Advanced Windows PowerShell Scripting Video Training

Advanced Windows PowerShell Scripting Video Training
Advanced Windows PowerShell Scripting Video Training

Tuesday, September 8, 2009

Rebooting Clients with PowerShell Part 2 of 2



Last Tuesday, we looked at how to reboot/shutdown/logoff remote clients in powershell. We also looked the GPO settings to allow you to do this to any client. Now, we are going to allow you to do this to multiple clients all at once.

First off, the original objective of this post was to recreate a script that I used in VBScript to reboot my servers during the wee morning hours so I would not have to get out of bed. So, before proceeding any further, please create a service account with appropriate rights. In 2008, there is an OU called Managed Service Accounts. Why not place it there.

OK, here are our tasks:
• Create a text file containing the names of the clients that we want to reboot.
• Create a script that reads each file and reboots the correct client.
• Create a scheduled task for you to designate when this should happen.

Task 1: Create a text file containing the names of the clients that we want to reboot.
This is a simple one. Just create a text file and put one client name per line. Save it in a location that the service account has access to. By using this text file, you will be able to easily add and remove client names.

Task 2: Create a script that reads each file and reboots the correct client.
# ======================================
# Script Name:
# Author: Jason A.Yoder, MCT
# Company: MCTExpert, Inc.
# Website: www.MCTExpert.com
# Blog: www.MCTExpert.blogspot.com
# Version: 1.0
# Created: Aug. 9, 2009
# Purpose: This script is designed to allow
# Network Administrators the ability
# too schedule the rebooting of any of
# their client.
# ======================================

# ======================================
# Script Body
# --------------------------------------

#Load the list of clients.
$ClientList = gc c:\ClientList.txt

# Cycle through each name on the list and Force Reboot
# that client.
ForEach ($Comp in $ClientList)
{
$CompObj = gwmi Win32_OperatingSystem –computer $Comp
$CompObj.Win32Shutdown(6)
}


# ======================================
# End of Script Body
# ======================================

In the above script, we are assuming that the text file containing the names of the clients to reboot is contained at c:\ClientList.txt. We use the Get-Content, or GC, cmdlet to read the contents into the variable $ClientList. From there we use the ForEach loop to cycle through each client and reboot it. You should recognize the two lines of code from part I of this article.

Task 3: Create a scheduled task for you to designate when this should happen.
PowerShell has some built in security. If you double click on a .PS1 file (PowerShell script), it just opens in Notepad. That is by design. You can execute a command line to run the script without opening the PowerShell Shell.

The command to do this is: PowerShell.exe FilePath\Filename.ps1

The problem here is that you need to run the Set-ExecutionPolicy command from inside of PowerShell to allow scripts to run. Running this command will only error out:
File ----- cannot be loaded because the execution of scripts is disabled on
This system. Please see “get-help about_signing” for more details.”

To fix this problem, you need to set the execution policy in Group Policy.
• Open Group Policy Editor.
• Create or edit the policy that will control the client that the script is running on.
• Expand: Computer Configuration --> Policies --> Administrative Templates --> Windows Powershell.
• Open Turn on Script Execution.
• Select Enabled
• From the drop down box, select Allow local scripts and remote signed scripts.
• Click OK.
• Close Group Policy Management Editor.
• Make sure you refresh the policy on the computer that the script will run on.

Now that we have set the Execution Policy, we can create the scheduled task.

• Click Start.
• Right Click Computer and select Manage.
• Click Configuration --> Task Schedular.
• Click Create Task from the Actions pane.
• Provide a name and description for this task. Remember, you want other people who may look at your work to be able to understand it.
• Click Change User or Group.
• Provide the credentials for your service account.
• Click the Triggers tab.
• Click New.
• Select One Time for the frequency.
• Give it the date and time you want this task to run. Remember, this is a forced reboot. Make sure you are not interfering with work or backups.
• Click Actions tab.
• Click New.
• Click Start a program and click Next.
• In the Program/Script field type powershell.exe FilePath\FileName.ps1.
• Click OK.
• If you are prompted about running a program with arguments, click Yes.
• Click OK

From here on out, each time you need to use the task, just edit the trigger for the date and time that you want. A lot of work, but we learned many key activities in both part I and part II

• How to create an instance of a WMI Object.
• How to enumerate the methods and properties of an object.
• The different shutdown parameters available in Win32_OperatingSystem.Win32Shutdown.
• How to open PowerShell with administrative credentials.
• How to manually allow PowerShell to execute scripts on remote computers.
• How to configure PowerShell to execute scripts on remote computers via Group Policy.
• The PowerShell cmdlets that let us read text files into our scripts.
• How to execute a PowerShell script without having to open PowerShell.
• How to set the Execution Policy through Group Policy.
• How to create a Scheduled Task.

By the way, That VB script had 58 lines of code in the main code, and 1 function with 25 lines of code. We did this in 6 lines of code with no functions. Can you see any advantages to PowerShell now?


No comments: