ExecWith / WinBatch executing Powershell code

Antworten
ronin
Beiträge: 20
Registriert: 03 Apr 2018, 13:57

ExecWith / WinBatch executing Powershell code

Beitrag von ronin »

Hi,

For couple of days I'm struggling with executing powershell code.
Can you give me some working examples ?
I'm trying enable Remoting, without changing ExecutionPolicy if possible.

Client is on WORKGROUP at this state ... later joindomain
Here is what i tried:

Code: Alles auswählen

ExecWith_remoting powershell

[ExecWith_remoting]
powershellCall('
Enable-PSRemoting -SkipNetworkProfileCheck -Force `r`n  # tried without `r`n 
Set-Item WSMan:\localhost\Client\TrustedHosts -Value 'WIN-DC' -Force
')

Code: Alles auswählen

ExecWith_remoting powershell.exe winst /sysnative

[ExecWith_remoting]
Enable-PSRemoting -SkipNetworkProfileCheck -Force
Set-Item WSMan:\localhost\Client\TrustedHosts -Value 'WIN-DC' -Force
After that I included .ps1 file:

Code: Alles auswählen

[WinBatch_remove_adcomputer]
"%System%\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass -NoProfile -File "%ScriptPath%\rm_adpc.ps1" /WaitSeconds 20
which contains script removing Computer from AD:

Code: Alles auswählen

$password = "***" | ConvertTo-SecureString -asPlainText -Force
$username = "OPSI\admin"
$credential = New-Object System.Management.Automation.PSCredential($username,$password)
$ComputerName = $env:COMPUTERNAME
$Session = New-PSSession -ComputerName WIN-DC -Credential $credential
$Command = {
$env:CN=$using:ComputerName
function Remove-ADComputerAllDCs {
    param(
        [Parameter(Mandatory=$true, Position = 0)]
        [string]$Computer
    )

    $DCs = @("WIN-DC")

    foreach ($DC in $DCs) {
        Write-Host "Removing $($Computer) from $($DC)..."
        Remove-ADObject (Get-ADComputer -Identity $Computer -Server $DC) -Recursive -Confirm:$false
    }
}
Remove-ADComputerAllDCs $env:CN
}
Invoke-Command -Session $Session -ScriptBlock $Command
Remove-PSSession -Session $Session
Why powershellCall not working ? :(



I also tried, and it's working:

Code: Alles auswählen

set $policy$ = takeString(0,shellCall('powershell.exe get-execution-policy'))
shellCall('powershell.exe set-execution-policy RemoteSigned')
set $list$ = getOutStreamFromSection ('Execwith_ps powershell.exe winst /sysnative')
shellCall('powershell.exe set-execution-policy '+$policy$)

[Execwith_ps]
trap { write-output $_ ; exit 1 }
Enable-PSRemoting -SkipNetworkProfileCheck -Force
Set-Item WSMan:\localhost\Client\TrustedHosts -Value 'WIN-DC' -Force
exit $LASTEXITCODE
Do I need start WinRM before all of that ?:

Code: Alles auswählen

; Windows Remote Management (WS-Management)
openkey [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinRM]
set "Start" = REG_DWORD:00000002
Thank you ;)
Benutzeravatar
SisterOfMercy
Beiträge: 1522
Registriert: 22 Jun 2012, 19:18

Re: ExecWith / WinBatch executing Powershell code

Beitrag von SisterOfMercy »

old post, but I was wondering too.

This works:

Code: Alles auswählen

[Actions]
comment "Powershell section"
powershellCall('Get-AppxPackage *BingWeather* | Remove-AppxPackage -AllUsers')
powershellCall('Get-AppxPackage *DesktopAppInstaller* | Remove-AppxPackage -AllUsers')
powershellCall('Get-AppxPackage *GetHelp* | Remove-AppxPackage -AllUsers')
powershellCall('Get-AppxPackage *Getstarted* | Remove-AppxPackage -AllUsers')
This is great if you want to call one-line commands. With GNU/Linux you can use ; or &&, etc. But I'm not sure about that in powershell.
You can also send the output of powershellCall to a variable or stringlist. (exitcode or whatever powershell puts out)
I think two seperate powershellCalls are evaluated in two different powershell environments.

Maybe you could do something like this:

Code: Alles auswählen

powershellCall('
Get-AppxPackage *GetHelp* | Remove-AppxPackage -AllUsers ;
Get-AppxPackage *Getstarted* | Remove-AppxPackage -AllUsers
')
Not sure about this. Otherwise you'd have to use ExecWith.

And in the last part of your question, starting WinRM.. Yes, you have enabled the service, but you have not started it yet in that session. So issue a net start WinRM command.

What is the use of WinRM? Is there anything that uses it? I always turn it off and don't feel like I'm missing out.
Bitte schreiben Sie Deutsch, when I'm responding in the German-speaking part of the forum!
Antworten