How to write a script that will enable PS Remoting and run a command on target computers when you have admin access.

This is shown assuming you want to play an MP4 using VLC on multiple target computers as an example only.

How to do this on one machine:

  • Open Powershell as an Administrator on the source computer.
  • Download & Extract PSTools.
  • Use this command from within the extracted directory:
    .PsExec.exe \<computer> -u <domain><adminaccount> -p <password> -s powershell Enable-PSRemoting -Force
  • Setup the Powershell Remote Session:
    $creds = $(Get-Credential)$session = New-PSSession -ComputerName <computername> -Credential $creds
  • Get MP4 to the machine:
    Copy-Item -ToSession $session -Path <local-path-to-MP4> -Destination <remote-path-to-MP4>
  • Connect to the machine:
    Enter-PSSession $session
  • Get VLC:
    Invoke-WebRequest -Uri http://www.gtlib.gatech.edu/pub/videolan/vlc/3.0.3/win64/vlc-3.0.3-win64.exe -OutFile vlc-3.0.3-win64.exe
  • Install VLC:
    .vlc-3.0.3-win64.exe /L=1033 /S
    This takes like 2 minutes.
  • Run MP4 file:
    C:Program FilesVideoLANVLCvlc.exe' <remote-path-to-MP4>

Replace <domain> with <computer> if you aren’t in a domain. To do this for all 3 at once, you’ll need to create an array of the 3 computer names:

$targets = @() $targets += "<computername1>" $targets += "<computername2>" $targets += "<computername3>" 

Then do foreach through the array doing this to each one for the entire script above, but modified to make them jobs instead so they’re done simultaneously:

$creds = $(Get-Credential); $($targets).foreach{ Start-Job -ScriptBlock{ .PsExec.exe \$_ -u <domain><adminaccount> -p <password> -s powershell Enable-PSRemoting -Force New-Variable -Name $_ -Value $(New-PSSession -ComputerName $_ -Credential $creds) Copy-Item -ToSession $(Get-Variable -Name $_ -ValueOnly) -Path <local-path-to-MP4> -Destination <remote-path-to-MP4> Enter-PSSession $(Get-Variable -Name $_ -ValueOnly) Invoke-WebRequest -Uri http://www.gtlib.gatech.edu/pub/videolan/vlc/3.0.3/win64/vlc-3.0.3-win64.exe -OutFile vlc-3.0.3-win64.exe .vlc-3.0.3-win64.exe /L=1033 /S 'C:Program FilesVideoLANVLCvlc.exe' <remote-path-to-MP4> }; }; Get-Job | Receive-Job -Wait | Format-Table -AutoWidth; 

The last line is just getting the results of the job, but waiting for it to complete, then formatting that data into a table. It will probably be gibberish/useless.

You could have the array that’s created be an associative array with the key being the credentials object and the value being the session object so that you can use different Admin credentials based on the machine being accessed and just swap that out for the $creds variable. So something like $($_).key possibly (not sure as I know .keys is a method for an entire array).

If you want the script to be 100% automated so you don’t have to enter credentials, run this command when creating the script:

read-host -assecurestring | convertfrom-securestring | out-file C:mysecurestring.txt 

Enter your password then press Enter and it will be in the file for later. This is a one way to store a password and when I type this: Hello, how are you? It comes out as this after conversion:

01000000d08c9ddf0115d1118c7a00c04fc297eb01000000c1d23e75e1df0a44a41e249bda47eaf300000000020000000000106600000001000020000000063d8fe8776a0397573150ecee49952b35b9ee9de57aed1d3cbf21f23e9497be000000000e80000000020000200000001c01aba6d56ddb47b9861f46f5fc185ff8261b89c1d847fe5f60fd45158e998030000000bfe478455be31a77bfb596ef7d9fc4985b1b67b8ec77e5bb4a5d27b44d710d23c11d3b7930d9755651744dbd50e5630740000000e4c3726040351056e3206da975737ef39ff3b74f37ca0541ef37c033ce5945600723b49536ca3713fa9c029f696faaa05fa7c74aeb83fd931835fe0477207277 

Not sure if that’s all you need to reproduce the password or if that’s somehow system/user dependent. I’d still protect that file regardless and give it very strict permissions. But anyway…

Then replace $creds = $(Get-Credential); with this:

$username = "<domain><adminaccount>" $password = Get-Content 'C:mysecurestring.txt' | ConvertTo-SecureString $creds = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $username, $password 

Then it will auto-set the credentials needed assuming all target computers need the same admin credentials. I’m sure there’s enough here to figure out how to do it with different credentials by system.

Use the following to clean the source computer of leftover items after the script runs:

Remove-Job * Remove-PSSession * 

Don’t include it in the Script because trying to remove a job when it’s still running will just cause the command to fail, and you wouldn’t want to remove the PSSession mid-script for obvious reasons.

submitted by /u/WonderfulWafflesLast
[link] [comments]

Leave a Reply