Execute Start-Process Powershell Script on a Remote Computer
I open PowerShell as admin and use the following line of code to run an offline file for windows updates. It works fine
Start-Process 'wusa.exe' -ArgumentList 'C:\Temp\windows10.0-kb5032189-x64_0a3b690ba3fa6cd69a2b0f989f273cfeadba745f.msu' -verb runas
But now I am trying to somehow use this same code to run the file on remote computers. The windows update file has the same name and the exact location on the remote PCs
I came up with this code below which first gets admin credentials and passes it to the the invoke-command. Then the invoke-command runs the Start-Process code.
$Username = 'username123'
$Password = '84fWfghnsf&5Fh'
$pass = ConvertTo-SecureString -AsPlainText $Password -Force
$Cred = New-Object System.Management.Automation.PSCredential -ArgumentList $Username,$pass
Invoke-Command -ComputerName 8HPF31J7V6.domain.local -Credential $Cred -ScriptBlock {Start-Process 'wusa.exe' -ArgumentList 'C:\Temp\windows10.0-kb5032189-x64_0a3b690ba3fa6cd69a2b0f989f273cfeadba745f.msu' -verb runas}
Problem is, when I do this, nothing happens on the remote PC
I also don't get any errors when running
Any ideas on what I am doing wrong, or any other solutions besides this?
Add
-Waitto your remoteStart-Processcall to ensure thatwusa.exeruns to completion before returning from the remoteInvoke-Commandcall.- Otherwise, with an ad-hoc remoting session implicitly created via use of the
-ComputerNameparameter, theStart-Process-launched process is automatically terminated when theInvoke-Commandcall returns.
- Otherwise, with an ad-hoc remoting session implicitly created via use of the
Code executed via PowerShell's remoting runs invisibly on the target machines, so the use of
-Verb RunAsis pointless:If the remote process already is elevated, it has no effect. Note that remote processes are automatically elevated if the user identity running the remote command is an administrator on the target machine.
If it isn't (this would only happen if you explicitly gave non-administrative users permission to use PowerShell remoting), the call invariably fails, because no UAC dialog can be presented.
Caveat:
While the information below in this answer is correct in principle, js2010 notes that in order to successfully run
wusa.exeremotely, i.e. in order to install Windows Updates, running in an implicitly elevated remote session alone may not be sufficient.This ServerFault answer provides background information, and third-party module
PSWindowsUpdatemay provide a solution, if used with its scheduling features.
Therefore, with synchronous execution:
# ... credential construction code ($Cred) omitted
# Note: If the *current user* is allowed to make remoting calls,
# you may not need to construct credentials and don't need the
# -Credential parameter below.
# Note the use of -Wait, removal of -Verb RunAs
Invoke-Command -ComputerName 8HPF31J7V6.domain.local -Credential $Cred -ScriptBlock {
Start-Process -Wait wusa.exe -ArgumentList 'C:\Temp\windows10.0-kb5032189-x64_0a3b690ba3fa6cd69a2b0f989f273cfeadba745f.msu'
}
Read on for an asynchronous alternative.
Note that the (Start-Process -PassThru …).ExitCode technique shown below, for reporting the remote process' exit code, can equally be used with the synchronous approach above.
Asynchronous execution:
If you don't want the Invoke-Command call to wait for the remotely launched process (wusa.exe) to terminate, you have two options:
In the simplest case, add the
-AsJobswitch to the call above, which makesInvoke-Commandreturn a job object that can be queried for output and completion later, on demand, withReceive-JobandWait-Job, as shown below.Create a remote session explicitly, via
New-PSSession, and pass it toInvoke-Command's-Sessionparameter. Such a session stays open until it is either explicitly removed withRemove-PSSessionor times out due to inactivity.- However, to make the call asynchronous, you must then not use
-WaitwithStart-Process, and track the lifetime of the process in the remote session, by adding-PassThruto output a process-information object that you must capture in a variable, and consult again in a laterInvoke-Commandcall with the same-Sessionargument.
- However, to make the call asynchronous, you must then not use
Asynchronous variant with -AsJob, which additionally demonstrates how to report the remote process' exit code:
# ... credential construction code omitted
# Note the use of -AsJob and the use of -PassThru with Start-Process
# so as to be able to report the process' exit code.
$remoteJob =
Invoke-Command -AsJob -ComputerName 8HPF31J7V6.domain.local -Credential $Cred -ScriptBlock {
(
Start-Process -Wait -PassThru wusa.exe -ArgumentList 'C:\Temp\windows10.0-kb5032189-x64_0a3b690ba3fa6cd69a2b0f989f273cfeadba745f.msu'
).ExitCode
}
# ... perform foreground activity here.
# Now wait for the remote job to complete - which happens when
# wusa.exe terminates - and report its exit code.
$exitCode =
$remoteJob | Receive-Job -Wait -AutoRemoveJob
- VS code terminal can't find AWS SAM even though windows terminal can
- How to combine multiple conditions in a PowerShell if-statement
- Can I change Read-Host so it doesn't always end in a colon?
- How to call native XPath functions from Select-Xml?
- How to get all piped in objects at once when using Begin/Process/End blocks?
- Calling a method returned from another method in Powershell
- Powershell -- how to minimize the console the script is running in while sitting in a loop?
- Automation Account Script to delete Stale Devices
- Powershell version of cut -d is very slow on large files, am I missing the fast way to do it?
- how to use "if" statements inside pipeline
- Error When Connecting to Azure from PowerShell
- Execute powershell in x64 from MSBuild
- Powershell 5 and 7 processes double quotes in different way when running Cygwin
- SQL Package extract command is failing in PowerShell script
- Office 364 Audit logs: Search-UnifiedAuditLog is not recognized as the name of a cmdlet
- Empty path name is not legal - DTEXEC with Powershell
- Cannot remove PowerShell environment variables
- Is automating App Registration on Azure possible through ARM Template on the User's tenant?
- Powershell error "value can not in the type System Management Automation LanguagePrimitives+InternalPSCustomObject converted"
- Diskspace Report HTML Text Color Output
- Issue with Azure Automation Account and Key Vault Certificate Retrieval
- How to display current virtual environtment in python in oh-my-posh?
- How do I get a list of Service Principals in Azure via the CLI
- Handling special characters in password string
- What is the right way to check a switch parameter
- How to make ($Line_1`n$Line_2) work in a CMD script?
- .ps1 script reported as "Missing closing '}'" in .bat file script
- APPAP308E - Invalid process path. Full path is required
- How do I verify that a SMB server requires signing, preferably with Powershell?
- Import-Excel: Expand imported Excel columns to become individual row entries