PowerShell Interview Basic Questions and Answers

How do you find the computer name?

PS C:> hostname
GOVARDHAN-PC
PS C:> $env:COMPUTERNAME
GOVARDHAN-PC
PS C:> Get-WmiObject win32_operatingsystem | Select-Object -property PSComputerName, CSName

PSComputerName                                                      CSName
————–                                                                     ——
GOVARDHAN-PC                                                          GOVARDHAN-PC

PS C:> Get-ItemProperty -Path “HKLM:SYSTEMCurrentControlSetControlComputerNameActiveComputerName” -Name “ComputerName” | Select-Object -Property Computername

ComputerName

GOVARDHAN-PC

PS C:>

How do you find the free space of C: drive in GBs?

 

PS C:> Get-PSDrive –Name C | ForEach-Object {[math]::round($.free/1GB)}
204
PS C:> Get-PSDrive –Name C |  % {[math]::round($
.free/1GB)}
204
PS C:> Get-PSDrive –Name C | Select-Object -Property free | % {[math]::round($_.free/1GB)}
204

PS C:> Get-WMIObject Win32_LogicalDisk -filter “DeviceID=’C:'” | % {[math]::round($_.FreeSpace/1GB)}
204
PS C:>

 

How do you convert a given value to Decimal, Hexadecimal, Octal and Binary values?

 

 

$GivenValue = 0x0ff379

PS C:> $GivenValue = 0x0ff379
PS C:> “{0:D0}” -f $GivenValue
1045369
PS C:> “{0:N0}” -f $GivenValue
1,045,369
PS C:>

OR using [Convert]

PS C:> $GivenValue = 0x0ff379
PS C:> [Convert]::ToString($GivenValue, 2)        # Binary
11111111001101111001
PS C:> [Convert]::ToString($GivenValue, 8)        # Octal
3771571
PS C:> [Convert]::ToString($GivenValue, 10)      # Decimal
1045369
PS C:> [Convert]::ToString($GivenValue, 16)      # HexaDecimal
ff379
PS C:>

 

How do you find all services that are set to run “Manual”  and not running.  All that are.

There is NO native way to find a service startup details in PowerShell rather .Net itself.  The alternate is to use the WMI object.

 

Manual services Not running

PS C:> Get-WmiObject -Class win32_service -Filter “StartMode=’Manual’ and State!=’Running'” | Select-Object -First 5 | ft -a

ExitCode Name         ProcessId StartMode State   Status
——– —-         ——— ——— —–   ——
0 AeLookupSvc          0 Manual    Stopped OK
1077 ALG                  0 Manual    Stopped OK
1077 AppIDSvc             0 Manual    Stopped OK
1077 AppMgmt              0 Manual    Stopped OK
1077 aspnet_state         0 Manual    Stopped OK

 

Manual services running

PS C:> Get-WmiObject -Class win32_service -Filter “StartMode=’Manual’ and State=’Running'” | Select-Object -First 5 | ft -a

ExitCode Name    ProcessId StartMode State   Status
——– —-    ——— ——— —–   ——
0 Appinfo       928 Manual    Running OK
0 BITS          928 Manual    Running OK
0 Browser       928 Manual    Running OK
0 EapHost       928 Manual    Running OK
0 KeyIso        544 Manual    Running OK

PS C:>

 

 

 

Find top 100 processes that are consuming memory more than 100MB and export the list of processes to a CSV file

In PowerShell 2.0:

PS C:> Get-Process | where-object { $_.pm -gt 100MB }| select -First 100 | Sort pm -Descending

Handles  NPM(K)    PM(K)      WS(K) VM(M)   CPU(s)     Id ProcessName
——-  ——    —–      —– —–   ——     — ———–
410      66   354076     276672 
60; 287   812.59   2640 sqlservr
1478     143   242504     279340 -1028    48.16   5644 w3wp
1140     141   228120     234128  1900 3,404.22   6284 Management.Agent
7766     169   213608      80040   752 …84.99   2996 ptagentservice

PS C:>

 

In PowerShell 3.0:

PS C:> Get-Process | where pm -gt 100MB | select -First 100 | Sort pm -Descending

Handles  NPM(K)    PM(K)      WS(K) VM(M)   CPU(s)     Id ProcessName
——-  ——    —–      —– —–   ——     — ———–
975      96   218396     225856  1020    32.43   4060 ScriptEditor
524      66   200180     144448   830 1,963.15   5372 ABC.Management.Console
1882     105   195328     120796   498 1,231.85   4896 chrome
681      79   191096      81504   570   261.36   1568 devenv
583      41   179828      89064   761    45.61   6044 powershell
3059      69   175604      82452   476    43.63   5248 RemoteDesktopManager
770      31   174104     164376   303             888 svchost
3707     158   141244     160324   573 1,012.48   5244 OUTLOOK
773     105   135560      56120   460   438.96   5376 WindowsLiveWriter
665      56   121348      62996   765   333.34   3692 BoxSync

PS C:> Get-Process | where pm -gt 100MB | select -First 100 | Sort pm -Descending | Export-Csv C:TempProcess-100MB-Memmory.csv

PS C:> gci C:TempProcess-100MB-Memmory.csv

    Directory: C:Temp

Mode                LastWriteTime     Length Name
—-                ————-     —— —-
-a—         5/14/2013   5:58 PM       9511 Process-100MB-Memmory.csv

PS C:>

 

 

Read all log files for “ERROR” and print that lines that matches

 

PS C:> gci “$env:tempCitrixLogs” -File  | foreach { Get-Content “$env:tempCitrixLogs$” | foreach { if ($ -match “Error”) {$_}  } }
16:09:51     1484 E: [Detect plugin] completed: 2008 (ECError::eNotFound)
16:12:57     1484 I: [NotifyUserIfError] started
19:41:54      5AC _handleUrlQueryStringArgs(ERROR)
16:12:49      7C8 ERROR C:UsersGOVARD~1AppDataLocalTempD57AD48E-AA94-4541-8BD6-26BF97ABF1B9G2MTestSound.wav : wrote 53718 of 53718 bytes.
18:30:25     167C ERROR logSecurityInfo
value>ERROR<array><type>struct</type><data></data></array></value></member></struct>
PS C:>

 

 

Find all latest events that have “entered the stopped state” in System log within past 24 hours

 

PS C:> Get-EventLog -LogName System -Message “entered the stopped state” -After $(Get-Date).AddHours(-24) -Newest 5

   Index Time          EntryType   Source                 InstanceID Message
—– —-          ———   ——                 ———- ——-
9764 May 13 11:58  Information Service Control M…   1073748860 The Multimedia Class Scheduler service entered …
9762 May 13 11:48  Information Service Control M…   1073748860 The WinHTTP Web Proxy Auto-Discovery Service se…
9761 May 13 11:43  Information Service Control M…   1073748860 The Multimedia Class Scheduler service entered …
9759 May 13 11:34  Information Service Control M…   1073748860 The Multimedia Class Scheduler service entered …
9756 May 13 11:14  Information Service Control M…   1073748860 The Application Experience service entered the …

PS C:>

 

PS C:> Get-WinEvent -LogName System | where Message | where-object { (($.Message -match “entered the stopped state”) –
and ($
.Timecreated -ge $((Get-Date).AddHours(-1)))) }

   ProviderName: Service Control Manager

TimeCreated                     Id LevelDisplayName Message
———–                     — —————- ——-
5/13/2013 7:03:36 PM          7036 Information      The WinHTTP Web Proxy Auto-Discovery Service service entered the…
5/13/2013 6:50:09 PM      &
#160;   7036 Information      The Multimedia Class Scheduler service entered the stopped state.
5/13/2013 6:44:24 PM          7036 Information      The TCP/IP NetBIOS Helper service entered the stopped state.
5/13/2013 6:33:23 PM          7036 Information      The Disk Defragmenter service entered the stopped state.
5/13/2013 6:13:32 PM          7036 Information      The Multimedia Class Scheduler service entered the stopped state.
Get-WinEvent :
The description string for parameter reference (%1) could not be found
At line:1 char:1
+ Get-WinEvent -LogName System | where Message | where-object { (($_.Message -matc …
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo          : NotSpecified: (:) [Get-WinEvent], EventLogException
+ FullyQualifiedErrorId : The description string for parameter reference (%1) could not be found,Microsoft.PowerShell.Commands.GetWinEventCommand

 

PS C:>

 

You encounter above error if the Message field is empty for a given event.  The same script works fine if all the events in the criteria contains some message.

 

PS C:> Get-WinEvent -LogName Application | where-object { (($.Message -match “SYMANTEC TAMPER PROTECTION ALERT”) -and
($
.Timecreated -ge $((Get-Date).AddHours(-1)))) }

   ProviderName: Symantec AntiVirus

TimeCreated                     Id LevelDisplayName Message
———–                     — —————- ——-
5/13/2013 6:50:41 PM            45 Error             …
5/13/2013 6:50:41 PM            45 Error             …
5/13/2013 6:50:41 PM            45 Error             …
5/13/2013 6:50:40 PM            45 Error             …
5/13/2013 6:50:40 PM            45 Error             …
5/13/2013 6:50:40 PM            45 Error             …

PS C:>

 

 

Find all files that are modified within last 24 hours

 

 

How many seconds are there in next year

 

List all connections using netstat that are in “LISETENING” state using

 

Read list of server names from a text file and initiate system restart for all system

 

How do you send a file as an attachment to an email recipient

 

PS C:> Send-MailMessage -To [email protected] -From [email protected] -Subject “System Events File is in Attachment” -Attachments “c:tempsysevents.csv” –SmtpServer smtpsrv1.google.com
PS C:>

 

How do you measure the time taken for execution of a PowerShell command

 

PS C:> Measure-Command { Get-WmiObject -Class win32_service | where-object { ($.StartMode -eq “Manual”) -and ($.State -eq “Running”) } } | select TotalSeconds | ft -a

TotalSeconds

0.5028714

PS C:> Measure-Command { Get-WmiObject -Class win32_service -Filter “StartMode=’Manual’ and State=’Running'” } | Select TotalSeconds | ft -a

TotalSeconds

0.2707537

PS C:>

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

3 thoughts on “PowerShell Interview Basic Questions and Answers

  1. I am executing this Powershell script comparing a flat txt file with a directory on the first match copy what is in the directory to another directory. Nothing is being put in the output directory. This is the script

    $objFolder = “C:\Serena\ReleaseAutomationAgent\core\var\work\ABS_SQL\” #(directory)
    $objFile = “C:\Serena\ReleaseAutomationAgent\core\var\work\tmp\compare2.txt” #(File)
    $outFile =”C:\Serena\ReleaseAutomationAgent\core\var\work\ABS_SQL\deploy\” #Output Directory
    Compare-Object -ReferenceObject (gc $objFile) -DifferenceObject (gci $objFolder|select -ExpandProperty Name) -ExcludeDifferent -IncludeEqual|select -first 1 -Expand InputObject | %{Copy-Item “objFolder\$_” -Dest $outFile}

    compare 2 consists of
    test1.txt
    test2.txt
    test3.txt

    Directory consists of actual text files
    test1
    test3

    in this case tes1 from directory should be copies to output directory but nothing is being put there. Any help would be great

  2. In case if you are running the exact command as pasted above, the “objFolder” in the copy-item command is missing “$”, to make it as a variable (objFolder v/s $objFolder).

  3. By the way, I haven’t evaluated the functionality of the command you pasted, but on the first look I can see the above issue. But your requirement is simple enough to implement. I see this post is in 2014, in case if this is still an active requirement, I am happy to provide help!

Leave a Reply

Your email address will not be published. Required fields are marked *