I'm automating windows updates for a set of SQL servers, mostly running on Windows Server 2016. Typically after you install updates you have to reboot, and there is a period of time after rebooting where the server is applying updates and users can't remote into the server. In my automation, I would like to wait until that period of time is over before reporting a successful update. Is there an indicator that I can check remotely through powershell that will determine whether a user can remote in?
I've checked the main RDP services (termservice, SessionEnv and UmRdpService) during this period and they are all running, so if there's some sort of indicator, it isn't them. Maybe there is a field somewhere that states that windows is applying updates? All of the servers are virtualized through VMWare if it matters.
Thanks for reading!
How about testing the port that the remote desktop service listens on?
test-netconnection server -port 3389
I didn't have any luck on ServerFault either, but I did eventually find a solution myself, posting here in case anyone finds this thread looking for help.
The isn't actually a service that changes states when you can RDP back into a server; that's probably determined somewhere in the windows code and there's no way you could find the flag. However, the TIWorker program runs after a reboot to install windows, and in my experience recently, when that exe completes, you can RDP 100% of the time, which is good enough for my automation.
I loop over this piece of code in 5 second intervals until it returns 0 rows, then finish.
Get-Process -ComputerName $server | ? {$_.ProcessName -match 'TiWorker'}
Related
In my workplace, we administer hospital intensive care PCs (Windows 7 desktop clients) that are meant to be on and running a particular program in near-perpetuity. To that end we've developed a few powershell scripts that run every 5 minutes and alert us whenever the PCs drop off the network or the processes / programs we require crash.
Our program monitoring script relies on the powershell cmdlet "get-process" run remotely by an admin-credentialed account. The script works on all of our PCs except one and we haven't been able to determine what's causing the failure.
At its most basic, the command looks something like
get-process -computername [hostname]
When pointing toward our problem PC we get the error
Get-Process : Couldn't connect to remote machine
Our research indicates that this is likely caused by permissions, firewall, or remote registry service problems. We've triple-checked and on this PC and
the monitoring account has admin privileges, no firewall is active, and remote registry service is on and set to start automatically. The code works when run on the local machine but not when run remotely.
Similar powershell cmdlets run remotely, like "get-service", work with no issues. As noted above "get-process" runs successfully on our other PCs. Any insight into this strange issue would be appreciated.
One thing to note is that the Invoke-Command workaround that has been offered in answer to other, similar questions doesn't work on this PC or any of our others.
Have you tried validating the all RPC services are up?
1.Remote Procedure Call(RPC)
2.Remote Procecure Call(RPC) Locator
3.Remote Registry (You said it's up though)
I am working on making some scripts to make my job a little bit easier.
One of the things i need is too download some files to use. I first used powershell with the command Invoke-WebRequest.
It is working really well, however it dont run on windows 7 computeres, as they have powershell 2. As i have about as many windows 7 pc's as win 10 i need to find another way.
I found that Start-BitsTransfer is a good way that should work on most computeres. My problem now is, that when using the script via my remote support session it runs the script on the local service account, and then BitsTransfer wont run and gives me an error. (0x800704DD)
Is there a way to get around that problem, or any command that can be used on both win 7 and 10 and run from the local service account?
You should update PowerShell as gms0ulman states, but if you are not the person who is in charge of this decision, you have to take other steps.
This error code...
0x800704DD
The error message ERROR_NOT_LOGGED_ON, occurs because the System Event Notification Service (SENS) is not receiving user logon notifications. BITS (version 2.0 and up) depends on logon notifications from Service Control Manager, which in turn depends on the SENS service. Ensure that the SENS service is started and running correctly.
By default, BITS runs under the LocalSystem account. To modify, stop or restart BITS, you must be logged on as an administrator. In your situation, when you log on a regular account and start the PS in elevated privilege, the BITS doesn’t run under regular user account. To resolve it, you may need to configure the log on user for BITS. Please visit the following link to configure how a service is started.
Configure How a Service is Started
Services are often run with default settings — for example, a service
may be disabled automatically at startup. However, you can use the
Services snap-in to change the default settings for a service. This is
useful if you are troubleshooting service failures or if you need to
change the security account under which a service runs. Membership in
Account Operators or Domain Admins, Enterprise Admins, or equivalent,
is the minimum required to complete this procedure. Review the details
in "Additional considerations" in this topic.
https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc755249(v=ws.10)
I also agree that you should not continue supporting PowerShell 2.0. Ideally, ditch Windows 7 (it's way too old now), if you can't do that, upgrade PowerShell, if you can't do that, find a new job, if you can't do that, then I guess bring on the workarounds!
postanote's answer covers the BITS angle.
The other thing you can do is just use the .Net framework's underlying libraries, which is exactly what Invoke-RestMethod and Invoke-WebRequest do (those cmdlets were introduced in PowerShell 3.0, but the guts of them were around much longer).
try {
$wc = New-Object -TypeName System.Net.WebClient
$wc.DownloadFile($url, $path)
finally {
$wc.Dispose()
}
Most people don't bother disposing IDisposable objects in PowerShell so you'll see a lot of shorthand around like this:
(New-Object Net.WebClient).DownloadFile($url, $path)
Which is probably fine if your script's process isn't going to be around for a while, but it's good to keep in mind in case you incorporate this into something of a larger scale.
I want to automate test using powershell. I want to write a script to shutdown the computer, wait for 3minutes and then power on the computer. Is it possible using Powershell? I know that reboot is possible, but I want the system to remain in shutdown stage for 3min and then power on.
If you mean a "real computer" (not a Virtual Machine) so it's not possible. But you can achieve that using Virtual Machine setup. Take look at this documentation: https://technet.microsoft.com/en-us/library/hh848589.aspx
You can shutdown computer with Stop-Computer command
Wait with Start-Sleep
But to poweron PC you need something more complex, take a look at WOL. However there are some difficulties:
It would work only with PCs that allow to be awakened with magic packets
You need to know MAC-address of machine
Target machine should be in the current network subnet of the caller.
I have a test bed in my lab consisting of a windows server 2008 running powershell 2.0. I am using that server to manage 50 clients that are connected wired and wireless with the server. I am running windows Active Directory on the server and all the clients are in the domain I created and I am using the AD to push different policies. I have a lot of basic scripts running (shutting down all interfaces on the clients, shutting down clients, fetching logs from clients etc.). But there is one Task in particular that is extremely important for my setup and I am facing a lot of issues with it. Here are the details:
I want to start some applications like windows media player or a VLC player on all the clients through a script. The script will be run on the server and it should try and establish connection with all the clients and bring up the UI.
What has been tried?
Method 1:
New-Pssession -computername -credential
Enter Pssession -id
(brings up the prompt on the remote machine)
start-process wmplayer.exe
Everything runs correctly. A process gets created on the client, but I do not see the UI.
Method 2:
I created a batch file on the remote machine that runs the wmplayer.exe. It works fine and brings up the UI if executed manually from the client, but again if triggered remotely it only creates a process and does not bring up the UI.
Am I missing something while running the commands? Do I need to configure something more to get the UI up and running?
I am making my first attempts at using PowerShell remoting features. I've set up the "destination" server using the instructions in the help docs. But when I attempt to start a remote session (by executing an "Enter-PSSession servername1" command), it sits there for a long time, and eventually gives this error:
Enter-PSSession : Connecting to remote server failed with the following error message : The WinRM client cannot complete the operation within the time specified. Check if the machine name is valid and is reachable over the network and firewall exception for Windows Remote Management service is enabled. For more information, see the about_Remote_Troubleshooting Help topic.
I also noticed that while it was sitting there, my computer's performance had degraded. Looking at Task Manager, I see that ekrn.exe, which is the kernel process for Nod32 Antivirus, was using a lot of CPU (~50%, sometimes edging higher). It seems to never stop using the CPU until I kill the process, and I did some testing, and it clearly begins to use all that CPU as soon as I execute that Enter-PSSession command.
I then tried disabling the Nod32 anti-virus, executed the same command, and voilà, it worked, and the remote session started properly.
But obviously disabling my anti-virus isn't a solution. Can anyone suggest a better one?
It turns out I wasn't running the latest version of Nod32. I was running version 3, the I was able to upgrade to version 4, and the problem went away.