Running a application on a remote machine

This topic contains 2 replies, has 3 voices, and was last updated by  Adam Bertram 2 weeks, 1 day ago.

  • Author
    Posts
  • #84905

    Gareth Wynne
    Participant

    Hello

    Some help please, the code below works apart from the running of the application I have tried many variations the current one the working directory cannot be found. But other instances produce access denied or the code completes but nothing happens on the machine. I have really new to powershell so any help with tidying up my code as well as getting the running of the program would be great.

     Invoke-Command -ComputerName $computer -ScriptBlock {Start-Process NTRmv.exe -WorkingDirectory "%programfiles(x86)%\Trend Micro\OfficeScan Client"} 

    I have tried

    $Computers = Get-content "C:\Comps.txt"
    $Cred = Get-Credential ""
    $RegKey = “HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\TrendMicro\PC-cillinNTCorp\CurrentVersion\Misc.”
    $Name = "Allow Uninstall"
    $Type = "DWord"
    $value = "1"
    
    
    ForEach($computer in $computers) 
    {
        If(Test-Connection -ComputerName $computer -BufferSize 16 -count 1 -Quiet)
        {     
            Get-Service remoteregistry -ComputerName $computer | Start-Service   
            $service1 = Get-service "ntrtscan" -ComputerName $computer -ErrorAction SilentlyContinue
            $service2 = Get-service "tmccsf" -ComputerName $computer -ErrorAction SilentlyContinue
            $service3 = Get-service "tmlisten" -ComputerName $computer -ErrorAction SilentlyContinue
            $Service4 = Get-service "winrm" -ComputerName $computer -ErrorAction SilentlyContinue
    
            Invoke-Command -ComputerName $computer -ScriptBlock {Set-ExecutionPolicy Unrestricted -Force}
    
            If ($service1 –eq $null –or $service1.status –eq “Stopped”)
            {
                Write-host $($computer + ' Service has already stopped or does not exist') -BackgroundColor Red
            }
            else
            {
                $Service1 | Stop-Service -Force -ErrorAction Continue
            }
            If ($service2 –eq $null –or $service2.status –eq “Stopped”)
            {
                Write-host $($computer + ' Service has already stopped or does not exist') -BackgroundColor Red
            }
            else
            {
                $Service2 | Stop-Service -Force -ErrorAction Continue
            }
            if ($service3 –eq $null –or $service3.status –eq “Stopped”)
            {
                Write-host $($computer + ' Service has already stopped or does not exist') -BackgroundColor Red 
            }
            else
            {
                $Service3 | Stop-Service -Force -ErrorAction Continue 
            }
    
            If ($service4 -eq $null –or $service4.status –eq “Running”)
            {
                Write-host $($computer + '    Service has already started') -BackgroundColor Red
            }    
            else
            {
                $service4 | Start-Service -ErrorAction SilentlyContinue   
            }
            
                   
            
            
            $s = New-PSSession -ComputerName $computer -Credential $Cred -ThrottleLimit 16 -ErrorAction SilentlyContinue 
            Import-PSSession -Session $s -CommandName *-Process -Prefix Remote -AllowClobber
    
    
            $PCCNTMON = Get-RemoteProcess -name 'PCCNTMON' -ErrorAction SilentlyContinue
    
             If($PCCNTMON -eq $null)
            {
                Write-Host $($Computer +"  Process has already stopped") -BackgroundColor Red
            }
            Else
    
            {
                $PCCNTMON | Stop-Remoteprocess -force -ErrorAction SilentlyContinue
    
            }
            
    
            Invoke-Command -ComputerName $computer -ScriptBlock {Start-Process NTRmv.exe -WorkingDirectory "%programfiles(x86)%\Trend Micro\OfficeScan Client"}
    
            $s | Remove-PSSession
    
    
    
    
    
        }
        Else
       {
            write-host $($computer + '  is offline')
        }
    }
    
    
  • #84917

    postanote
    Participant

    PowerShell will always run in the context of the calling user identity.

    If you are not an administrator on the local and or remote host, or know the credentials of an admin account on said same, you can not use PowerShell Remoting. Obviously cannot do admin level stuff on systems where you are not an admin.

    You do not state if these are AD joined systems or workgroup systems. Workgroup systems require more setup to do PowerShell Remoting.

    You do not state what version of PowerShell you are running.

    If you step away from this level of scripting, say do something a bit simpler. like trying to start say, notepad on a remote machine and seeing what happens. This would provide additional clarity as to why you are seeing what you are seeing.
    See a longer explanation of this soft of thing here: 'tomsitpro.com/articles/powershell-remotely-invoke-applications,2-41.html'

    As for the script, if all this is supposed to run on the remote hosts then you do not have this put together properly.
    You have a few Invoke commands, which is there to execute the remote machine, but you have a lot of items in the script that will only run locally.

    Anything you plan to run on a remote host, must in the Invoke script block or directly called via cmdlets which have a -computer switch.

    You also have a few items makes me wonder what you are trying to accomplish. For example, on native PoSH, there is no cmdlet called Get-RemoteProcess or Stop-RemoteProcess. Where are you getting this from?

    I tried to tweak, well quick rewrite actually (see it below), your script, but of course I cannot test it as I do not use TrendMicro as my AV solution. So, that is your homework assignment. 8^}

    Also, if WinRM is not running, lots of failure will occur, since it is required for PowerShell Remoting to work at all.

    As for running application on a remote host, see this article for a longer explanation.
    'http://www.tomsitpro.com/articles/powershell-remotely-invoke-applications,2-41.html'

    Also, of note, in attempting specific activities, there are specific Windows security boundaries that cannot be violated, Windows will not allow specific activities.

    I would strongly suggest you make this a scheduled task to run on the remotes hosts. You can use PowerShell to create the task and have it run immediately or at another time of course.

    There are always more than one to do something in PoSH, some more elegant than others, but here is my take on your effort. Again, quickly put together and not tested.

    $computers = ('pc01','pc02','pc03')

    ForEach($computer in $computers)
    {
    If(Test-Connection -ComputerName $computer -BufferSize 16 -count 1 -Quiet)
    {
    "$computer is online"

    $TargetServices = ('winrm','remoteregistry','ntrtscan','tmccsf','tmlisten')

    ForEach ($TargetService in $TargetServices)
    {
    If($TargetService -match 'winrm|remoteregistry')
    {
    If ((Get-Service -ComputerName $computer -Name $TargetService).Status -notmatch 'Running' )
    {
    Write-Warning -Message "On $computer, the Service $TargetService is stopped. Starting service"
    Get-Service -ComputerName $computer -Name $TargetService | Start-Service -ErrorAction Continue -WhatIf
    }
    Else {Write-Warning -Message "On $computer, the Service $TargetService is already running"}
    }
    Else
    {
    If($TargetService -notmatch 'winrm|remoteregistry')
    {
    If ((Get-Service -ComputerName $computer -Name $TargetService).Status -match 'Stopped' )
    {Write-Warning -Message "On $computer, the Service $TargetService is already stopped or does not exist"}
    Else
    {
    Write-Warning -Message "On $computer, the Service $TargetService is running. Stopping service"
    Get-Service -ComputerName $computer -Name $TargetService | Stop-Service -Force -ErrorAction Continue -WhatIf
    }
    }
    }
    }
    }
    Else
    {Write-Warning -Message "$computer is offline or does not exist"}
    }

    Invoke-Command -ComputerName $computer `
    -ScriptBlock {Start-Process -FilePath "%programfiles(x86)%\Trend Micro\OfficeScan Client\NTRmv.exe"}

    If (Invoke-Command -ComputerName $computer `
    -ScriptBlock {Get-Process -Name 'PCCNTMON' -ErrorAction SilentlyContinue})
    {
    Write-Warning -Message "On $Computer, PCCNTMON Process still running. Stopping process"
    Invoke-Command -ComputerName $computer `
    -ScriptBlock {Get-Process -Name 'PCCNTMON' `
    -ErrorAction SilentlyContinue `
    | Stop-Process -Name 'PCCNTMON' -force -ErrorAction SilentlyContinue}
    }
    Else {Write-Warning -Message "On $Computer, PCCNTMON Process is not running."}

  • #85210

    Adam Bertram
    Moderator

    Moving to correct forum.

You must be logged in to reply to this topic.