Pulling Win10 activation codes from remote computers - powershell

I'm brand new to PS scripting, so bear with me :)
I'm trying to create a PS script that will write the Win10 activation code to a file then copy that file to a central repo to then manually activate.
I'm creating a PS script and trying to run
cscript.exe c:\windows\system32\slmgr.vbs -dti >
$SourceDir\$env:computername.txt
$SourceDir = \\computer01\c$\temp
I need to run it from one computer, remotely connecting to every computer on the network, creating the computername.txt file then copying that file back to a central repository for all the files.
What I have so far:
$s1=New-PSSession -ComputerName computer01 -Credential $AdminCred
Test-Connection -ComputerName computer01
$id='\\computer01\windows\system32'
$SourceDir='\\computer01\c$\temp'
md $SourceDir
$GetActID=cscript.exe $id\slmgr.vbs -dti >
$SourceDir\$env:computername.txt
Invoke-Command -Session $s1 -ScriptBlock { $Using:GetActID }
Then I call a batch file that copies the computername.txt file from the computer01 over to a repository where they are going to sit.
I FINALLY got it working correctly except for the name of the file isn't naming it to the computer01, it's naming it with the hostname of the computer I'm running it from, therefore the filenames are identical. I had the naming piece working, but I had to change the way I was remoting into the computer and now it's not naming correctly.
Any idea on how I could get it to name the file to be related to the remote computer?
**I'm still working on the whole piece of the puzzle where it goes back to an excel sheet pulled from AD and pulls the host names from that sheet to connect to each machine, I believe I'll be adding a ForEach syntax in there somehow for that.

Although not sure how you are getting the list of "every computer on the network", chances are you are doing this using
# get a list of all AD computers (their names only)
$computers = (Get-ADComputer -Filter *).Name
Then I think you don't need to have every computer save the file on its own disk and later copy these files to a central share.
Instead, just capture the info in a variable and after the loop write the file to the central share as structured CSV file combining all computernames and install id's so you can open in Excel.
Using the array of computernames from above, iterate through them
$result = $computers | ForEach-Object {
# test if the computer can be reached
if (Test-Connection -ComputerName $_ -Count 1 -Quiet) {
$installId = Invoke-Command -ComputerName $_ -ScriptBlock {
cscript.exe //nologo "$env:SystemRoot\System32\slmgr.vbs" -dti
}
# $installId is returned as array !
# output an object with two properties
[PsCustomObject]#{
Computer = $_
InstallId = $installId[0] -replace '\D' # remove everything non-numeric
}
}
else {
Write-Warning "Computer $_ is not responding"
}
}
# now you can display the result on screen
$result | Format-Table -AutoSize
# or by means of the GridView if you prefer
$result | Out-GridView -Title 'Computer InstallIds'
# and save the results in your central share as structured CSV file
$result | Export-Csv -Path '\\server\share\restofpath\ComputerInstallIds.csv' -NoTypeInformation
You may have to append -Credential $adminCreds to the Invoke-Command call to make sure you have permissions to have each machine run that piece of code in the scriptblock. The easiest way of obtaining that credential is to start off with $adminCreds = Get-Credential -Message "Please enter administrator credentials"

Related

Remote command output to text file (remote system)

I know I must be using these commands wrong but I can't seem to find a solution. I believe the issue is with my use of the invoke-command and out-file. I'm trying to check to see if a process is running on multiple remote machines and write their states back to a text file on the host system. Even if it wrote to the remote system I could work with that but I cant seem to get anything.
$MyDomain=’mydomain’
$MyClearTextUsername=’myusername’
$MyClearTextPassword=’mypassword’
$MyUsernameDomain=$MyDomain+’\’+$MyClearTextUsername
$SecurePassword=Convertto-SecureString –String $MyClearTextPassword
-AsPlainText –force
$MyCredentials=New-object System.Management.Automation.PSCredential
$MyUsernameDomain,$SecurePassword
$Servers = ( "server1","server2","server3")
$output = foreach ($Server in $Servers)
{
$Session = New-PSSession -ComputerName $Server -Credential $MyCredentials
Invoke-Command -Session $Session -ScriptBlock
{
Get-Service -Name service | select name, status, PSComputername, Runspaceid
} | Out-File -filepath 'c:\TEMP\check.txt'
}
Write-output $output | Out-File -filepath 'c:\TEMP\check.txt'
edit: I don't believe the last line is needed but I threw it in just to see if I could get anything out.
You are not capturing anything in $output because you are redirecting all of the output from your Invoke-Command to Out-File -filepath 'c:\TEMP\check.txt'. Get-Service doesn't return that much data, especially once's it's been deserialized when it returns from the remote session, so I wouldn't bother with the Select statement. Even if you do want to include the Select statement you are specifying PSComputerName which doesn't get added until the data comes back from the remote system, so you may want to move that Select to outside of the scriptblock and after the Invoke-Command in the pipeline. Plus, since you are outputting with Out-File your local file is being overwritten each time that call is made, so the first server's results are saved, then overwritten by the second server's results, then by the third server's results. After that, since $output has nothing (as all output was redirected to file), you are outputting an empty variable to the same file, effectively erasing the service state of the third server.
But this really all becomes a moot point if the script is run with the credentials that has access to the remote servers. You can specify one or more computer names to the Get-Service cmdlet, so this could become as simple as:
$Results = Get-Service Service -ComputerName 'Server1','Server2','Server3'
$Results | Select name, status, PSComputername, Runspaceid | Set-Content 'C:\TEMP\check.txt'
Just to make sure... you are looking for a service right? Not just a process? Because if it isn't a service you would need to use Get-Process instead of Get-Service.
If you want to output the data to the remote server you could do:
$output = foreach ($Server in $Servers)
{
$Session = New-PSSession -ComputerName $Server -Credential $MyCredentials
Invoke-Command -Session $Session -ScriptBlock
{
Get-Service -Name service | Tee-Object -FilePath C:\Temp\ServiceState.txt
} | select name, status, PSComputername, Runspaceid
}
$output | Out-File -filepath 'c:\TEMP\check.txt'
That should make a file in the C:\Temp folder on each server with the state of the service, as well as pass the information back to the local host, where it is passed to Select and stored in $output. At the end I output $output to file, just as you did.
I guess in the end you could just remove the Out-File call from within your loop, and it would probably do what you want it to.

Trouble with Get-WmiObject while running powershell script to back up DNS Zones

I have this script that I am trying to run, that I hope will back up DNS zones. I am attempting to export this information into a csv file using the export-csv powershell cmdlet. Finally, I use use the dnscmd.exe command to export zones information into a text file and store them in the defined location.
# Get Name of the server with env variable
$DNSSERVER=get-content env:computername
#—Define folder where to store backup —–#
$BkfFolder=”c:\windows\system32\dns\backup”
#—Define file name where to store Dns Settings
$StrFile=Join-Path $BkfFolder “input.csv”
#—-Check if folder exists. if exists, delete contents–#
if (-not(test-path $BkfFolder)) {
new-item $BkfFolder -Type Directory | Out-Null
} else {
Remove-Item $BkfFolder”\*” -recurse
}
#—- GET DNS SETTINGS USING WMI OBJECT ——–#
#– Line wrapped should be only one line –#
$List = get-WmiObject -ComputerName $DNSSERVER
-Namespace root\MicrosoftDNS -Class MicrosoftDNS_Zone
#—-Export information into input.csv file —#
#– Line wrapped should be only one line –#
$list | Select Name,ZoneType,AllowUpdate,#{Name=”MasterServers”;Expression={$_.MasterServers}},
DsIntegrated | Export-csv $strFile -NoTypeInformation
#— Call Dnscmd.exe to export dns zones
$list | foreach {
$path=”backup\”+$_.name
$cmd=”dnscmd {0} /ZoneExport {1} {2}” -f $DNSSERVER,$_.Name,$path
Invoke-Expression $cmd
}
# End of Script
#——————————————————————————————-#
When I run the script, I get the following message:
I am not exactly sure what this message is saying. I tried inputting my computer name, but that does not work either.
Any help is appreciated!
From line 2:
$DNSSERVER=get-content env:computername
should be:
$DNSSERVER = $Env:Computername
The error is in this line:
$List = get-WmiObject -ComputerName $DNSSERVER -Namespace root\MicrosoftDNS -Class MicrosoftDNS_Zone
Make sure that it's on the same line instead of separate lines, It is requesting the class for the gwmi command, but since it is in another line it's not taking it. Because the class does exist in here so the issue should be in that particular line.
Another point it is looking for the DNS class so only would work if the windows servers have DNS feature or role installed on it.

Powershell Deployed via SCCM Issue

I am writing a powershell script to be deployed by SCCM via a package. The aim of this is to remove an account with a specific name then write to a file stating if the account exists or not. The code is below:
$Computer = hostname
foreach ($C in $Computer) {
if (Test-Connection $C -Quiet) {
Write-Verbose "$C > Online"
$Users = Get-WMIObject Win32_UserAccount -Filter "LocalAccount=True" -ComputerName $C
if ($Users.Name -contains 'test') {
Add-Content \\SERVERNAME\SHARENAME.$\$computer-found_$(get-date -Format yyyymmdd_hhmmtt).txt "User 'test' found, Disable 'test' found"
net user test /active:no }
else {
Add-Content \\SERVERNAME\SHARENAME.$\$computer-notfound_$(get-date -Format yyyymmdd_hhmmtt).txt "User 'test' not found"
}
}
else {
Write-Verbose "$C > Offline"
}
}
I have also tried replace Write-Verbose with Write-Host and Add-Content with Out-File but the problem I having is that no content / file is created when I use the full network path or share e.g. \\SERVERNAME\SHARENAME.$ the path identified has all the correct permissions and is being ran locally using the System account.
I wanted to see if the issue occured when writing the file locatlly consequently this does not happen when written to C:\Temp\
Does anyone have any ideas on to solve this.
I don't think that local system account has access to a network resource. I'm not sure if you have ever configured it or not. And what the command you used to run the command
Here I post a working way of doing this using Configuration Manager deployment after testing in my lab.
Basically I created a package with source files
and created a task sequence with single "Run Command Line" step.
The reason I use a task sequence is because I want to use an account to access the txt file on the network, which I can configure within a task sequence. I don't think Local System Account have such permission.
The script (DeactivateTest.ps1) I use as below just like what you provided and changed a little on the logic:
$Computer = hostname
foreach ($C in $Computer) {
if (Test-Connection $C -Quiet) {
Write-host "$C > Online"
$Users = Get-WMIObject Win32_UserAccount -Filter "LocalAccount=True" -ComputerName $C
$result=0
Foreach($user in $Users){
if ($User.Name -like '*test*') {
$username = $user.Name
"`n$(get-date -Format yyyymmdd_hhmmtt) User $username found ON $C, Disable 'test'" | Add-Content \\cas\resource\Result.txt
net user $username /active:no
$result+=1
}}
if($result =0){
"`n$(get-date -Format yyyymmdd_hhmmtt) User 'test' not found ON $C" | Add-Content \\cas\resource\Result.txt}
}
else {
"`n$C is Offline" | Add-Content \\cas\resource\Result.txt
}
}
The script query local account and disable accounts which have words "Test" in the name. If you don't like this logic, you can change :).
\\cas\resource\Result.txt is a txt file on the network share. Clients will write result to this txt file.
The command in the task sequence is (it's a x64 machine):
PowerShell.exe -ExecutionPolicy Bypass -File ".\DeactiveTest.ps1"
The output is like:
I may get downvoted for this as my answer isn't technically directly answering your question, it is, however, intended to try and point you in what may be a more logical direction. All apologies if I offend anyone, but here it is:
Why not just disable the user using Group Policy? If you really want to know where the user is/isn't disabled then you could just use hardware inventory for that, but GP really is the best way to enforce this kind of setting.

Working with Windows Event Logs in PowerShell

I have a script to read the last 30 entries for the Application and System event logs, currently the scripts only works on my machine and only outputs a partial message (see below for example).
411905 May 05 15:05 Information Microsoft-Windows... 1501 The Group Policy settings for the user were processed successfully. There were no changes detected since the last succ...
Can anyone tell me how the following can be done
use this for remote computers - I have tried entering the computer name in the format of \domain\computername but is doesn't work
How I can display the full message and not just a section
How I can save the file with the computer name as part of the file name e.g. "mycomputer application log.txt"
My script so far is like this
Get-EventLog -LogName Application -Newest 30 -ComputerName MYCOMPUTER | Out-File -FilePath "D:\Test\Application Event Logs.txt"
Get-EventLog -LogName System -Newest 30 -ComputerName MYCOMPUTER | Out-File -FilePath "D:\Test\System Event Logs.txt"
I am new to scripting and thought this could be a useful script to have but I can't get it to work.
Remote Computers
If you mean computers in another domain, then I don't think you can using the cmdlet alone.
Instead, you can use PowerShell remoting to run any powershell commands that exist on the remote computer. But you have to set up remotin gon the remote machine, and use SSL or trusted hosts, with explicit credentials to ensure the connection will be allowed:
$credential = Get-Credential # enter credentials for remote machine
$session = New-PSSession -ComputerName REMOTECOMPUTER -Credential $credential
Invoke-Command -Session $session -ScriptBlock {
Get-EventLog # parameters
}
The Full Text
It's important to note that what is returned by Get-WinEvent is a complex object. What you see when it's displayed on the screen is just a view. Writing it out to a file directly will also be just a view. Instead, explicitly figure out what you want, build a string, and then write it to a file.
Start by assigning the result of the cmdlet to a variable so that you can inspect it:
$events = Get-WinEvent #params
Now you can look at the results:
$events | Get-Member # see what properties are available
So then you can see that Message is a property.
To get just the message, you can use Select-Object and since you want it as a string and not a property, you -ExpandProperty:
$events | Select-Object -ExpandProperty Message | Out-File #etc
That would write out all the messages (but no other info).
In practice, you might want to operate on each log entry returned and build your string to write to the file:
$events | ForEach-Object {
# $_ represents the current object
$msg = $_.Message
$id = $_.Id
$timeCreated = $_.TimeCreated
"A log entry with ID $id was created at $timeCreated, and it says:`r`n`r`n$msg`r`n---------`r`n"
} | Out-File #params
Using the Computer Name
Assuming you know the computer name you're checking in advance, put it in a variable, then embed it in the file name:
$computer = 'MYCOMPUTER'
Get-WinEvent -ComputerName $computer | ForEach-Object {
# do stuff like above
} | Out-File -Path "D:\Whatever\$computer Application Log"

Process list and write output to files named after list members

I'm trying to run a command which accepts a list of names. It should go through each member of the list and then output it to a text file in a specific location, and the name of that text file will be the member name from the list. Then the script continues to the next member run the command on it, and then write the output to a text file whose name will be the 2nd member in the list.
I'm sure a loop is involved, and perhaps a temporary variable which I have no idea how to declare :(
Invoke-Command -ComputerName (Get-Content "C:\ServerList.txt") -ScriptBlock {
Servermanagercmd.exe -query roles.xml
} -credential baloon\yellow | Out-File C:\OutputF.txt
Pull out the Get-Content of the serverlist file so the server name values are available down the pipeline:
Get-Content c:\serverlist.txt | Where {$_} |
Foreach { Invoke-Command -ComputerName $_ -Scriptblock {...} -Credential baloon\yellow |
Out-File "$_.txt" }
Note that the Where {$_} is to weed out any empty lines in the file.
Shall I assume this issue is that the data that is being output has no context since you wont know what system it is from?
$outputfile = C:\OutputF.txt
Set-Content -Path $outputfile -Value ""
ForEach($server in (Get-Content "C:\ServerList.txt")){
Add-Content -Path $outputfile -Value "Server: $server"
Invoke-Command -ComputerName $server -ScriptBlock {Servermanagercmd.exe -query roles.xml} -credential baloon\yellow |
Add-Content -Path $outputfile
}
Wipe the file to start new (remove this if you dont want to erase the file.). For each server in your list add the server name on its own line in the file and then run the Invoke-Command also sending its output to file.
This will might be inefficient depending on the number of server you are checking. At that point I would consider using jobs.
Update
After reading Keith Hills answer I realize that I misread your question. My logic would output all to one file with the server name separating the contents. You actually wanted separate files.