Embedded Files
Professional-grade version of my scripts, written from the perspective of an IT Support / SysAdmin / Helpdesk Level 1–2 role.
I keep the scripts realistic, explain why each command exists, add common variations, and point out best practices you would be expected to know in interviews or production.
1️⃣ User Management – Create a New Active Directory User
1️⃣ User Management – Create a New Active Directory User
Purpose (Professional Context)
Purpose (Professional Context)
This script automates user provisioning in Active Directory.
Typical use cases:
• New employee onboarding
• Bulk user creation (HR-driven processes)
• Reducing manual errors in ADUC
Prerequisites
Prerequisites
• RSAT installed
• ActiveDirectory module loaded
• Sufficient AD permissions
Import-Module ActiveDirectory
Improved Script (Secure & Production-Ready)
Improved Script (Secure & Production-Ready)
# User identity variables
$FirstName = "John"
$LastName = "Doe"
$SamAccount = "jdoe"
$UPNSuffix = "example.com"
$OU = "OU=Users,DC=example,DC=com"
# Prompt securely for password (BEST PRACTICE)
$SecurePassword = Read-Host "Enter temporary password" -AsSecureString
# Create the AD user
New-ADUser `
-Name "$FirstName $LastName" `
-GivenName $FirstName `
-Surname $LastName `
-SamAccountName $SamAccount `
-UserPrincipalName "$SamAccount@$UPNSuffix" `
-Path $OU `
-AccountPassword $SecurePassword `
-Enabled $true `
-ChangePasswordAtLogon $true
Key Concepts Explained
Key Concepts Explained
• SamAccountName → legacy login (DOMAIN\user)
• UserPrincipalName (UPN) → modern login (user@domain)
• ChangePasswordAtLogon → security compliance
• Read-Host -AsSecureString → avoids storing passwords in plain text
Real-World Variation
Real-World Variation
Bulk creation from CSV:
Import-Csv users.csv | ForEach-Object {
New-ADUser -Name "$($_.FirstName) $($_.LastName)" -SamAccountName $_.Sam
}
2️⃣ User Management – Reset an Active Directory Password
2️⃣ User Management – Reset an Active Directory Password
Purpose (Professional Context)
Purpose (Professional Context)
Used for:
• Locked-out users
• Forgotten passwords
• Security incidents
Improved Script
Improved Script
Import-Module ActiveDirectory
$User = "jdoe"
# Secure password prompt
$NewPassword = Read-Host "Enter new password" -AsSecureString
# Reset password
Set-ADAccountPassword `
-Identity $User `
-NewPassword $NewPassword `
-Reset
# Force password change at next login
Set-ADUser -Identity $User -ChangePasswordAtLogon $true
Why This Matters
Why This Matters
• -Reset bypasses the old password
• Helps comply with ISO 27001 / SOC2 style controls
• Common Tier-1 helpdesk task
3️⃣ System Monitoring – Check Disk Space on a Remote Server
3️⃣ System Monitoring – Check Disk Space on a Remote Server
Purpose (Professional Context)
Purpose (Professional Context)
Used to:
• Prevent outages
• Monitor servers before patching
• Validate alerts from RMM tools
Modern Version (CIM instead of WMI)
Modern Version (CIM instead of WMI)
$ServerName = "RemoteServer"
Get-CimInstance Win32_LogicalDisk -ComputerName $ServerName -Filter "DriveType=3" |
Select-Object `
DeviceID,
@{Name="FreeGB";Expression={[math]::Round($_.FreeSpace / 1GB,2)}},
@{Name="TotalGB";Expression={[math]::Round($_.Size / 1GB,2)}} |
Format-Table -AutoSize
Why Get-CimInstance?
Why Get-CimInstance?
• Faster
• Uses WS-Man (firewall friendly)
• WMI is deprecated
Interview Tip
Interview Tip
Mention disk thresholds (ex: alert below 15%).
4️⃣ System Monitoring – Monitor CPU Usage (Real-Time)
4️⃣ System Monitoring – Monitor CPU Usage (Real-Time)
Purpose (Professional Context)
Purpose (Professional Context)
Used when:
• Diagnosing performance complaints
• Validating load after deployments
• Confirming CPU spikes
Improved Script with Exit Control
Improved Script with Exit Control
$ServerName = "RemoteServer"
Write-Host "Press CTRL+C to stop monitoring"
while ($true) {
$CPU = Get-CimInstance Win32_Processor -ComputerName $ServerName |
Measure-Object LoadPercentage -Average |
Select-Object -ExpandProperty Average
Write-Host "$(Get-Date -Format HH:mm:ss) CPU Usage: $CPU %"
Start-Sleep -Seconds 5
}
Best Practice
Best Practice
CPU > 85% sustained → investigate:
• Services
• Scheduled tasks
• Malware
• Misconfigured applications
5️⃣ System Monitoring – Get Installed Software on a Remote Server
5️⃣ System Monitoring – Get Installed Software on a Remote Server
Purpose (Professional Context)
Purpose (Professional Context)
Used for:
• Asset inventory
• Security audits
• License compliance
• Incident response
Reliable Registry-Based Method
Reliable Registry-Based Method
$ServerName = "RemoteServer"
Invoke-Command -ComputerName $ServerName -ScriptBlock {
Get-ItemProperty `
HKLM:\Software\Microsoft\Windows\CurrentVersion\Uninstall\*,
HKLM:\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\* |
Select-Object DisplayName, DisplayVersion, Publisher |
Where-Object { $_.DisplayName } |
Sort-Object DisplayName
}
Why Not Win32_Product?
Why Not Win32_Product?
🚫 Triggers MSI repair
🚫 Extremely slow
🚫 Can break applications
Export to CSV (Common Task)
Export to CSV (Common Task)
... | Export-Csv "InstalledSoftware.csv" -NoTypeInformation
Professional Summary (What This Demonstrates)
Professional Summary (What This Demonstrates)
• Active Directory administration
• Secure credential handling
• Remote management via PowerShell
• Monitoring & diagnostics
• Real-world IT operational skills
These scripts align directly with Helpdesk L1–L2, Junior SysAdmin, and IT Analyst expectations.
Below is an interview-ready training module built from your PowerShell scripts.
Each section contains:
1️⃣ a spoken answer (what you say out loud)
2️⃣ a technical deepening (what impresses a technical interviewer)
3️⃣ common follow-up questions
4️⃣ PowerShell + productivity tips
---
1️⃣ Create a New Active Directory User
1️⃣ Create a New Active Directory User
⭐ Spoken answer (concise, professional)
“When onboarding a new employee, I use PowerShell to create the Active Directory account with standardized attributes such as name, UPN, OU location, and a temporary password. I enable the account and force a password change at first login to meet security requirements.”
⭐ Technical deepening (what shows expertise)
• I use the ActiveDirectory module via RSAT
• I avoid hard-coded passwords and prompt securely
• I assign the correct OU to apply GPOs automatically
• I use UPN for modern authentication compatibility (M365, SSO)
⭐ Follow-up questions interviewers ask
• How would you bulk-create users from HR data?
• Why separate OU placement matters?
• Difference between SamAccountName and UPN?
⭐ PowerShell tip
Ctrl + Space → autocomplete cmdlets and parameters
Get-ADUser -Filter * | Select Name → quick validation
2️⃣ Reset a User Password
2️⃣ Reset a User Password
⭐ Spoken answer
“For password resets, I securely reset the account using Set-ADAccountPassword and force a password change at next login. This prevents password reuse and supports compliance policies.”
⭐ Technical deepening
• -Reset bypasses the old password
• Used during lockouts or identity verification
• Often paired with account unlock (Unlock-ADAccount)
⭐ Common follow-ups
• Difference between reset and change?
• How do you verify user identity?
• How do you unlock an AD account?
⭐ PowerShell tip
Unlock-ADAccount -Identity jdoe
3️⃣ Check Disk Space on a Remote Server
3️⃣ Check Disk Space on a Remote Server
⭐ Spoken answer
“I remotely check disk usage using CIM queries to proactively detect low disk space, especially before patching or deployments.”
⭐ Technical deepening
• I use Get-CimInstance instead of WMI
• I filter DriveType=3 (local disks only)
• I convert bytes to GB for readability
⭐ Follow-ups
• What disk threshold is critical?
• How would you automate alerts?
• How does this integrate with RMM tools?
⭐ PowerShell + automation tip
| Where-Object { $_.FreeGB -lt 15 }
4️⃣ Monitor CPU Usage Remotely
4️⃣ Monitor CPU Usage Remotely
⭐ Spoken answer
“When users report slowness, I monitor CPU usage in real time to determine whether the issue is system load, a process spike, or external dependency.”
⭐ Technical deepening
• Uses average CPU across cores
• Time-based sampling avoids false positives
• Helps isolate scheduled tasks or runaway services
⭐ Follow-ups
• What CPU percentage is considered unhealthy?
• How do you identify the process causing it?
• Difference between CPU and memory bottlenecks?
⭐ PowerShell tip
Get-Process | Sort CPU -Descending | Select -First 5
5️⃣ Get Installed Software on a Remote Server
5️⃣ Get Installed Software on a Remote Server
⭐ Spoken answer
“I retrieve installed software via registry queries instead of Win32_Product to avoid triggering MSI repairs and performance issues.”
⭐ Technical deepening
• Queries both 32-bit and 64-bit uninstall keys
• Used for asset inventory and security audits
• Exportable to CSV for compliance reports
⭐ Follow-ups
• Why avoid Win32_Product?
• How do you detect unauthorized software?
• How would you uninstall remotely?
⭐ PowerShell productivity tip
Export-Csv software.csv -NoTypeInformation
English Improvement – Interview Language Polishing
English Improvement – Interview Language Polishing
⭐ Original style
“I use PowerShell to do user creation.”
⭐ Improved
“I automate Active Directory user provisioning using PowerShell to reduce manual errors and enforce consistency.”
⭐ Why better
• Uses action verbs
• Shows intent and outcome
• Sounds senior, not mechanical
Keyboard Shortcuts for Live Interviews
Keyboard Shortcuts for Live Interviews
⭐ Ctrl + R → reverse search previous commands
⭐ Tab → fastest way to avoid typos
⭐ Get-Help Cmdlet -Examples → instant recall under stress
Final Interview Pattern (Memorize This)
Final Interview Pattern (Memorize This)
⭐ Action → what you do
⭐ Tool → PowerShell / AD / CIM
⭐ Reason → security, automation, reliability
⭐ Result → reduced errors, faster resolution
---
@mikefrobbins
https://x.com/mikefrobbins?t=2Zel2V5I4lVZa47beLlVxg&s=09
PacktPub.com #PDF
PacktPub.com/mapt #Web Course
Page updated
Google Sites
Report abuse