Saturday, March 19, 2016

Run powershell on remote machine without enabling powershell remoting !

Here is a tricky way to execute powershell code on remote machine without actually enabling powershell remoting. Enabling powershell remote lets you run powershell commands on a remote machine and get the output on to your computer.

You can either use the -ComputerName parameter available in a command or use the Invoke-Command using the -Computer parameter, or create a psremoting session and run the Invoke-Command on the session.

If PSRemoting is not enabled on your environment you do not have any way to run powershell script on a remote machine.

I was creating a remote software installation tool using powershell which wraps the PsExec tool and lets you install a software on remote machine if you know the silent installation commandlines. With a slight modification same tool can be used for running a script on the remote machine and get the outputs.

PSExec redirects the output onto your screen but if you create an output file on the remote machine you need to figure a way to get it copied onto your local machine from the remote machine, or create a share in your localmachine/server to which you can save the output from the remote machine.

Script uses the cmdkey to cache the credentials and maps the remote machine C drive to copy the setup files.

Creates a folder in C drive on the remote machine, copies the ps1 file you want to run along with a batch file which triggers the powershell script.

Once the script execution is completed on the remote machine, mapped network drive and cached credentials will be deleted.

GUI creation credit to following blog.
Download psexec and save it in the same folder where you have the main script.

The below script can be run using the remote machine name and the ps file source folder name.

Here is how your script folder should look like.








Before running the script, want to show that the remote machine has a restricted powershell execution policy and PSremoting is not enabled(Screenshot1).
Below  script would be run on this machine from a different machine.

$process = Get-Process
$process
Write-Host "Also writing output to file on remote machine check C:\temp\lanabhat.txt"
$process | Out-File C:\temp\Lanabhat.txt
 
How to run the script.

Commandline entered in the installCommand.bat file
powershell -ExecutionPolicy ByPass C:\Software_Install\test-remoteShare.ps1

Running the powershell script.
.\Run-PowershellRemote.ps1 -MachineName PC0001 -installSourceFiles C:\Users\lanabhat\Desktop\Remote-Powershell\test-powershellscript

Credentials to connect to the remote machine, username would default to COMPUTARENAME\Administrator , if you have a service account or a domain admin account, you can modify the code and replace it to default to that value.


Remote machine C drive is mapped to P drive a folder is created to batch file and powershell script is copied to that folder and batch file is executed with system account.

Credential will be cached to connect to run psexec on remote machine. It will be removed at the end.

Output of the script is shown in your machine but the script is running on the remote machine.


Once the execution is completed press enter to do clean-up. Files copied to remote machine will be deleted and shared folder will be unmapped.

Here is the result from the remote machine.

And finally here is the script.

Please share your feedback and send me a message if you find it useful !


<#
.Synopsis
   Run powershell script on remote machine using psexec
.DESCRIPTION
   Copies the setup files specified in the source.
   This script runs the commandline from the installCommand.bat file on remote machine.
   Copies the setup files to remote machine
   Executes the installation.
.EXAMPLE
   .\Run-PowershellScript.ps1 -MachineName "hostname1" -installSourceFiles \\sharename\foldername -Verbose
.EXAMPLE
   .\Run-PowershellScript -MachineName "hostname2" -installSourceFiles \\sharename\foldername -Verbose
 
#>

    [CmdletBinding()]
    
    Param
    (
        #Machine Name
        [Parameter(Mandatory=$true,
                   ValueFromPipelineByPropertyName=$true,
                   Position=0)]
        $MachineName,

        #Shared folder location of setup.
        [Parameter(Mandatory=$true,
                   ValueFromPipelineByPropertyName=$true,
                   Position=1)]
        $installSourceFiles
     )

#region functions
Function Get-RandomDriveLetter
{
$drive=ls function:[d-z]: -n|?{!(test-path $_)}|random
$dl=($drive.ToString()).Replace(":","")
$dl
}


Function map-Drive($driveLetter,$networkDrive,$creds)
{
  $errorFlag = $false

  $net = new-object -ComObject WScript.Network
  
  Write-Verbose "Drive letter $driveLetter"
  Write-Verbose "Network share $networkDrive"

  
  $user_cred = $creds #Get-Credential -Message "Enter the admin cred to map C: drive" $userID

  if($user_cred -eq $null)
  {
   "Credentials were not entered, cannot proceed"
   return 0
  }
  
   $networkCred = $user_cred.GetNetworkCredential()
   $password=$networkCred.Password
   $userID=$networkCred.Domain + "\" + $networkCred.UserName
   $driveLetter += ":"
  
   try
   {
    $net.MapNetworkDrive($driveLetter,$networkDrive,$false,$userID,$password)
   }
   catch
   {    
    $errorFlag = $true
    $ErrorMessage = $_.Exception.Message
    if($ErrorMessage -match "The specified network password is not correct")
    {
     Write-Host "Invalid credentials" -ForegroundColor Yellow
    }
    else
    {
     Write-Host "Invalid credentials" -ForegroundColor Yellow
    }

    exit 0
}



}

#Unmap the network drive
Function Unmap-NetworkDrive($driveLet)
{
  Remove-PSDrive -Name $driveLet
}

function Cache-Creds($hostname,$username,$password)
{
  cmdkey.exe /add:$hostname /user:$userName /pass:$password
}

function Remove-CacheCred($hostname)
{
cmdkey.exe /delete:$hostname
}

#endregion functions


$localSetup = "Software_Install" #Local folder which will be created on C drive on user machine
$batchFile = "$($Script:PSScriptRoot)\installCommand.bat" #Command file which will be copied to user machine
$remoteBatchPath = "C:\$($localSetup)\installCommand.bat"

#create a batch file as per the script argument
Write-Verbose "Commandline used is: $commandLine"

$hostname =  $MachineName
$userName = "$($hostname)\administrator"
$credential=Get-Credential $userName -Message "Please center the password to access the remote machine"
$password = $credential.GetNetworkCredential().Password;

#Create a cached credentials for psexec connection
Cache-Creds $hostname $username $password

$remMachinedriveLetter = Get-RandomDriveLetter
$sharePath = "\\$($hostname)\C$"

#Map the remote machine C drive
map-Drive $remMachinedriveLetter $sharePath $credential

#Created SCCM_Install folder on c drive, if it does not exists
if(!(Test-Path "$($remMachinedriveLetter):\$localSetup"))
{
Write-Verbose "Directory not found on remote server, creating the directory: $($remMachinedriveLetter):\$localSetup"
New-Item -path "$($remMachinedriveLetter):\$localSetup" -ItemType Directory
}

#Copy setup files to remote machine
Write-Verbose "Copying setup files from $installSourceFiles"
Copy-Item "$($installSourceFiles)\*" "$($remMachinedriveLetter):\$localSetup\" -Recurse -Verbose -Force -Container

Write-Verbose "Copying batchfile : $batchFile"
Copy-Item $batchFile "$($remMachinedriveLetter):\$localSetup\" -Verbose

#run psexec and launch install
Write-Verbose "Running PSEXEC to trigger the batch"
& .\psexec.exe \\$hostname -h -s $remoteBatchPath

Write-Host "Exitcode:" -ForegroundColor Yellow
$LASTEXITCODE

#Unmap network drive, cleanup
Write-Verbose "Removing Cached Creds"
Remove-CacheCred $hostname


Read-Host "Press enter to do cleanup"
Write-Verbose "Deleting installation files"
Remove-Item "$($remMachinedriveLetter):\$localSetup" -Recurse -Verbose


Write-Verbose "Removing network drive"
Unmap-NetworkDrive -driveLet $remMachinedriveLetter


Coming next -

Remote software installer, merging the power of powershell and psexec....
































Friday, March 18, 2016

SCCM Client DP-MP-SUP Port Query tool

A script which can help you to determine if the client machine is able to established connection to DP, MP and SUP on required ports.

A UI will be presented to user to select the site and do the port query.

Change the variable $regionsComboData and add your site names the format should be Sitename-SiteCode , as it is used later in the script .

This script uses the portquery utility to do the port query. It needs to be downloaded and kept in the same folder as the script.


Place the script inside a folder named logic, script will create the folder named Result and generate the csv file with port query results. Also it consolidate the log created by portqry tool and generate a single log file inside results folder.

Verbose output will be shown in Powershell console.

Screenshot of the UI.

To generate the CSV file which has the server details stored use the second script which is available at the end of this post, this csv file also should be placed along with the script.




#Write-Host "Setting variables" -ForegroundColor Yellow
$regionsComboData = "Site1-SI1","Site2-SI2", "Site3-SI3", "Site4-SI4"

$scriptFolder = split-path -parent $MyInvocation.MyCommand.Definition
#Write-Verbose "Script path: $scriptFolder"

$substringlen = $scriptFolder.LastIndexOf("\")
$resultFolder = "$($scriptFolder.Substring(0,$substringlen))\Result"

$consolidatedLog = "$($resultFolder)\PortQueryLog.log"
$portStatusFile = "$($resultFolder)\PortStatus.csv"

$ServerDetailsFile = "$($scriptFolder)\ServerDetails.csv"

#Write-Verbose "Log file: $consolidatedLog"
#Write-Verbose "Results file: $portStatusFile"
#Write-Verbose "Server Details file: $ServerDetailsFile"
#Write-Host " "


#region GUICode

#ERASE ALL THIS AND PUT XAML BELOW between the @" "@
$inputXML = @"
<Window x:Class="WpfApplication2.MainWindow"
        xmlns="http://schemas.microsoft.com/winfx/2006/xaml/presentation"
        xmlns:x="http://schemas.microsoft.com/winfx/2006/xaml"
        xmlns:d="http://schemas.microsoft.com/expression/blend/2008"
        xmlns:mc="http://schemas.openxmlformats.org/markup-compatibility/2006"
        xmlns:local="clr-namespace:WpfApplication2"
        mc:Ignorable="d"
        Title="PortChecker for SCCM Client" Height="386.386" Width="550.99">
    <Grid>
        <Grid.ColumnDefinitions>
            <ColumnDefinition Width="517*"/>
            <ColumnDefinition Width="0*"/>
            <ColumnDefinition Width="26*"/>
        </Grid.ColumnDefinitions>
        <Button x:Name="btn_start" Content="Show Details" HorizontalAlignment="Left" Margin="320,34,0,283" Width="100"/>
        <ListView x:Name="listview" HorizontalAlignment="Left" Height="210" Margin="43,103,0,0" VerticalAlignment="Top" Width="464">
            <ListView.View>
                <GridView>
                    <GridViewColumn Header="ServerName" DisplayMemberBinding ="{Binding 'ServerName'}" Width="200"/>
                    <GridViewColumn Header="Port" DisplayMemberBinding ="{Binding 'Port'}" Width="60"/>
                    <GridViewColumn Header="Protocol" DisplayMemberBinding ="{Binding 'Protocol'}" Width="80"/>
                    <GridViewColumn Header="Status" DisplayMemberBinding ="{Binding 'Status'}" Width="100"/>
                </GridView>
            </ListView.View>
        </ListView>
        <ComboBox x:Name="cmb_region" HorizontalAlignment="Left" Height="38" Margin="43,34,0,0" VerticalAlignment="Top" Width="205"/>
        <TextBlock x:Name="msgToUser" HorizontalAlignment="Left" Height="17" Margin="43,81,0,0" TextWrapping="Wrap" VerticalAlignment="Top" Width="449"/>
    </Grid>
</Window>


"@      
<#
#Checkbox GUI code
<CheckBox x:Name="chk_verbose" Content="CheckBox" HorizontalAlignment="Left" Height="26" Margin="262,34,0,0" VerticalAlignment="Top" Width="19" RenderTransformOrigin="19.316,-1.212"/>
        <Label x:Name="Verbose" Content="Verbose" HorizontalAlignment="Left" Height="32" Margin="253,49,0,0" VerticalAlignment="Top" Width="68"/>        
      
#>

$inputXML = $inputXML -replace 'mc:Ignorable="d"','' -replace "x:N",'N'  -replace '^<Win.*', '<Window'
[void][System.Reflection.Assembly]::LoadWithPartialName('presentationframework')
[xml]$XAML = $inputXML
#Read XAML
  $reader=(New-Object System.Xml.XmlNodeReader $xaml)
  try{$Form=[Windows.Markup.XamlReader]::Load( $reader )}
  catch{Write-Host "Unable to load Windows.Markup.XamlReader. Double-check syntax and ensure .net is installed."}
#===========================================================================
# Load XAML Objects In PowerShell
#===========================================================================
$xaml.SelectNodes("//*[@Name]") | %{Set-Variable -Name "WPF$($_.Name)" -Value $Form.FindName($_.Name)}
Function Get-FormVariables{
if ($global:ReadmeDisplay -ne $true){Write-host "If you need to reference this display again, run Get-FormVariables" -ForegroundColor Yellow;$global:ReadmeDisplay=$true}
write-host "Found the following interactable elements from our form" -ForegroundColor Cyan
get-variable WPF*
}

function Write-MessageToGUI($message)
{
$WPFmsgToUser.Text = $message
}
Get-FormVariables
#===========================================================================
# Actually make the objects work
#===========================================================================
#Sample entry of how to add data to a field
#$vmpicklistView.items.Add([pscustomobject]@{'VMName'=($_).Name;Status=$_.Status;Other="Yes"})
#===========================================================================
# Shows the form
#===========================================================================
#write-host "To show the form, run the following" -ForegroundColor Cyan

#$WPFFind.Add_Click({$WPFResult.Text = Get-BoundaryDetails $WPFHostName.Text})

#endregion GUI Code


Function initialize-Settings
{
    if(!(Test-Path $resultFolder))
    {
     Write-Host "Result folder not found, creating the folder" -ForegroundColor Yellow
     mkdir $resultFolder
    }

    if(!(Test-Path $ServerDetailsFile))
    {
     Write-Host "Unable to find the csv file with server details @ $ServerDetailsFile" -ForegroundColor Yellow
     Exit 0
    }

    Write-Host "Checking if portqry tool is present in the directory" -ForegroundColor Yellow
    if(!(Test-Path "$($scriptFolder)\PortQry.exe"))
    {
     #Get-ChildItem .\
     Write-Host "Portquery.exe is not found, aborting" -ForegroundColor Yellow
     Exit 0
    }
}

Function Get-PortStatus($serverNameIP,$PortNo,$prtcl)
{
<#$serverNameIP = "C105JWWCMNSDP"
$prtcl = "TCP"
$portNo = 80
#>

Write-Host "Querying....... Server: $serverNameIP, PortNo: $portNo , Protocol: $prtcl" -ForegroundColor Yellow

#Read-Host "test"
$logFile =  "$($scriptFolder)\$($serverNameIP)_$($prtcl)_$($portNo)_portRes.log"

& $scriptFolder\PortQry.exe -n $serverNameIP -p $prtcl -e $portNo -l $logFile -q

Write-Host "Writing data to consolidated log file" -ForegroundColor Yellow
Get-Content $logFile | Out-File $consolidatedLog -Append -Encoding ascii
Write-Host "Removing log created by proqry tool $logFile" -ForegroundColor Yellow
Remove-Item $logFile
$portStatus = "UNKNOWN"

#Write-Verbose "Exitcode $LASTEXITCODE"

  switch ($LASTEXITCODE)
{
  0 {$portStatus = "OPEN"}
  1 {$portStatus = "CLOSED"}
  2 {$portStatus = "FILTERED"}
  Default{$portStatus = "UNKNOWN" }
}

$portStatusObj = New-Object -TypeName psobject
Add-Member -InputObject $portStatusObj -MemberType NoteProperty -Name "ServerName" -Value $serverNameIP
Add-Member -InputObject $portStatusObj -MemberType NoteProperty -Name "Port" -Value $portNo
Add-Member -InputObject $portStatusObj -MemberType NoteProperty -Name "Protocol" -Value $prtcl
Add-Member -InputObject $portStatusObj -MemberType NoteProperty -Name "Status" -Value $portStatus

#Write-Verbose "Returning result"


Return $portStatusObj
}

#region portprofiles
$portProfiles = @()

#DP
$portProfile = New-Object -TypeName psobject
Add-Member -InputObject $portProfile -MemberType NoteProperty -Name "PortNumber" -Value "80"
Add-Member -InputObject $portProfile -MemberType NoteProperty -Name "ProtocolType" -Value "TCP"
Add-Member -InputObject $portProfile -MemberType NoteProperty -Name "ServerType" -Value "DP"

$portProfiles+=$portProfile

$portProfile = New-Object -TypeName psobject
Add-Member -InputObject $portProfile -MemberType NoteProperty -Name "PortNumber" -Value "443"
Add-Member -InputObject $portProfile -MemberType NoteProperty -Name "ProtocolType" -Value "TCP"
Add-Member -InputObject $portProfile -MemberType NoteProperty -Name "ServerType" -Value "DP"
$portProfiles+=$portProfile

#MP
$portProfile = New-Object -TypeName psobject
Add-Member -InputObject $portProfile -MemberType NoteProperty -Name "PortNumber" -Value "10123"
Add-Member -InputObject $portProfile -MemberType NoteProperty -Name "ProtocolType" -Value "TCP"
Add-Member -InputObject $portProfile -MemberType NoteProperty -Name "ServerType" -Value "MP"
$portProfiles+=$portProfile

$portProfile = New-Object -TypeName psobject
Add-Member -InputObject $portProfile -MemberType NoteProperty -Name "PortNumber" -Value "80"
Add-Member -InputObject $portProfile -MemberType NoteProperty -Name "ProtocolType" -Value "TCP"
Add-Member -InputObject $portProfile -MemberType NoteProperty -Name "ServerType" -Value "MP"
$portProfiles+=$portProfile

$portProfile = New-Object -TypeName psobject
Add-Member -InputObject $portProfile -MemberType NoteProperty -Name "PortNumber" -Value "443"
Add-Member -InputObject $portProfile -MemberType NoteProperty -Name "ProtocolType" -Value "TCP"
Add-Member -InputObject $portProfile -MemberType NoteProperty -Name "ServerType" -Value "MP"
$portProfiles+=$portProfile

#SUP
$portProfile = New-Object -TypeName psobject
Add-Member -InputObject $portProfile -MemberType NoteProperty -Name "PortNumber" -Value "80"
Add-Member -InputObject $portProfile -MemberType NoteProperty -Name "ProtocolType" -Value "TCP"
Add-Member -InputObject $portProfile -MemberType NoteProperty -Name "ServerType" -Value "SUP"
$portProfiles+=$portProfile

$portProfile = New-Object -TypeName psobject
Add-Member -InputObject $portProfile -MemberType NoteProperty -Name "PortNumber" -Value "8530"
Add-Member -InputObject $portProfile -MemberType NoteProperty -Name "ProtocolType" -Value "TCP"
Add-Member -InputObject $portProfile -MemberType NoteProperty -Name "ServerType" -Value "SUP"
$portProfiles+=$portProfile

$portProfile = New-Object -TypeName psobject
Add-Member -InputObject $portProfile -MemberType NoteProperty -Name "PortNumber" -Value "443"
Add-Member -InputObject $portProfile -MemberType NoteProperty -Name "ProtocolType" -Value "TCP"
Add-Member -InputObject $portProfile -MemberType NoteProperty -Name "ServerType" -Value "SUP"
$portProfiles+=$portProfile

$portProfile = New-Object -TypeName psobject
Add-Member -InputObject $portProfile -MemberType NoteProperty -Name "PortNumber" -Value "8531"
Add-Member -InputObject $portProfile -MemberType NoteProperty -Name "ProtocolType" -Value "TCP"
Add-Member -InputObject $portProfile -MemberType NoteProperty -Name "ServerType" -Value "SUP"
$portProfiles+=$portProfile
#endregion portprofiles

function Start-Activity($ClientRegion)
{
    $selectedSiteCode = "none"
    Write-Host "Region selected: $ClientRegion" -ForegroundColor Yellow

    $startPos = $ClientRegion.IndexOf("-");
    $selectedSiteCode = $ClientRegion.Substring($startPos+1)

    Write-Host "Selected site: $selectedSiteCode" -ForegroundColor Yellow

    $csvData = Import-Csv $ServerDetailsFile
    $serversToCheck = $csvData | Where-Object{$_.SiteCode -eq $selectedSiteCode}

    #Write-Verbose "Servers to check are"
    #Write-Output $serversToCheck
    #Write-Verbose ""

    $allPortStatus = @();

    foreach($server in $serversToCheck)
    {
     Write-MessageToGUI "Querying server: $($server.ServerName) ....."
     switch($server.ServerType)
     {
      "DP" {
       $ports = $portProfiles | ?{$_.ServerType -eq "DP"}
       foreach($port in $ports)
       {
        $res = Get-PortStatus $server.ServerName $port.PortNumber $port.ProtocolType
        #Write-Verbose " "
        #Write-Verbose "Adding returned output to array DP"
        $allPortStatus += $res
       }
      }
      "MP" {
       $ports = $portProfiles | ?{$_.ServerType -eq "MP"}
       foreach($port in $ports)
       {
        $res = Get-PortStatus $server.ServerName $port.PortNumber $port.ProtocolType
        #Write-Verbose "Adding returned output to array MP"
        $allPortStatus += $res
       }  
      }
      "SUP" {
       $ports = $portProfiles | ?{$_.ServerType -eq "SUP"}
       foreach($port in $ports)
       {
        $res = Get-PortStatus $server.ServerName $port.PortNumber $port.ProtocolType
        #Write-Verbose "Adding returned output to array SUP"
        $allPortStatus += $res
       }
      }
     }
    }
    $allPortStatus | Select-Object ServerName,Port,Protocol,Status | Format-Table

    Write-Host "Writing output to file $portStatusFile" -ForegroundColor Yellow
    $allPortStatus | Select-Object ServerName,Port,Protocol,Status | Export-Csv $portStatusFile

    #Adding value to GUI
    Write-Host "Adding data to GUI" -ForegroundColor Yellow
   $allPortStatus | Select-Object ServerName,Port,Protocol,Status |  ForEach-Object {$WPFlistView.AddChild($_)}

    Write-Host "----------------------------------------------------" -ForegroundColor Green
    Write-Host "Task completed successfully" -ForegroundColor Yellow
    Write-Host "----------------------------------------------------" -ForegroundColor Green
}


#Write your code here
#$WPFchk_verbose.IsChecked = $true

initialize-Settings

#Populate data in combobox
$regionsComboData | ForEach-object {$WPFcmb_region.AddChild($_)}

$WPFbtn_start.Add_Click({
$SiteCodeValue = $WPFcmb_region.Text
if($SiteCodeValue -notmatch "[*A-Z*]")
{
  Write-MessageToGUI "Please select a region"
  Return 0;
}
else
{
  Start-Activity $SiteCodeValue
}
})

$Form.ShowDialog() | out-null
-------------------------------------------------------------------------------------------------
Generate the server details csv file
Run this on CAS server and copy the csv file

$outputFile = "$($env:userprofile)\desktop\ServerDetails.csv"

function writeto-file($serverData,$file)
{
foreach($server in $serverData)
{
  Write-Output "$($server.ServerName),$($server.SiteCode),$($server.ServerType)" | Out-File $file -Encoding ascii -Append
}
}


$dps = Get-CMSite | %{Get-CMDistributionPoint -SiteCode $_.SiteCode} | Select-Object  @{Name="ServerName";Expression={($_.NetworkOSPath).subString("2");}}, SiteCode,@{Name="ServerType";Expression={"DP"};}
$mps = Get-CMSite | %{Get-CMManagementPoint -SiteCode $_.SiteCode} | Select-Object  @{Name="ServerName";Expression={($_.NetworkOSPath).subString("2");}}, SiteCode,@{Name="ServerType";Expression={"MP"};}
$sups = Get-CMSite | %{Get-CMSoftwareUpdatePoint -SiteCode $_.SiteCode} | Select-Object  @{Name="ServerName";Expression={($_.NetworkOSPath).subString("2");}}, SiteCode,@{Name="ServerType";Expression={"SUP"};}

cd C:

"ServerName,SiteCode,ServerType" | Out-File $outputFile -Encoding ascii

writeto-file $dps $outputFile
writeto-file $mps $outputFile
writeto-file $sups $outputFile