Once you stray from simple Get-ChildItem examples, the results may not
be what you intended. Fortunately it's easy to compare the files
returned by PowerShell with files viewed in Windows explorer.
How to List Get-ChildItem's Parameters
Get-Help Get-ChildItem -full
Note: Get-ChildItem has a particularly rich
supply of parameters to modify your scripts. I always find it worth
adding the -full switch, that way you get examples in addition to more
detailed descriptions.
-Path Is essential, and also -path is
'assumed' when the directory is the
first item directly after Get-ChildItem, else PowerShell defaults to the current location.
-Filter Is the simplest way to sieve the
required information. -Filter is technically superior because it
sifts the objects as it retrieves them. Whereas the -Include and
-Exclude parameters are much slower because they have to process all the
objects once Get-ChildItem has found them.
-Recurse Sooner or later you will need this parameter to drill
down to sub directories.
-Include Applies to the path, and also requires the -Recurse
parameter. What is the advantage of -Include *.exe compared with
just adding *.exe to the path directly?
The answer is there is no advantage - unless you want to include
multiple file types, for example. -include *.exe, *.com, *.dll.
Observe how the humble comma separates each filetype.
-Exclude As with -Exclude, this parameter comes
into its own whey you want to exclude multiple file types. -Exclude
*.bat, *.dat, *.tmp, *.temp, ~*.*
-Force Finds hidden and system files. This
is rather like changing the View menu in Windows explorer so that it will
'Show hidden and system files'. Rest assured, -force will not
override ACL permissions on files.
Guy
Recommends: WMI Monitor and It's Free!
Windows Management Instrumentation (WMI) is one of the hidden
treasures of Microsoft operating systems. Fortunately, SolarWinds
have created a
Free WMI Monitor so that you can discover these gems of performance
information, and thus improve your PowerShell scripts. Take the guess work out of which WMI counters to use when scripting the
operating system, Active Directory or Exchange Server.
Let us research other objects or 'PowerShell Providers' for Get-ChildItem.
For instance, it still comes as a surprise to me that Get-ChildItem can
access the registry.
Get-PsProvider
Note: Remember the Ps prefix and forget about a
plural. If you try Get-provider and it fails, add Ps (PowerShell) at
the front, keep in mind that all PowerShell nouns are singular, thus don't
bother with Get-ProviderS it has no chance.
Properties of Files
Let us investigate the properties of the files or other objects returned by
Get-ChildItem.
When you discover a new
PowerShell command, it benefits from being probed with what I call the 'Trusty Twosome'. Experiment with Get-Help and Get-Member and unlock new scripting
possibilities for Get-Childitem. To see what I mean try these two commands:
1) Get-help Get-Childitem (help gci) If you prefer abbreviations. (help gci -full) If you
like examples.
Get-help unearths useful parameters such as -recurse, -exclude, it also reveals hidden files with: -force.
2) Get-Childitem | Get-Member (gci | gm) If you enjoy aliases.
(gci | gm -Membertype property) If you are fond of filters.
Get-Member reveals properties
that you don't normally see in explorer, for example, CreationTime.
# PowerShell script to list the files in C: root Get-Childitem "C:\"
Note 1: In this instance C:\ is the root and Get-Childitem lists any files in this directory.
Note 2: Get-Childitem "C:\" works equally well without the speech
marks. For example: Get-Childitem C:\ However, you do need the backslash after the colon.
Guy Recommends: A Free Trial of the Network Performance Monitor
(NPM)
SolarWinds'
Orion performance monitor
will help you discover what's happening on your network. This
utility will also guide you through troubleshooting; the dashboard will
indicate whether the root cause is a broken link, faulty equipment or
resource overload.
Perhaps the NPM's best feature is the way it suggests solutions to network
problems. Its
second best feature is the ability to monitor the health of individual VMware
virtual machines. If you are interested in troubleshooting, and creating network maps, then I recommend that you take advantage of SolarWinds' offer.
Note 1: The key addition is the parameter -force. What this does is include hidden and system files.
Note 2: The additional commands enable us to count the
files, this makes easier to see prove that -force really makes a difference. Double check what I mean by running the script with, and
then without, the -force switch.
# PowerShell cmdlet to list the System files in the root of C:\ $i=0 $GciFiles = Get-ChildItem "c:\" -force |where {$_.attributes -match "System"} foreach ($file in $GciFiles) {$i++} $GciFiles |sort |ft name, attributes -auto Write-host "Number of files: " $i
Note 1: We need to employ the comparison parameter -match "System", rather than -eq "System", this is because System files also have Hidden and other attributes. Consequently, their
attribute does not equal ''System'', although it does contain, or match the word System.
Note 2: You probably worked it out for your self, but just to emphasise that the variable $i is a counter.
Moreover, ++ increments $i each time the 'where' statements makes a match. Incidentally, omitting $=0 at the beginning produces an unexpected, or undesirable result when you run the script for a
second time.
Challenge 1: Repeat the command with and without -force.
Challenge 2: Substitute this new 'where' clause on line 3: where {$_.attributes -ne
"Directory"}. -ne is the opposite of -eq. Thus this command filters out the directory entry.
# PowerShell cmdlet to list the System files in the root of C:\ $i=0 $GciFiles = gci c:\ -force |where {$_.attributes -ne "Directory"} foreach ($file in $GciFiles) {$i++} $GciFiles |sort |ft name, attributes -auto # $GciFiles |Get-Member $i
Guy Recommends: SolarWinds' Free Bulk Import Tool
Import users from a spreadsheet. Just provide a list of the
users with their fields in the
top row, and save as .csv file. Then launch this FREE utility and match
your fields with AD's
attributes, click to import the users. Optionally, you can
provide the name of the OU where the new accounts will be born.
There are also two bonus tools in this free download, and all 3 have been approved by Microsoft:
Outside of PowerShell, recurse is a little known verb meaning rerun. Inside of PowerShell, -recurse is one of the most famous parameters meaning: repeat the procedure on
sub-folders.
The point of this script is to list all the executables in the System32 folder. Moreover it will display the CreationTime, which can help determine if a file is up-to-date. This
technique is particularly useful for troubleshooting .dll files.
# PowerShell script to list the exe files under C:\Windows\System32 $i =0 $DllFiles = gci "C:\Windows\System32" -recurse | ? {$_.extension -eq ".exe"} Foreach ($Dll in $DllFiles) { $Dll.name
+ "`t " + $DLL.CreationTime + "`t " + $Dll.Length $i++ } Write-Host The total number of files is: $i
Note 1: This example uses two aliases; my principle reason was to make line 4 shorter. Gci is an alias for our featured command Get-Childitem, and the question mark (?) is
an alias for 'where'.
Note 2: The -recurse parameter comes directly after the name of the directory. For completeness, the location should be introduced by the -path parameter, but as this is
optional, I have omitted the -path parameter in this script. However, this is how to include the -path parameter. $DllFiles = gci -path "C:\Windows\System32" -recurse.
Note 3: If you investigate the file's properties, then you can spot other assets, for
example: LastWriteTime, or even Length. Here is how to employ Get-Member to list the properties.
Please email me if you have a better example script. Also please report any factual mistakes, grammatical errors or broken links, I will be happy to correct the fault.
Windows Management Instrumentation (WMI) is one of the hidden
treasures of Microsoft operating systems.
Fortunately, SolarWinds
have created the
Free WMI Monitor so that you can actually see and understand these gems of
performance information. Take the guess work out of which
WMI counters to use for applications like Microsoft Active Directory,
SQL or Exchange Server.
