powershell run command powershell to all logging users in server - powershell

how I can run this command in powershell to all users in the server?
powerShell -sta -file 'E:\Script-Popup\Popup-Message - Done.ps1'
that on every user who is currently connected to the server, this command will run.

Option 1:
Get connected users:
query user /server:SERVERNAME
For each user run:
$username = "username"
$password = "password"
$securePassword = ConvertTo-SecureString $password -AsPlainText -Force
$credential = New-Object System.Management.Automation.PSCredential $username,
$securePassword
Start-Process powershell.exe -Credential $credential -ArgumentList "-file
$script"
Option 2:
Configure a logon script using a GPO (the script will run when the users login)

You don't need PowerShell for that (but you can use it with PowerShell)
msg * 'This will be shown to all users as a pop up'
MS Learn - Terminal Server commands: MSG

Related

Running powershell script fails on windows server salve

I have the below code which runs from Jenkins on windows server 2019 slave:
$Username = $args[0]
$Password = $args[1]
$Env = $args[2]
$pass = ConvertTo-SecureString -AsPlainText $Password -Force
$Cred = New-Object System.Management.Automation.PSCredential -ArgumentList $Username,$pass
echo "******** Start SQL Deploy ********"
Start-Process -FilePath msbuild -ArgumentList '"Database Services\Database Services.sqlproj"','/t:deploy', '/p:Configuration=Release', '/p:TargetConnectionString=$Env', '/p:BlockOnPossibleDataLoss=True', '/p:TargetDatabase="test_fsdb"','-fl','-flp:logfile=msbuild.log' -wait -LoadUserProfile -credential $cred
Get-Content msbuild.log
echo "******** End SQL Deploy ********"
The parameters comes form Jenkinsfile. I'm using applicative user.
The error is:
Start-Process : This command cannot be run due to the error: The service cannot be started, either because it is
disabled or because it has no enabled devices associated with it.
I was able to run it locally, so I wonder if it's kind of permission issue on the salve...

SSH Connection & Commands using PLINK with Powershell

I'm trying to create a simple script which run a command and send the output to a variable.
this is the script:
$output = &"<Path to PLINK>\PLINK.exe" -ssh <username>#<IP Address> -pw <password> "my command"
the thing is the command im running is like "top" in linux - a task manager which won't quit until enter is being pressed.
how can i take the CLI output from that situation without touching my keyboard?
i wrote an automation with opening cmd and sending "keys" function inorder to get what i want but i cannot get the output from the CLI by doing so. (also i dont beleive its the right way.)
Thanks in advance.
As I saw in the following page:
Run As Admin
using the following code will run the programm PLINK.EXE for you.
$Username = 'Username'
$Password = 'Password'
$SecurePassword = ConvertTo-SecureString $Password -AsPlainText -Force
$Credential = New-Object System.Management.Automation.PSCredential ($Username,$SecurePassword)
Start-Process powershell.exe -Credential $Credential -NoNewWindow -ArgumentList "(Start-Process -FilePath '\\some\path\app.exe' -ArgumentList '/q).ExitCode"
I solved my issue by installing POSH-SSH module for Powershell.

PowerShell Computer StartUp-Script - Switch user-context?

Through Microsoft Group Policy I did define to run a Powershell-Script on Computer Start-Up. Also I have the requirement to run a Powershell-Script as Scheduled Task without saving credentials.
On both scenarios I have the same problem ...
I want to run a Citrix Powershell-Command (PSSnapIn) like:
Set-BrokerMachine -MachineName "domain.local\$env:COMPUTERNAME" -AdminAddress "RemoteServer.domain.local" -InMaintenanceMode $True
Manual: https://citrix.github.io/delivery-controller-sdk/Broker/Set-BrokerMachine/
Of course only users who have the permission could run those Citrix-commands. I would be able to give a domain-user the permission to run the command "Set-BrokerMachine", but in the mentioned scenarios the PowerShell-scripts run in context of the system-user.
I did simulate the system-user by PSExec:
Error running as System-User
My scripts do other things of course and I want to keep them running as System-User, but now I am looking for a clean solution to get those Citrix-commands running.
If possible, I don't want to save credentials in my scripts.
EDIT #1:
I would be able to workaround with the following code:
$Username = "MySpecialUser"
$Password = 'MyPassword'
$SecurePassword = ConvertTo-SecureString $Password -AsPlainText -Force
$Credential = New-Object System.Management.Automation.PSCredential $Username, $SecurePassword
$Result = Invoke-Command -Session ( New-PSSession -ComputerName "RemoteServer.domain.local" -Credential $Credential ) -ScriptBlock {
Add-PSSnapin Citrix*
Set-BrokerMachine -MachineName "domain.local\$args" -InMaintenanceMode $True
} -ArgumentList $env:COMPUTERNAME -HideComputerName
Remove-PSSession -InstanceId $Result.RunspaceId
I don't like this because:
The code has to contain credentials (ofc I could encrypt it ...)
I have to create a permission-system for this special user in Citrix
I have to put the special-user into a local-group on every server, to allow the remote-administration (security-risk)
I don't like to use PSSession
...
Is there a better/cleaner solution? Any ideas?

PowerShell Script fails to execute batch file on Remote server

I have a PowerShell script which works fine on windows server 2016 azure VM but fails to execute the same script from my build agent which is also window server 2016 OS azure VM.
No errors get logged in PowerShell due to which i am not able to figure out what is the reasons?
Is there any Prerequisites that i need to validate or install on the server for executing this script?
Below is the script which execute batch file present on another another VM.
$Username = 'ABC'
$Password = 'XYZ'
$pass = ConvertTo-SecureString -AsPlainText $Password -Force
$Cred = New-Object System.Management.Automation.PSCredential -ArgumentList $Username,$pass
try {
Invoke-Command -ComputerName "ServerName" -credential $cred -ErrorAction Stop -ScriptBlock {Invoke-Expression -Command:"cmd.exe /c 'C:\CI\Demo_CI.bat'"
Write-Host "done"
}
} catch {
Write-Host "error"
}
I believe what you are facing here is a Credential delegation issue, You can try enabling CredSSP in your build agent and the target "ServerName". To know more about credssp , see here, therwise you will have to use psexec in CI.

Start-Process: Access is denied (even though i've provided credentials

I am getting the following error when trying to execute a line of code
Start-Process : This command cannot be executed due to the error:
Access is denied.
This is the code being executed
$username = "domain\username"
$passwordPlainText = "password"
$password = ConvertTo-SecureString "$passwordPlainText" -asplaintext -force
$cred = New-Object -TypeName System.Management.Automation.PSCredential -argumentlist $username,$password
$powershellArguments = "D:\path\ps.script.ps1", "arg1", "arg2", "arg3", "arg4"
Start-Process "powershell.exe" -credential $cred -ArgumentList $powershellArguments -wait
This code works fine when executed locally, but not when called via vbs WMI
Both computers exist in the same domain and address range
The username and password supplied have admin privileges on both machines
I have tried both with and without -wait however neither works, and due to the user being privileged, I'd prefer to keep it
Q: Have you tried without the "-wait"?
Look at this link:
http://social.technet.microsoft.com/Forums/en-US/winserverpowershell/thread/3983a1e4-a663-47df-86f6-874d1828ea61/
The parameter "-wait" suppresses the command prompt or retains the
window until the process completes. This operation may require
administrator rights.