I'm trying to automate the upgrading of Spotfire BI system on our Windows servers.
The instructions show a command that can be used to silently install which states the location of the executable file followed by all the required options/parameters as shown with this example:
install.exe INSTALLDIR="<node manager installation dir>" NODEMANAGER_REGISTRATION_PORT=9080 NODEMANAGER_COMMUNICATION_PORT=9443 SERVER_NAME=SpotfireServerName SERVER_BACKEND_REGISTRATION_PORT=9080 SERVER_BACKEND_COMMUNICATION_PORT=9443 NODEMANAGER_HOST_NAMES=NodeManagerHostNames NODEMANAGER_HOST=NodeManagerHost -silent -log "C:\Users\user\Log file.log"
This does work, and as long as it preceded by the call operator (&), it runs well in PowerShell. However, I can't get it to work when running this on a remote server:
function nodeManagerUpgrade {
Param([String]$ServiceName1,
[String]$InstallDirectory,
[String]$HostNames1
)
Stop-Service $ServiceName1
# this is the line that fails
& "X:/downloads/spotfire/install.exe" INSTALLDIR="$InstallDirectory" NODEMANAGER_REGISTRATION_PORT=17080 NODEMANAGER_COMMUNICATION_PORT=17443 SERVER_NAME=localhost SERVER_BACKEND_REGISTRATION_PORT=19080 SERVER_BACKEND_COMMUNICATION_PORT1=9443 NODEMANAGER_HOST_NAMES=$HostNames1 -silent -log "install.log"
}
Invoke-Command -ComputerName $NodeIP -ScriptBlock ${function:nodeManagerUpgrade} -argumentlist ($ServiceName,$InstallDirectory,$HostNames) -credential $credentials
I can run the code contained in the function directly on the remote server and it works correctly. However, when I try and run it from the central server through WinRM/Invoke-Command within a function, it fails giving me this error:
The term 'X:/downloads/spotfire/install.exe' is not recognized as the name of a cmdlet
Is it possible to run an executable using PowerShell on a remote server?
Your executable path is based on a drive letter, X:.
However, in remote sessions mapped drives (drives connected to network shares) aren't available by default, so you have two options:
Establish a (temporary) drive mapping with New-PSDrive before calling the executable (e.g., $null = New-PSDrive X FileSystem \\foo\bar)
More simply, use the full UNC path of the target executable (e.g. & \\foo\bar\downloads\spotfire\install.exe ...)
If the target executable isn't actually accessible from the remote session, you'd have to copy it there first, which requires establishing a remote session explicitly and using Copy-Item -ToSession - see the docs for an example.
Related
I am unable to access the UNC paths on my servers in a Powershell remote session from my local machine. I am able to use them from Servers Cmd prompt directly.
Actually, I have logged into the server and mapped a UNC path as local drive (say X:). Used Reconnect on Login option.
I have a batch file which resides in this X: drive, I want to run it remotely using invoke command from my local script. But, it fails.
It says "Cannot find drive. A drive with name X doesn't exist".
Also, when I try to map drive using net use command in the scriptblock then also it throws an error - System error 1223 - Native Command Error.
I use administrator credentials to log into this server.
Can anyone please help me on this, all i want to do is to run the script remotely which resides on this UNC path ?
Also, when I map a UNC Path in the server as a local drive, why am I unable to use it in a PS remote session ?
Thanks in Advance.
TS
You've really got 3 different things going on here.
1 & 3. Drives are only mapped when you log on interactively. So when you remoted into the other computer, mapped a drive, and then logged off/disconnected, that mapped drive was disconnected. Except in interactive GUI user sessions, you cannot depend upon a mapped drive letter that you don't create yourself. Within scripts or any remote session, just use UNC paths for everything - it's more reliable.
2 . When you attempt to map the drive in the remote PS session, you're encountering what's known as the "double hop" problem. There is a solution to this, but there's extra setup you have to do. See Double hop access to copy files without CredSSP
alroc's helpful answer explains the problem well and points to resources for solving it through prior configuration.
An explanation of the underlying problem, the infamous Kerberos double-hop problem, as well as an overview of available solutions can be found in this blog post.
As for an ad hoc solution for accessing a network share in a remote session (PSv3+):
Pass the credentials for the session via a variable; e.g., -Credential $cred
Then use these credentials inside the session too - e.g., as $using:cred - to establish a session-scoped auxiliary drive that maps the network location, using New-PSDrive.
Once the drive has been mapped, the target location is accessible - whether via the drive name, or directly by UNC path.
Note: This is a variation of the approach discovered by the OP him/herself and discussed briefly in a comment on alroc's answer, except that New-PSDrive is used rather than net use, which obviates the need for retrieving the password as plain text.
The following sample code demonstrates running a script from a network share from inside a remote session:
# A sample script to run from a network share on a remote computer.
$script = '\\server-001\install\Install-Agent.ps1'
# A sample target computer.
$computer = 'ws-002'
# Obtain the credentials for the remote session and store them in a variable.
$cred = Get-Credential $env:USERNAME
Invoke-Command -ComputerName $computer -Credential $cred {
# Map the target network share as a dummy PS drive using the passed-through
# credentials.
# You may - but needn't - use this drive; the mere fact of having established
# a drive with valid credentials makes the network location accessible in the
# session, even with direct use of UNC paths.
$null = New-PSDrive -Credential $using:cred -Name dummy -Root (Split-Path -Parent $using:script) -PSProvider FileSystem
# Invoke the script via its UNC path.
& $using:script
}
Note:
$null = ... suppresses New-PSDrive's output (it outputs an object describing the newly created drive).
Since the drives created by New-PSDrive are not persistent (except if you pass -Persist), there's no need to explicitly remove the dummy drive again, but you can do so with Remove-PSDrive.
Also note that PS drive definitions are scoped so that only the calling scope and its descendants see the drive; this enables wrapping statements in & { ... } to call them in a child scope, which means the a PS drive created inside that block will automatically go out of scope when the block is exited.
You can try to open the script by calling a WmiMethod :
$cmd = "CMD.EXE /c *\\\servername\somefolder\yourscript*.cmd"
Invoke-WmiMethod -class Win32_process -name Create -ArgumentList $cmd -ComputerName *servername*
Note that this will run the script on the server. You can do much more with that, like installing a package remotely (after copying the package locally on the remote machine).
Hope this help!
I am unable to access the UNC paths on my servers in a Powershell remote session from my local machine. I am able to use them from Servers Cmd prompt directly.
Actually, I have logged into the server and mapped a UNC path as local drive (say X:). Used Reconnect on Login option.
I have a batch file which resides in this X: drive, I want to run it remotely using invoke command from my local script. But, it fails.
It says "Cannot find drive. A drive with name X doesn't exist".
Also, when I try to map drive using net use command in the scriptblock then also it throws an error - System error 1223 - Native Command Error.
I use administrator credentials to log into this server.
Can anyone please help me on this, all i want to do is to run the script remotely which resides on this UNC path ?
Also, when I map a UNC Path in the server as a local drive, why am I unable to use it in a PS remote session ?
Thanks in Advance.
TS
You've really got 3 different things going on here.
1 & 3. Drives are only mapped when you log on interactively. So when you remoted into the other computer, mapped a drive, and then logged off/disconnected, that mapped drive was disconnected. Except in interactive GUI user sessions, you cannot depend upon a mapped drive letter that you don't create yourself. Within scripts or any remote session, just use UNC paths for everything - it's more reliable.
2 . When you attempt to map the drive in the remote PS session, you're encountering what's known as the "double hop" problem. There is a solution to this, but there's extra setup you have to do. See Double hop access to copy files without CredSSP
alroc's helpful answer explains the problem well and points to resources for solving it through prior configuration.
An explanation of the underlying problem, the infamous Kerberos double-hop problem, as well as an overview of available solutions can be found in this blog post.
As for an ad hoc solution for accessing a network share in a remote session (PSv3+):
Pass the credentials for the session via a variable; e.g., -Credential $cred
Then use these credentials inside the session too - e.g., as $using:cred - to establish a session-scoped auxiliary drive that maps the network location, using New-PSDrive.
Once the drive has been mapped, the target location is accessible - whether via the drive name, or directly by UNC path.
Note: This is a variation of the approach discovered by the OP him/herself and discussed briefly in a comment on alroc's answer, except that New-PSDrive is used rather than net use, which obviates the need for retrieving the password as plain text.
The following sample code demonstrates running a script from a network share from inside a remote session:
# A sample script to run from a network share on a remote computer.
$script = '\\server-001\install\Install-Agent.ps1'
# A sample target computer.
$computer = 'ws-002'
# Obtain the credentials for the remote session and store them in a variable.
$cred = Get-Credential $env:USERNAME
Invoke-Command -ComputerName $computer -Credential $cred {
# Map the target network share as a dummy PS drive using the passed-through
# credentials.
# You may - but needn't - use this drive; the mere fact of having established
# a drive with valid credentials makes the network location accessible in the
# session, even with direct use of UNC paths.
$null = New-PSDrive -Credential $using:cred -Name dummy -Root (Split-Path -Parent $using:script) -PSProvider FileSystem
# Invoke the script via its UNC path.
& $using:script
}
Note:
$null = ... suppresses New-PSDrive's output (it outputs an object describing the newly created drive).
Since the drives created by New-PSDrive are not persistent (except if you pass -Persist), there's no need to explicitly remove the dummy drive again, but you can do so with Remove-PSDrive.
Also note that PS drive definitions are scoped so that only the calling scope and its descendants see the drive; this enables wrapping statements in & { ... } to call them in a child scope, which means the a PS drive created inside that block will automatically go out of scope when the block is exited.
You can try to open the script by calling a WmiMethod :
$cmd = "CMD.EXE /c *\\\servername\somefolder\yourscript*.cmd"
Invoke-WmiMethod -class Win32_process -name Create -ArgumentList $cmd -ComputerName *servername*
Note that this will run the script on the server. You can do much more with that, like installing a package remotely (after copying the package locally on the remote machine).
Hope this help!
I am unable to access the UNC paths on my servers in a Powershell remote session from my local machine. I am able to use them from Servers Cmd prompt directly.
Actually, I have logged into the server and mapped a UNC path as local drive (say X:). Used Reconnect on Login option.
I have a batch file which resides in this X: drive, I want to run it remotely using invoke command from my local script. But, it fails.
It says "Cannot find drive. A drive with name X doesn't exist".
Also, when I try to map drive using net use command in the scriptblock then also it throws an error - System error 1223 - Native Command Error.
I use administrator credentials to log into this server.
Can anyone please help me on this, all i want to do is to run the script remotely which resides on this UNC path ?
Also, when I map a UNC Path in the server as a local drive, why am I unable to use it in a PS remote session ?
Thanks in Advance.
TS
You've really got 3 different things going on here.
1 & 3. Drives are only mapped when you log on interactively. So when you remoted into the other computer, mapped a drive, and then logged off/disconnected, that mapped drive was disconnected. Except in interactive GUI user sessions, you cannot depend upon a mapped drive letter that you don't create yourself. Within scripts or any remote session, just use UNC paths for everything - it's more reliable.
2 . When you attempt to map the drive in the remote PS session, you're encountering what's known as the "double hop" problem. There is a solution to this, but there's extra setup you have to do. See Double hop access to copy files without CredSSP
alroc's helpful answer explains the problem well and points to resources for solving it through prior configuration.
An explanation of the underlying problem, the infamous Kerberos double-hop problem, as well as an overview of available solutions can be found in this blog post.
As for an ad hoc solution for accessing a network share in a remote session (PSv3+):
Pass the credentials for the session via a variable; e.g., -Credential $cred
Then use these credentials inside the session too - e.g., as $using:cred - to establish a session-scoped auxiliary drive that maps the network location, using New-PSDrive.
Once the drive has been mapped, the target location is accessible - whether via the drive name, or directly by UNC path.
Note: This is a variation of the approach discovered by the OP him/herself and discussed briefly in a comment on alroc's answer, except that New-PSDrive is used rather than net use, which obviates the need for retrieving the password as plain text.
The following sample code demonstrates running a script from a network share from inside a remote session:
# A sample script to run from a network share on a remote computer.
$script = '\\server-001\install\Install-Agent.ps1'
# A sample target computer.
$computer = 'ws-002'
# Obtain the credentials for the remote session and store them in a variable.
$cred = Get-Credential $env:USERNAME
Invoke-Command -ComputerName $computer -Credential $cred {
# Map the target network share as a dummy PS drive using the passed-through
# credentials.
# You may - but needn't - use this drive; the mere fact of having established
# a drive with valid credentials makes the network location accessible in the
# session, even with direct use of UNC paths.
$null = New-PSDrive -Credential $using:cred -Name dummy -Root (Split-Path -Parent $using:script) -PSProvider FileSystem
# Invoke the script via its UNC path.
& $using:script
}
Note:
$null = ... suppresses New-PSDrive's output (it outputs an object describing the newly created drive).
Since the drives created by New-PSDrive are not persistent (except if you pass -Persist), there's no need to explicitly remove the dummy drive again, but you can do so with Remove-PSDrive.
Also note that PS drive definitions are scoped so that only the calling scope and its descendants see the drive; this enables wrapping statements in & { ... } to call them in a child scope, which means the a PS drive created inside that block will automatically go out of scope when the block is exited.
You can try to open the script by calling a WmiMethod :
$cmd = "CMD.EXE /c *\\\servername\somefolder\yourscript*.cmd"
Invoke-WmiMethod -class Win32_process -name Create -ArgumentList $cmd -ComputerName *servername*
Note that this will run the script on the server. You can do much more with that, like installing a package remotely (after copying the package locally on the remote machine).
Hope this help!
I am unable to access the UNC paths on my servers in a Powershell remote session from my local machine. I am able to use them from Servers Cmd prompt directly.
Actually, I have logged into the server and mapped a UNC path as local drive (say X:). Used Reconnect on Login option.
I have a batch file which resides in this X: drive, I want to run it remotely using invoke command from my local script. But, it fails.
It says "Cannot find drive. A drive with name X doesn't exist".
Also, when I try to map drive using net use command in the scriptblock then also it throws an error - System error 1223 - Native Command Error.
I use administrator credentials to log into this server.
Can anyone please help me on this, all i want to do is to run the script remotely which resides on this UNC path ?
Also, when I map a UNC Path in the server as a local drive, why am I unable to use it in a PS remote session ?
Thanks in Advance.
TS
You've really got 3 different things going on here.
1 & 3. Drives are only mapped when you log on interactively. So when you remoted into the other computer, mapped a drive, and then logged off/disconnected, that mapped drive was disconnected. Except in interactive GUI user sessions, you cannot depend upon a mapped drive letter that you don't create yourself. Within scripts or any remote session, just use UNC paths for everything - it's more reliable.
2 . When you attempt to map the drive in the remote PS session, you're encountering what's known as the "double hop" problem. There is a solution to this, but there's extra setup you have to do. See Double hop access to copy files without CredSSP
alroc's helpful answer explains the problem well and points to resources for solving it through prior configuration.
An explanation of the underlying problem, the infamous Kerberos double-hop problem, as well as an overview of available solutions can be found in this blog post.
As for an ad hoc solution for accessing a network share in a remote session (PSv3+):
Pass the credentials for the session via a variable; e.g., -Credential $cred
Then use these credentials inside the session too - e.g., as $using:cred - to establish a session-scoped auxiliary drive that maps the network location, using New-PSDrive.
Once the drive has been mapped, the target location is accessible - whether via the drive name, or directly by UNC path.
Note: This is a variation of the approach discovered by the OP him/herself and discussed briefly in a comment on alroc's answer, except that New-PSDrive is used rather than net use, which obviates the need for retrieving the password as plain text.
The following sample code demonstrates running a script from a network share from inside a remote session:
# A sample script to run from a network share on a remote computer.
$script = '\\server-001\install\Install-Agent.ps1'
# A sample target computer.
$computer = 'ws-002'
# Obtain the credentials for the remote session and store them in a variable.
$cred = Get-Credential $env:USERNAME
Invoke-Command -ComputerName $computer -Credential $cred {
# Map the target network share as a dummy PS drive using the passed-through
# credentials.
# You may - but needn't - use this drive; the mere fact of having established
# a drive with valid credentials makes the network location accessible in the
# session, even with direct use of UNC paths.
$null = New-PSDrive -Credential $using:cred -Name dummy -Root (Split-Path -Parent $using:script) -PSProvider FileSystem
# Invoke the script via its UNC path.
& $using:script
}
Note:
$null = ... suppresses New-PSDrive's output (it outputs an object describing the newly created drive).
Since the drives created by New-PSDrive are not persistent (except if you pass -Persist), there's no need to explicitly remove the dummy drive again, but you can do so with Remove-PSDrive.
Also note that PS drive definitions are scoped so that only the calling scope and its descendants see the drive; this enables wrapping statements in & { ... } to call them in a child scope, which means the a PS drive created inside that block will automatically go out of scope when the block is exited.
You can try to open the script by calling a WmiMethod :
$cmd = "CMD.EXE /c *\\\servername\somefolder\yourscript*.cmd"
Invoke-WmiMethod -class Win32_process -name Create -ArgumentList $cmd -ComputerName *servername*
Note that this will run the script on the server. You can do much more with that, like installing a package remotely (after copying the package locally on the remote machine).
Hope this help!
I am trying to use the Invoke-Command powershell cmdlet to install a MSI installer. From within powershell on the local machine and from the proper directory, the following works:
./setup /quiet
The following does not seem to work:
$script =
{
param($path)
cd "$path"
& ./setup /quiet
return pwd
}
return Invoke-Command -ComputerName $product.IPs -ScriptBlock $script -Args $sourcePath
For test purposes I am working on the local machine passing in "." for the -ComputerName argument. The paths have been verified correct before passing in to Invoke-Command, and errors generated on different versions of this code indicate the paths are correct. I have also tried with and without the "& " on the remote call to setup. Other Invoke-Command calls are working, so I doubt it is a permissions issue. I have verified that the return from the pwd call is the expected directory.
How do I get the install to work?
What error (if any) are you receiving? Unfortunately, you must run the shell as admin on your local machine to be able to connect to your local machine with invoke-command or any WINRM based command that requires administrative privilege (this is not a requirement when connecting remotely).
When connecting to loopback, I believe it is unable (for some security reason) to enumerate groups and determine if you are in an admin enabled AD or local group, which is how it auto elevates when invoking on a remote machine. The only solution may be to have a conditional which checks for localhost and if so, don't use the -ComputerName parameter.
This GitHub Issue covers it
You might try using Start-Process in your script block:
cd $path
start-process setup.exe -arg "/quiet"
Not sure if you will want or need to wait. Look at help for Start-Process.
I have had weird issues when trying to remotely execute a script on a local machine. In other words, remote powershell to the local machine. It comes back with an error that seems to say that PowerShell remoting is not enabled on the machine, but it was. I can run the script remotely from another machine to the target, but when using remoting to the same box, the issue crops up.
Verify that the WinRM service is running.
Verify powershell remoting has been enabled as in Enable-PSRemoting -force.
Verify your powershell execution policy is loose enough as in Set-ExecutionPolicy Unrestricted, for example. If the policy was set to RemoteSigned, this might be the problem.
You might also want to verify the user you are running the script as (locally, but using remoting) has privileges to "log on as a service" or as a batch job. Just guessing there, if the above list doesn't solve anything.