I don't understand, responding is empty on remote serveur.
Get-Process explorer -ComputerName vcass1 | select name,id,responding
Name Id Responding
---- -- ----------
explorer 1204
explorer 3020
but responding i real empty :
Get-Process explorer -ComputerName vcass1 | Where-Object {$_.Responding -eq $true}
>> No result
Get-Process explorer -ComputerName vcass1 | Where-Object {$_.Responding -eq $false}
>> No result
when i try with : -ComputerName localhost i have the same problem, but without -ComputerName i have value $True for each process !
According to the help on MSDN you should get a NotSupportedException error indictaing that:
You are attempting to access the Responding property for a process
that is running on a remote computer. This property is available only
for processes that are running on the local computer.
If the remote server is on Windows 2012 you can read the Responding status remotely.
Related
Part of our daily process is to RDP to a remote machine and check the services are running. We have to check “File and Storage Services”, “IIS”, “Local Server”, and “All Servers” (see image).
Can I do this remotely through PowerShell? I have a script (Get-Service -ComputerName [remote computer name]), but which services do I list to check these 4 main areas are running?
Server Manager
Tried:
get-service -Name "LanmanServer", "LanmanWorkstation" -ComputerName [computername]
get-service -ComputerName [computername] | Where-Object {$.Status -ne "Running"}
get-service -ComputerName [computername] | Where-Object {$.Status -eq "Running"}
So I can list the services, and if they're running or not, but this doesn't tell me what I need
I can't for the life of me figure out how to get my code to work remotely to show the same information it's showing when ran locally.
For example, if I run the command locally on a web server:
Get-ChildItem IIS:SSLBindings
I get the following results:
But if I run the command remotely using the following code:
Invoke-command -computer $Computer { Import-Module WebAdministration; Get-Childitem -Path IIS:\SslBindings }
I get this result:
I don't understand why the Sites info is blank, or just showing '...'.
I've tried all sorts of different variations/scriptblocks, but the results are always the same.
Anyone have any idea as to what I'm doing wrong or how I can remotely pull this information correctly?
I feel like there may be a better way to do this because this feels a bit clunky, but regardless, it works...
Here's the command I am using to gather this info remotely:
$SSLCertInUseInfo = Invoke-command -computer $Computer {
Import-Module WebAdministration; Get-Childitem -Path IIS:\SslBindings | Select IPAddress, Host, Port, Store,
#{ Name = 'Site'; Expression = { $_ | select -property Sites -expandproperty Sites | Select-Object -ExpandProperty "Value" } }
} | Select -Property * -ExcludeProperty PSComputerName, RunSpaceID, PSShowComputerName
The result is:
Why this particular property is an issue: The cause for this is how the value for Sites is generated. This particular property happens to be a "ScriptProperty," which means it's pulled by a script defined in the WebAdministration module. That script is executed behind the scenes transparently. Unfortunately, ScriptProperties often don't survive the deserialization process when accessed through PSRemoting.
So, how do you find out if the property is a ScriptProperty? Check the member definitions by piping your command to Get-Member.
When run locally, you can see that the Sites member type is a ScriptProperty and the definition shows the start of the script it runs to fetch the data.
PS C:\> Get-Childitem -Path IIS:\SslBindings | Get-Member Sites
TypeName: System.Management.Automation.PSCustomObject
Name MemberType Definition
---- ---------- ----------
Sites ScriptProperty System.Object Sites {get=$ip = [string]::empty...
When run remotely, you can see the type changes to one prefixed with "Deserialized," the member type is now a NoteProperty, and the definition changes to a string with no value.
PS C:\> Invoke-Command -ComputerName $Computer { Import-Module WebAdministration;Get-Childitem -Path IIS:\SslBindings } | Get-Member Sites
TypeName: Deserialized.System.Management.Automation.PSCustomObject
Name MemberType Definition
---- ---------- ----------
Sites NoteProperty System.String Sites=
How to solve the problem: The easiest way to get the desired value is to use calculated properties to convert the output to something that can be sent back. Similar to this answer, but a little more compact:
Invoke-Command -ComputerName $Computer {
Import-Module WebAdministration; Get-Childitem -Path IIS:\SslBindings |
Select-Object IPAddress, Port, Host, Store, #{Name="Sites"; Expression={($_).Sites.Value}} } |
Select-Object * -ExcludeProperty PSComputerName, RunSpaceID, PSShowComputerName
Output:
IPAddress : ::
Port : 443
Host :
Store : MY
Sites :
IPAddress : 0.0.0.0
Port : 443
Host :
Store : My
Sites : Default Web Site
I have a script to read the last 30 entries for the Application and System event logs, currently the scripts only works on my machine and only outputs a partial message (see below for example).
411905 May 05 15:05 Information Microsoft-Windows... 1501 The Group Policy settings for the user were processed successfully. There were no changes detected since the last succ...
Can anyone tell me how the following can be done
use this for remote computers - I have tried entering the computer name in the format of \domain\computername but is doesn't work
How I can display the full message and not just a section
How I can save the file with the computer name as part of the file name e.g. "mycomputer application log.txt"
My script so far is like this
Get-EventLog -LogName Application -Newest 30 -ComputerName MYCOMPUTER | Out-File -FilePath "D:\Test\Application Event Logs.txt"
Get-EventLog -LogName System -Newest 30 -ComputerName MYCOMPUTER | Out-File -FilePath "D:\Test\System Event Logs.txt"
I am new to scripting and thought this could be a useful script to have but I can't get it to work.
Remote Computers
If you mean computers in another domain, then I don't think you can using the cmdlet alone.
Instead, you can use PowerShell remoting to run any powershell commands that exist on the remote computer. But you have to set up remotin gon the remote machine, and use SSL or trusted hosts, with explicit credentials to ensure the connection will be allowed:
$credential = Get-Credential # enter credentials for remote machine
$session = New-PSSession -ComputerName REMOTECOMPUTER -Credential $credential
Invoke-Command -Session $session -ScriptBlock {
Get-EventLog # parameters
}
The Full Text
It's important to note that what is returned by Get-WinEvent is a complex object. What you see when it's displayed on the screen is just a view. Writing it out to a file directly will also be just a view. Instead, explicitly figure out what you want, build a string, and then write it to a file.
Start by assigning the result of the cmdlet to a variable so that you can inspect it:
$events = Get-WinEvent #params
Now you can look at the results:
$events | Get-Member # see what properties are available
So then you can see that Message is a property.
To get just the message, you can use Select-Object and since you want it as a string and not a property, you -ExpandProperty:
$events | Select-Object -ExpandProperty Message | Out-File #etc
That would write out all the messages (but no other info).
In practice, you might want to operate on each log entry returned and build your string to write to the file:
$events | ForEach-Object {
# $_ represents the current object
$msg = $_.Message
$id = $_.Id
$timeCreated = $_.TimeCreated
"A log entry with ID $id was created at $timeCreated, and it says:`r`n`r`n$msg`r`n---------`r`n"
} | Out-File #params
Using the Computer Name
Assuming you know the computer name you're checking in advance, put it in a variable, then embed it in the file name:
$computer = 'MYCOMPUTER'
Get-WinEvent -ComputerName $computer | ForEach-Object {
# do stuff like above
} | Out-File -Path "D:\Whatever\$computer Application Log"
So I'm trying to return a list of running process' descriptions on a machine which I can do no problem via get-process | select description
However, when I try: get-process -computer remote | select description nothing is returned, only empty strings.
Is there a reason for this?
Thanks
Well, if you take a look at how the description is retrieved, it will all get clearer:
PS> gps | gm | where {$_.name -eq 'description'} | select Definition
TypeName: System.Diagnostics.Process
Definition
----------
System.Object Description {get=$this.Mainmodule.FileVersionInfo.FileDescription;}
This accesses Process.MainModule for which the documentation has to say that it throws a NotSupportedExcetion in the following case:
You are trying to access the MainModule property for a process that is running on a remote computer. This property is available only for processes that are running on the local computer.
So the attempt to retrieve the description fails for remote processes.
Maybe with WMI and the GetVersionInfo method:
$ComputerName = 'server1'
Get-WmiObject Win32_Process -ComputerName $ComputerName |
Select-Object Name, #{n='Description';e={ [System.Diagnostics.FileVersionInfo]::GetVersionInfo( ($_.ExecutablePath -replace '^(.):',"\\$ComputerName\$`1$")).FileDescription }}
After experimenting with get-process I wrote the below script to show what it 'viewable' via a remote session
get-process -computer computer | select * | where {$_.name -match "tskmgr"}
How can I get the Windows service startup type using PowerShell and not using WMI?
I looked inside the Get-Service command, and it does not provide something to display the "startup type".
With PowerShell version 4:
You can run a command as given below:
Get-Service | select -property name,starttype
WMI is the way to do this.
Get-WmiObject -Query "Select StartMode From Win32_Service Where Name='winmgmt'"
Or
Get-WmiObject -Class Win32_Service -Property StartMode -Filter "Name='Winmgmt'"
In PowerShell you can use the command Set-Service:
Set-Service -Name Winmgmt -StartupType Manual
I haven't found a PowerShell command to view the startup type though. One would assume that the command Get-Service would provide that, but it doesn't seem to.
You can use also:
(Get-Service 'winmgmt').StartType
It returns just the startup type, for example, disabled.
As far as I know there is no “native” PowerShell way of getting this information. And perhaps it is rather the .NET limitation than PowerShell.
Here is the suggestion to add this functionality to the version next:
https://connect.microsoft.com/PowerShell/feedback/details/424948/i-would-like-to-see-the-property-starttype-added-to-get-services
The WMI workaround is also there, just in case. I use this WMI solution for my tasks and it works.
Once you've upgraded to PowerShell version 5 you can get the startup type.
To check the version of PowerShell you're running, use $PSVersionTable.
The examples below are for the Windows Firewall Service:
For the local system
Get-Service | Select-Object -Property Name,Status,StartType | where-object {$_.Name -eq "MpsSvc"} | Format-Table -auto
For one remote system
Get-Service -ComputerName HOSTNAME_OF_SYSTEM | Select-Object -Property MachineName,Name,Status,StartType | where-object {$_.Name -eq "MpsSvc"} | Format-Table -auto
For multiple systems (must create the systems.txt)
Get-Service -ComputerName (Get-content c:\systems.txt) | Select-Object -Property MachineName,Name,Status,StartType | where-object {$_.Name -eq "MpsSvc"} | Format-Table -auto
Use:
Get-Service BITS | Select StartType
Or use:
(Get-Service -Name BITS).StartType
Then
Set-Service BITS -StartupType xxx
[PowerShell 5.1]
If you update to PowerShell 5 you can query all of the services on the machine and display Name and StartType and sort it by StartType for easy viewing:
Get-Service |Select-Object -Property Name,StartType |Sort-Object -Property StartType
You can also use the sc tool to set it.
You can also call it from PowerShell and add additional checks if needed.
The advantage of this tool vs. PowerShell is that the sc tool can also set the start type to auto delayed.
# Get Service status
$Service = "Wecsvc"
sc.exe qc $Service
# Set Service status
$Service = "Wecsvc"
sc.exe config $Service start= delayed-auto
It is possible with PowerShell 4.
Get-Service *spool* | select name,starttype | ft -AutoSize
screenshot
By default StartType is not shown by Get-Service, but you can always explicitly ask for it:
Get-Service | select StartType,DisplayName | sort StartType,DisplayName
Use Get-Service | Get-Member to see all available fields.