We Keep Coding

How can I start a process from powershell without bringing it to the front?

I'm working on a simple cleanup script for work which should include gpupdate. What I want to do is run gpupdate and capture the output or run it in another window and keep the current window on top. I've tried multiple different ways to run gpupdate.exe (including using WSH with the different focus options) but it always pops up in front of the current PowerShell window. PS commandlet Invoke-GPUpdate presents an error "Access is denied" so that doesn't seem to be a usable solution. I'm currently trying to call the ProcessGPUpdate API but I must have something wrong with my code. I don't really like this solution anyway as it doesn't look like it will give feedback/progress.
Reference API: https://learn.microsoft.com/en-us/previous-versions/windows/desktop/wmi_v2/class-library/remotegpupdate-processgpupdate-method-string-boolean-boolean-boolean-boolean-uint32-string-microsoft-grouppolicy
My current non-working code
Add-Type '#
using Microsoft.GroupPolicy;
public static void ProcessGPUpdate(
string Computer,
bool force,
bool boot,
bool logoff,
bool sync,
uint delayInMinutes,
string target
)
'#
I'm open to suggestions on how to accomplish this. Currently, I'm considering running gpupdate minimized.
Edit:
Added command output as requested
PS H:\> $gpupdate = Start-Job -ScriptBlock { gpupdate.exe 2>$1 }
PS H:\> get-job
Id Name PSJobTypeName State HasMoreData
Location Command
-- ---- ------------- ----- -----------
-------- -------
1 Job1 BackgroundJob Failed False
localhost gpupdate.exe 2>$1
PS H:\> Receive-Job -Name Job1
[localhost] The background process reported an error with the following
message: .
+ CategoryInfo : OpenError: (localhost:String) [],
PSRemotingTransportException
+ FullyQualifiedErrorId : 2100,PSSessionStateBroken
PS H:\> $gpupdate = Start-Job -ScriptBlock { gpupdate.exe 2>$1 } -Name
gpupdate
PS H:\> Receive-Job -Name gpupdate
[localhost] The background process reported an error with the following
message: .
+ CategoryInfo : OpenError: (localhost:String) [],
PSRemotingTransportException
+ FullyQualifiedErrorId : 2100,PSSessionStateBroken
PS H:\> $gpupdate = Start-Job -ScriptBlock { & "gpupdate.exe 2>$1" } -Name
gpupdate
PS H:\> Receive-Job -Name gpupdate
[localhost] The background process reported an error with the following
message: .
+ CategoryInfo : OpenError: (localhost:String) [],
PSRemotingTransportException
+ FullyQualifiedErrorId : 2100,PSSessionStateBroken
[localhost] The background process reported an error with the following
message: .
+ CategoryInfo : OpenError: (localhost:String) [],
PSRemotingTransportException
+ FullyQualifiedErrorId : 2100,PSSessionStateBroken
PS H:\> get-job
Id Name PSJobTypeName State HasMoreData
Location Command
-- ---- ------------- ----- -----------
-------- -------
1 Job1 BackgroundJob Failed False
localhost gpupdate.exe 2>$1
3 gpupdate BackgroundJob Failed False
localhost gpupdate.exe 2>$1
5 gpupdate BackgroundJob Failed False
localhost & "gpupdate.exe 2>$1"

Test-NetConnection problem with ConstrainInterface

How check communication between two another interface different than data?
For example I want check communication TCP between two voice interfaces. NOT Ping.
Source IP is 10.116.69.215
Destination IP is 10.104.74.145
Previosly I tried:
Test-NetConnection -Port 5060 -ComputerName 10.104.74.145
But I receive only summary from interface data.
ComputerName : 10.104.74.145
RemoteAddress : 10.104.74.145
RemotePort : 5060
InterfaceAlias : VMAccess
SourceAddress : 10.116.64.202
PingSucceeded : False
PingReplyDetails (RTT) : 0 ms
TcpTestSucceeded : False
I tried modify cmdlet. So I began from
Get-NetAdapter
Name InterfaceDescription ifIndex Status
---- -------------------- ------- ------
BackupNet Microsoft Hyper-V Network Adapter #3 15 Up
VoiceNet Microsoft Hyper-V Network Adapter #4 17 Up
VMAccess Microsoft Hyper-V Network Adapter #2 14 Up
BootNet Microsoft Hyper-V Network Adapter 13 Not Present
Test-NetConnection 10.104.74.145 -Port 5060 -ConstrainInterface 17 -DiagnoseRouting -InformationLevel Detailed
but I receive:
Test-NetConnection : A parameter cannot be found that matches parameter name 'ConstrainInterface'.
At line:1 char:45
+ ... st-netconnection 10.102.73.135 -Port 5060 -ConstrainInterface 17 -Dia ...
+ ~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (:) [Test-NetConnection], ParameterBindingException
+ FullyQualifiedErrorId : NamedParameterNotFound,Test-NetConnection
What's wrong?

Can't use -port with that parameter set.
Test-NetConnection
[[-ComputerName] <String>]
[-DiagnoseRouting]
[-ConstrainSourceAddress <String>]
[-ConstrainInterface <UInt32>]
[-InformationLevel <String>]
[<CommonParameters>]

Set Azure Reserved IP on cloud service via powershell

as said in the title, I can't assign an IP to my cloud service.
I've followed a lot of forums and StackOverflow articles/posts but I've still the issue.
When I try to run
Set-AzureReservedIPAssociation -ReservedIPName primosguardo365reservedip -ServiceName primosguardo365
I get this error
Set-AzureReservedIPAssociation : ResourceNotFound: No deployments were found.
At line:1 char:1
+ Set-AzureReservedIPAssociation -ReservedIPName primosguardo365reserve ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : CloseError: (:) [Set-AzureReservedIPAssociation], CloudException
+ FullyQualifiedErrorId : Microsoft.WindowsAzure.Commands.ServiceManagement.IaaS.SetAzureReservedIPAssociationCmdlet
but if I try to get the resources using the same name
λ Get-AzureReservedIP
ReservedIPName : Group Primosguardo365 primosguardo365reservedip
Address : **.**.**.**
Id : ******************
Label :
Location : West Europe
State : Created
InUse : False
ServiceName :
DeploymentName :
VirtualIPName :
OperationDescription : Get-AzureReservedIP
OperationId : ************************
OperationStatus : Succeeded
λ Get-AzureService "primosguardo365"
ServiceName : primosguardo365
Url : https://management.core.windows.net.................
Label : primosguardo365
Description : primosguardo365
Location : West Europe
AffinityGroup :
Status : Created
ExtendedProperties : {[ResourceGroup, Primosguardo365], [ResourceLocation, westeurope], [ProvisioningSource,
AzureResourceManager]}
DateModified : 28/03/2017 12:13:20
DateCreated : 28/03/2017 11:26:03
ReverseDnsFqdn :
WebWorkerRoleSizes : {}
VirtualMachineRoleSizes : {}
OperationDescription : Get-AzureService
OperationId : ****************************
OperationStatus : Succeeded
Does anyone have any suggestion?
Thanks in advance!
EDIT:
VIP can only be assigned to a deployed PRODUCTION instance.
But that's useless, cause CloudServices already have static IP.
Thanks to all!

In my test, I reproduce your error, I just create a cloud service via new portal, and then associate a reserved IP address to it, the error occur.
PS C:\Users> Set-AzureReservedIPAssociation -ReservedIPName my9 -ServiceName "jasontest323"
Set-AzureReservedIPAssociation : ResourceNotFound: No deployments were found.
At line:1 char:1
+ Set-AzureReservedIPAssociation -ReservedIPName my9 -ServiceName "jaso ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : CloseError: (:) [Set-AzureReservedIPAssociation], CloudException
+ FullyQualifiedErrorId : Microsoft.WindowsAzure.Commands.ServiceManagement.IaaS.SetAzureReservedIPAssociationCmdlet
After that, I create another cloud service and a VM, then assiscate a reserved IP address to this cloud service, it works.
PS C:\Users> Set-AzureReservedIPAssociation -ReservedIPName my9 -ServiceName "jasonvm3659"
OperationDescription OperationId OperationStatus
-------------------- ----------- ---------------
Set-AzureReservedIPAssociation 05ccff35-5642-7cc6-9c6b-b5dfe2d1603d Succeeded
So, I check the status of the two cloud service, I find when the Production is running, the command will work.
We can use PowerShell to check the deployment:
PS C:\Users> Get-AzureDeployment -ServiceName jasontest323
Get-AzureDeployment : ResourceNotFound: No deployments were found.
OperationID : '27da300bc3c67a5bbdbc954c1c19e3e7'
At line:1 char:1
+ Get-AzureDeployment -ServiceName jasontest323
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : CloseError: (:) [Get-AzureDeployment], ComputeCloudException
+ FullyQualifiedErrorId : Microsoft.WindowsAzure.Commands.ServiceManagement.HostedServices.GetAzureDeploymentCommand
PS C:\Users> Get-AzureDeployment -ServiceName jasonvm3659
SdkVersion :
RollbackAllowed : False
Slot : Production
Name : jasonvm3659
DeploymentName : jasonvm3659
Url : http://jasonvm3659.cloudapp.net/
Status : Running
CurrentUpgradeDomain : 0
CurrentUpgradeDomainState :
UpgradeType :
RoleInstanceList : {jasonvm}
Configuration : <ServiceConfiguration xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="http://schemas.microsoft.com/ServiceHosting/2008/10/ServiceConfiguration">
<Role name="jasonvm">
<Instances count="1" />
</Role>
</ServiceConfiguration>
DeploymentId : fc627acb502a4a979b08c42f69cccf72
Label : jasonvm3659
VNetName : Group jasontest321 jasontest321
DnsSettings :
OSVersion :
RolesConfiguration : {[jasonvm, Microsoft.WindowsAzure.Commands.ServiceManagement.Model.RoleConfiguration]}
VirtualIPs : {jasonvm3659ContractContract}
ReservedIPName : my9
CreatedTime : 3/29/2017 1:10:28 PM
LastModifiedTime : 3/29/2017 1:27:42 PM
Locked : False
InternalLoadBalancerName :
LoadBalancers : {}
ExtensionConfiguration :
ServiceName : jasonvm3659
OperationDescription : Get-AzureDeployment
OperationId : f8b8xxxx-xxxx-xxxx-xxxx-xxxx2cdc1daa
OperationStatus : Succeeded
The reserved IPs work for classic module, only be used for VMs and cloud service instance roles exposed through a VIP.
So we should check the deployment with powershell Get-AzureDeployment -ServiceName primosguardo365 first.

New-PSSession does not work locally

I am trying to connect to the localhost using New-PSSession.
I have
Configured WinRM using
winrm quickconfig
Enabled PS Remoting
Enable-PSRemoting
Added Trusted Host
Set-Item WSMan:\localhost\Client\TrustedHosts * -Force
There is an inbound rule on 8173 port on firewall.
Output of winrm:
PS C:\> winrm get winrm/config/listener?Address=*+Transport=HTTP
Listener
Address = *
Transport = HTTP
Port = 8173
Hostname
Enabled = true
URLPrefix = wsman
CertificateThumbprint
Listening on = 127.0.0.1
I am trying to run the following command:
New-PSSession -ConnectionUri http://localhost:8173/WSMAN
but I get this error:
[localhost] Processing data from remote server failed with the following error message:
Error with error code 14 occurred while calling method WSManPluginReceiveResult. For
more information, see the about_Remote_Troubleshooting Help topic.
+ CategoryInfo : OpenError: (System.Manageme....RemoteRunspace:RemoteRunspace) [], PSRemotingTransportException
+ FullyQualifiedErrorId : PSSessionOpenFailed
EDIT:
The only extra thing that I see is that the network is connected to public
$listenerport = "8173"
winrmwinrm create winrm/config/Listener?Address=*+Transport=HTTP "#{Port="$listenerport"}"
C:\>winrm get winrm/config
Config
MaxEnvelopeSizekb = 1039440
MaxTimeoutms = 60000
MaxBatchItems = 32000
MaxProviderRequests = 4294967295
Client
NetworkDelayms = 5000
URLPrefix = wsman
AllowUnencrypted = true
Auth
Basic = true
Digest = true
Kerberos = true
Negotiate = true
Certificate = true
CredSSP = false
DefaultPorts
HTTP = 8173
HTTPS = 5986
TrustedHosts = *
Service
RootSDDL = O:NSG:BAD:P(A;;GA;;;BA)(A;;GA;;;S-1-5-21-2458768215-3945602940-3262220185-1045)S:P(AU;FA;GA;;;WD)(AU;SA;GWGX;;;WD)
MaxConcurrentOperations = 4294967295
MaxConcurrentOperationsPerUser = 500
EnumerationTimeoutms = 60000
MaxConnections = 25
MaxPacketRetrievalTimeSeconds = 120
AllowUnencrypted = true
Auth
Basic = true
Kerberos = false
Negotiate = true
Certificate = true
CredSSP = false
CbtHardeningLevel = Relaxed
DefaultPorts
HTTP = 5985
HTTPS = 5986
IPv4Filter = *
IPv6Filter = *
EnableCompatibilityHttpListener = false
EnableCompatibilityHttpsListener = false
CertificateThumbprint
Winrs
AllowRemoteShellAccess = true
IdleTimeout = 180000
MaxConcurrentUsers = 5
MaxShellRunTime = 2147483647
MaxProcessesPerShell = 15
MaxMemoryPerShellMB = 150
MaxShellsPerUser = 5
PS C:\> Get-PSSessionConfiguration microsoft.powershell | fl *
xmlns : http://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration
Name : Microsoft.PowerShell
Filename : %windir%\system32\pwrshplugin.dll
SDKVersion : 1
XmlRenderingType : text
lang : en-US
PSVersion : 2.0
ResourceUri : http://schemas.microsoft.com/powershell/Microsoft.PowerShell
SupportsOptions : true
ExactMatch : true
Capability : {Shell}
Permission :
Administrators group have permission as I see in the window popup (Set-PSSessionConfiguration -Name Microsoft.PowerShell -showSecurityDescriptorUI)
EDIT 2:

By process of elimination, we can rule out firewall as an issue, as you are only connecting to the loopback address (127.0.0.1). We can also rule out WinRM configuration which looks fine.
The error message suggests that TCP connection to http://localhost:8173/WSMAN is actually successful, but fault occurs while establishing PS session.
This points to Microsoft.PowerShell session configuration.
Looks like there is a discrepancy in the permissions you see when looking at
Set-PSSessionConfiguration -Name Microsoft.PowerShell -showSecurityDescriptorUI
and the permission actually assigned to Microsoft.PowerShell.
The output of
Get-PSSessionConfiguration microsoft.powershell | fl *
should have the "SecurityDescriptorSddl" and "Permission" proprieties listed. Like this:
Name : microsoft.powershell
Filename : %windir%\system32\pwrshplugin.dll
SDKVersion : 1
XmlRenderingType : text
lang : en-US
PSVersion : 2.0
ResourceUri : http://schemas.microsoft.com/powershell/microsoft.powershell
SupportsOptions : true
Capability : {Shell}
xmlns : http://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration
Uri : http://schemas.microsoft.com/powershell/microsoft.powershell
ExactMatch : true
SecurityDescriptorSddl : O:NSG:BAD:P(A;;GA;;;BA)S:P(AU;FA;GA;;;WD)(AU;SA;GXGW;;;WD)
Permission : BUILTIN\Administrators AccessAllowed
Try removing and reassigning these permissions.
EDIT:
Based on the information you have provided this is not the main problem. I have also noticed that you have a non standard "RootSDDL" in WinRM service settings.
RootSDDL = O:NSG:BAD:P(A;;GA;;;BA)S:P(AU;FA;GA;;;S-1-5-21-2458768215-3945602940-3262220185-1045)(AU;SA;GWGX;;;WD)
by default this should be
RootSDDL = O:NSG:BAD:P(A;;GA;;;BA)S:P(AU;FA;GA;;;WD)(AU;SA;GWGX;;;WD)
I have recreated this on the test VM and Remoting still works. So I had another look at your WinRM configuration ...
Solution
Your problem is this line
MaxEnvelopeSizekb = 1039440
By setting this value I can replicate the issue you have. I would suggest to set this to something more reasonable, or to default.
winrm set winrm/config '#{MaxEnvelopeSizekb="150"}'
Will fix your problem.

setting the following worked for me after I upgraded to computers from win 10 1607 to 1708
the update changed the following reg key to 1, and setting it back to 0 worked for me
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System
FilterAdministratorToken=dword:0

In a "strict" IPV4 environent, we had the same Problem as well.
The reason was: WinRM (and other services) seem to use the IpV6-Loopback-Address even if ipv6 is disabled everywhere. (Which is no Problem, except with WinRM)
Hence, if there is no WinRM-Listener for the IPV6-Loopback Adress - you can't connect to localhost, even if WinRM is working from a remote-host.

PowerShell / WMI to set MSNdis_currentpacketfilter

I like to know if there is a way to use PowerShell with WMI to set the MSNdis_currentPacketFilter
PS > Get-WmiObject -class "MSNdis_CurrentPacketFilter" -NameSpace "root\WMI" -Filter "InstanceName='Intel(R) Ethernet Server Adapter I350-T2'"
__GENUS : 2
__CLASS : MSNdis_CurrentPacketFilter
__SUPERCLASS : MSNdis
__DYNASTY : MSNdis
__RELPATH : MSNdis_CurrentPacketFilter.InstanceName="Intel(R) Ethernet Server Adapter I350-T2"
__PROPERTY_COUNT : 3
__DERIVATION : {MSNdis}
__SERVER : HYPERV88
__NAMESPACE : root\WMI
__PATH : \\HYPERV88\root\WMI:MSNdis_CurrentPacketFilter.InstanceName="Intel(R) Ethernet Server Adapter
I350-T2"
Active : True
InstanceName : Intel(R) Ethernet Server Adapter I350-T2
NdisCurrentPacketFilter : 15
PSComputerName : HYPERV88
And I would like to change the NdisCurrentPacketFilter value from 15 to 47.
I tried
Set-WMIInstance -Path ... -Arguments #{NdisCurrentPacketFilter=47}
But, got error. Thanks in advance!
===== added 04/17/2015
Here were the commands I tried:
$p=$(Get-WmiObject -class "MSNdis_CurrentPacketFilter" -NameSpace "root\WMI" -Filter "InstanceName='Intel(R) Ethernet Server Adapter I350-T2'").__Path
Write-Host $p
\\HYPERV88\root\WMI:MSNdis_CurrentPacketFilter.InstanceName="Intel(R) Ethernet Server Adapter I350-T2"
Set-WmiInstance -Path $p -Arguments #{NdisCurrentPacketFilter=47}
and error (not sure why it said command not found, but command was valid)
Set-WmiInstance : Not found
At line:1 char:1
+ Set-WmiInstance -Path $p -Arguments #{NdisCurrentPacketFilter=47}
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (:) [Set-WmiInstance], ManagementException
+ FullyQualifiedErrorId : SetWMIManagementException,Microsoft.PowerShell.Commands.SetWmiInstance
And I tried this:
$o = Get-WmiObject -class "MSNdis_CurrentPacketFilter" -NameSpace "root\WMI" -Filter "InstanceName='Intel(R) Ethernet Server Adapter I350-T2'"
Write-Host $o
\\HYPERV88\root\WMI:MSNdis_CurrentPacketFilter.InstanceName="Intel(R) Ethernet Server Adapter I350-T2"
Set-WMIInstance -class "MSNdis_CurrentPacketFilter" -InputObject $o -Arguments #{NdisCurrentPacketFilter=47}
Set-WmiInstance : Parameter set cannot be resolved using the specified named parameters.
At line:1 char:1
+ Set-WMIInstance -class "MSNdis_CurrentPacketFilter" -InputObject $o -Arguments # ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (:) [Set-WmiInstance], ParameterBindingException
+ FullyQualifiedErrorId : AmbiguousParameterSet,Microsoft.PowerShell.Commands.SetWmiInstance

I think you are having this issue as according to scriptinternals that value is read-only.
NdisCurrentPacketFilter
Data type: integer/usint32
Access type: Read-only
I found similar information here as well. You should have wrote your error here as well. It might have added context to your issue and it is a best practice when asking questions.
Disclaimer: I know nothing about the class. Just wanted to see if anyone posted details of the class parameters.