Author Posts

March 16, 2017 at 8:02 pm

I have looked for weeks, and had others research with/for me, but I haven't found the answer to this.

I have a script that lives on server 1, and needs to be executed on server 1 using certain credentials. The ultimate solution will help with decrypting files. The script must execute as a certain user on a certain server because the key pair is in the user's key ring on that server.

I want the script to be called from server 2 as part of a larger process. Server 2 has a sql job which has the following flow:

  1. Step 1 of the job uses a powershell script to download the file
  2. Step 2 of the job needs to execute the script on server 1 to decrypt the file (** this is the step I am talking about here)
  3. Step 3 of the job will run a powershell script to check the file attributes (last written date, file size as compared to yesterday, etc)
  4. Step 4 of the job will restore the log file

The script on server 1 runs locally without any issues, and produces the expected results. When attempting to have server 2 execute the script on server 1, I haven't had any success. In order to get as simple as possible for finding out what is actually not working, I came up with a set of scripts which are simple (see below).

  • When I run script 1 on server 1 (where the file physically lives), it works fine. The text file is produced with "hello world" in the file.
  • When I run script 2 on server 2 (I didn't save a file, just ran it in the ISE window), it runs without errors or warnings, but the file that should be written doesn't exist on server 1 (nor on server 2 – not that it should but I checked to see anyway).
  • I am not a powershell guru of any kind – so I apologize now if it is a very obvious thing. 🙂

    #-------------------------------------
    # script 1
    # this script lives on server 1
    # file name: c:\deleteme\helloworld2.ps1
    
    $CMD = Invoke-Expression " `"hello world`" >> C:\deleteme\helloworld.txt"
    Invoke-Command -ScriptBlock { $CMD }
    
    
    
    #-------------------------------------
    # script 2
    # this script is executed on server 2 and attempts to execute the script on server 1
    
    $session = New-PSSession -ComputerName "SERVER01.lahcg.com" #-Credential $username
    
    
    $CMD = "Invoke-Command -ScriptBlock { powershell.exe `"C:\deleteme\helloworld2.ps1`" } "
    #write-output $CMD
    Invoke-Command -Session $session -ScriptBlock { $CMD }
    
    Remove-PSSession $session
    

    Environment Info:

  • Server 1: Windows Server 2008 R2 Standard with Powershell 2
  • Server 2: Windows Server 2012 R2 Datacenter with Powershell 4

Extra Notes:

  • I do have the enable remote set ok... I found that earlier when researching.
  • I am using different versions of Powershell , but since the script on server 1 is running ok locally, I didn't think that was a problem.
  • I have gotten the credential part to work on another script – so I am not asking about that in this post. I left it in the script, commented out for reference.

March 16, 2017 at 9:56 pm

There shouldn't be a need to call powershell.exe or do this nested Invoke-Command thing. Try running it like this:

Invoke-Command -Session $Session -ScriptBlock { & "C:\deleteme\helloworld2.ps1" }

March 17, 2017 at 5:42 pm

That requires the script to live locally, doesn't it? Server 2 starts the process, then calls out to server 1 to run the script that lives on server 1.

March 17, 2017 at 11:02 pm

If you run this from SERVER2:

Invoke-Command -Session $Session -ScriptBlock { & "C:\deleteme\helloworld2.ps1" }

This will be executed on SERVER1 (provided that's where the $Session variable points):

& "C:\deleteme\helloworld2.ps1"

In this case, the helloworld2.ps1 script would have to live in C:\deleteme on SERVER1.