not available in my powershell.I did some research and i got to know that Get-WindowsFeature will only work on Windows Server. Is this true?
So what Command i have to run to get the list of features on Windows 10?
Get-WindowsOptionalFeature -Online
would give the list of features available in Windows. For more refer docs
Take a look at this script for removing Built-In apps for Windows 10 by the scconfigmgr guys. In my experience, removing these unused apps has greatly improved performance, particularly when a new profile is built on the machine.
Essentially, it uses the Get-AppxPackage command to identify and then remove built-in apps which you might not want.
EDIT
In addition to the above, you can also query WMI to get what Features are enabled using the Win32_OptionalFeature class.
Get-WmiObject -Query "Select * from Win32_OptionalFeature where InstalledState = '1'"
Everything with an 'InstalledState' of '1' means it's currently installed.
Related
I'm a complete rookie to programming. I will say so much off the bat: please go easy on me. I simply want to know what happens on a system-wide level when I run a script through the PowerShell ISE program. If I run something in an IDE, I have always assumed that no system calls are made, meaning the script isn't communicating with the kernel or making actual changes to the OS. To the contrary, the script is simply being run in a sandboxed environment, as a test run for lack of better terms. I use the term sandboxed loosely here.
If I am on the mark here regarding how an IDE works, does PowerShell also work the same way. If I am incorrect overall with all of my observations, please correct me. I'm just a tad bit beyond the phase of a script kiddie. I can write simple Bash scripts and execute PowerShell commands but I am miles behind the talent of a developer or full-time programmer. Looking for an answer from a veteran to a rookie here.
The PowerShell ISE is called an Integrated Scripting Environment. It can be thought of as a stripped down Visual Studio or maybe instead an enlightened Notepad with a paired PowerShell console.
In any case, and maybe someone will chime in with the true history of the ISE here, the PowerShell console is just as effective and powerful as the Linux Bash Shell, or the Windows Command Prompt.
Commands you run in PowerShell use underlying Windows APIs or dotnet namespaces which can absolutely change the system.
For instance, you can start and stop services or even disable them, if you've got the permissions and are running as an administrator. That's definitely changing the underlying system.
Set-Service -Name Spooler -StartupType Disabled
You can also change registry keys you definitely should not be touching.
#Disable Windows Update
Set-ItemProperty -Path HKLM:\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate -Name AU -Type DWord -Value "NoAutoUpdate"
Having permission to do these things depeneds on what your account can do. If you're running as a standard Windows user without admin rights, these calls will fail.
If you run the ISE or PowerShell without 'Run As Administrator', these calls will fail.
However, if you are an admin, and run PowerShell or the ISE as an Admin, you have effectively taken both safeties off and can now freely ventilate your foot.
Same goes for if you're running with a powerful Active Directory or Azure account. Only use those credentials when you need them, or your inevitable accidents will be truly remarkable, swift and terrible.
I'm working with DNS resource records in Powershell 5 using code that I inherited from the guy who was trying to do this before me. The cmdlet I am trying to use is Add-DnsServerResourceRecordA.
Part of his code has import-module certain folder\PowerShell\Modules\DnsServer. The weird thing is, it seems like as I was trying bits and pieces of the code earlier, I was able to use the add-DNSblah cmdlet. Now, after It ried running the whole script including the import-module, Powershell is saying that the cmdlet does not exist natively, and when I import the module and run it it is giving me Add-DnsServerResourceRecordA: Invalid Class.
It is my understanding that Add-DnsServerResourceRecordA should be included in my normal Powershell 5.0. Could that Import-Module have permanently damaged PS somehow? Why else would the cmdlet not show up, even in a Get-Command "dns"?
I'm pretty sure you will need the Remote Server Administration Tools (RSAT) installed to have these cmdlets available on a non-server Windows OS.
You can download them from this page: https://www.microsoft.com/en-gb/download/details.aspx?id=45520.
Not really sure why the Import-Module does not fail if the DNSServer module is not present on the system.
If RSAT are already installed, you can try to reinstall them.
I have a PowerShell script to collect various types of information on the host system. One of the commands is systeminfo. It needs nearly 10 seconds to complete.
Edit:
I think the problem comes from the amount of installed hotfixes on the computer, which are displayed with systeminfo. Is there any way to run systeminfo without loading all the hotfix information?
No you cannot not have hotfix information. See https://technet.microsoft.com/en-gb/library/bb491007.aspx for the available parameters.
Maybe Get-WmiObject can help you to get the information you need. Check the following link describing different system information you can retrieve via Get-WmiObject.
Get-WmiObject
I am trying to determine if BitLocker is updated. All I can find on BitLocker is if the service is running as in:
Get-Service -name "BDESVC*"
Usually the gwmi -class Win32_SoftwareFeature will return all applications versions but BitLocker isn't there. Does BitLocker need updating? Is it stored somewhere else?
I am using Win7 64bit PowerShell v2
After some lengthy searching, I found manage-bde. This command works great with the command line and PowerShell. I still am having an issue with pulling just the version number though.
Yes, this is the only option available for checking the version as the application isn't standalone. On Max OS X, it is the same. The version isn't made obvious or available.
In case this helps some one now, you can use the following command to extract the required information for your purpose.
Command
manage-bde -status C: | FINDSTR "\<version"
Result
BitLocker Drive Encryption: Configuration Tool version 10.0.15063
Please don't forget the '\<' because this is used to filter out the version, else other data containing the word 'conversion' also gets populated.
I have modified a script to standardise our organisations signatures in Outlook. The script uses a Word document as a template for the signature and extracts user details from the Active Directory info on our SBS 2003 server.
I am logged in as a Domain Admin and the script works ok for my Outlook signature (there are a couple of errors but it creates the 3x outlook signature files that I need). I can't get it to run on any other computer (but this is the only one with Powershell installed) nor will it run for any other user on this computer.
I would really like to be able to run the script from each workstation. This would be easy if it was a batch file, but it won't work as a powershell script. Do I need to install Powershell on every workstation or is there a simpler way to get it to work?
Also,
I wonder if there is a problem with the script that is not allowing other users to run it from this computer (even with Powershell installed).
Cheers,
Greg
Yes, you need Powershell installed on every machine where you want the script to run. It's included with OS on everything from Server 2008 and Windows 7, but otherwise you'll need to install Powershell manually.
You will also have to enable remote scripting on each machine, since this is disabled by default (for security reasons). Take a look at the following help pages for information and instructions on how to set up:
Get-Help about_remote
Get-Help about_remote_FAQ
Get-Help about_remote_requirements
Get-Help about_remote_troubleshooting
If you want to use PowerShell remotely you will need to install it. If you don't want to do that you could look at psexec - that's one of Sys Internals great tools. It will enable you to run commands\scripts remotely.
I have a different suggestion. Could you generate these signature files for your employees on your machine and then push the signatures out to all the other machines?