Initially posted to Stack Overflow and was directed here. I'm new to programming and am trying to write a powershell script to manage software updates. I'm in a windows domain environment with over 50 remote offices. Each office has 4 computers. One computer, "Computer A," has dropbox installed that we use for backups, and now software updates. I want to execute a script from my local machine that copies a folder (~1 GB) to the other computers in that LAN, and runs the setup.exe file in the directory to update software on these computers.
As far as I can tell in order to use the Enter-pssession cmdlet & run a copy-item and start process, I have to:
- On remote machine enable winrm by: enable-psremoting -force
- On remote machine enable CredSSP authentication by: enable-smancredssp -role server -force
- On local machine enable CredSSP authentication by: enable-SmanCredSSP -role client -force
From here I can enter the Power shell session and begin the copy and install. Here is the code I'm running:
#Allow my computer to send credentials to remote computers
Enable-WSManCredSSP -Role Client -DelegateComputer * -Force
$credential = Get-Credential -Credential domain\user
#Getting Content
$path = "C:\computernames.csv"
Import-Csv -path $path |
foreach-object {
$computername = $_.Name
if (Test-Connection -cn $_.Name -quiet) {
#copy the batch file that allows remote powershell access
$source = "c:\"
$destination = "\\$computername\c$\install files\remoteaccess"
robocopy $source $destination
#open file to allow remote PS access
& psexec \\$computername -a runas -u domain\user -p password -c -f -h "\\$computername\c$\install files\remoteaccess\remoteaccess.bat"
#Initiates Power Shell session with remote computer
Enter-PSSession -cn $_.Name -Credential $credential -Authentication Credssp
#begin copy
#be sure to refine destination
copy-item -path $_.Source -Destination $_.Destination -force -verbose -recurse | out-file c:\copylog.txt
#begin silent install
#code here
#stop wsmancredssp accep
disable-wsmancredssp -role server
#close pssession
exit-pssession
} else {
"$computername is not online"
}
}
Disable-wsmancredssp -role client
The computernames.csv has the headers: Name, Source, Destination with UNC directories for each LAN's computer with dropbox and where to copy the file.
The "remoteaccess.bat" file contains the following two lines of code:
powershell.exe enable-psremoting -force >>c:\remotelog.txt
powershell.exe Enable-WSManCredSSP -role Server -force >>c:\remotelog.txt
The powershell window freezes after initiating the psexec session with the remote computer and sends the first powershell command to enable remoting. No error is generated, or input requested. The output of this command is saved in the remotelog text file: "WinRM has been updated to receive requests. WinRM service started.
WinRM already is set up for remote management on this machine."
It appears the powershell command to enable wsmancredssp is never received. When I run the batch file on the remote computer from remote access software, both commands execute and are logged successfully. Where is my psexec command going wrong, or how can I setup these computers to allow remote sessions with a remote command without using GPO?
