-
Notifications
You must be signed in to change notification settings - Fork 70
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
PS Remoting is disabled. #21
Comments
$commandBytes = [System.Text.Encoding]::Unicode.GetBytes($ScriptBlock) |
above is the basic wmi remote method of executing powershell remotely |
Invoke-CommandAs -AsWmiMethod ? This might need to be implement as a whole separate function. As I’d want to replicate all the Invoke-WmiMethod parameters, simply adding -AsSystem, -AsCredential and -AsGSMA Invoke-WmiMethodAs ? |
After playing around with the code, I think this might need to be it's own module. the expectation, is to convert the Invoke-Command, into a Invoke-Command[As], adding a few custom parameters to the regular Invoke-Command function. Will need to investigate more how this could be implemented. Please take a look at the private function Invoke-ScheduledTask, to help you accelerate some of your functionality. I'd be open to start a new project, and get the structure going on if you'd want to help out? For now, I'll close the issue, please DM me on twitter.. ;) |
https://github.com/mkellerman/Invoke-CommandAs/tree/mk-feature-wmicommand Let me know if this works for you! Obviously, there is no output... :( |
Quick and dirty way to see if it works: $ComputerName = 'W2012R2'
$Credential = Get-Credential 'Administrator'
$ScriptBlock = {
New-Item -Path C:\Temp -ItemType Directory -Force | Out-Null
[System.Security.Principal.Windowsidentity]::GetCurrent() | Out-File "C:\Temp\pwsh_output.txt"
}
$WmiProcess = Invoke-WmiCommandAs -ScriptBlock $ScriptBlock -ComputerName $ComputerName -Credential $Credential -AsSystem
While (Get-WmiObject -Class 'Win32_Process' -Filter "ProcessId='$($WmiProcess.ProcessId)'" -ComputerName $ComputerName -Credential $Credential -EA 0) {
Write-Warning "$(Get-Date): Waiting..."
Start-Sleep -Milliseconds 200
} Then go check the content of the file at: |
Closed. Please re-open ticket if you have any issues. |
I am unable to use invoke-comandas because powershell remoting is prohibited from being enabled.
I have been executing powershell scriptblocks remotely using wmi and would love to see if this functionality be added if possible.
here is what I have been using:
function Invoke-ScheduledScriptBlock {
[CmdletBinding()]
param
(
[Parameter()]
[string[]]$ComputerName ,
$username = $Credential.Username
$password = $Credential.GetNetworkCredential().Password
$command = $scriptblock.ToString()
$command = $command + ' ; start-sleep -Seconds 2 ; SCHTASKS /Delete /TN OnDemand /F'
if($command.Length -lt '200'){
$script = @"
`$powerShellCommand =
"powershell.exe -noprofile -executionpolicy Unrestricted -command $command "
schtasks /CREATE /TN 'OnDemand' /SC WEEKLY /RL HIGHEST
/RU $username /RP $password
/TR "`$powerShellCommand" /F
schtasks /RUN /TN 'OnDemand' | Out-String
$command | Out-File "\$ComputerName\c$ \Windows\Temp$ps1" -Force
"@
} Else {
$ps1 = ([system.guid]::newguid().tostring().split('-')[0]) + '.ps1'
$script = @"
`$powerShellCommand =
"powershell.exe -noprofile -executionpolicy Unrestricted -file c:\windows\temp$ps1 "
schtasks /CREATE /TN 'OnDemand' /SC WEEKLY /RL HIGHEST
/RU $username /RP $password
/TR "`$powerShellCommand" /F
schtasks /RUN /TN 'OnDemand' | Out-String
"@
}
$commandBytes = [System.Text.Encoding]::Unicode.GetBytes($script)
$encoded = [Convert]::ToBase64String($commandBytes)
$command = "powershell -NoProfile -EncodedCommand $encoded"
$null = Invoke-WmiMethod -Computer $computername -Credential $AdminCred `
Win32_Process Create -Args $command
}
The text was updated successfully, but these errors were encountered: