Advanced Windows PowerShell Scripting Video Training

Advanced Windows PowerShell Scripting Video Training
Advanced Windows PowerShell Scripting Video Training

Thursday, June 16, 2016

Create a Scheduled Job that Deletes Itself

In last week’s PowerShell class, we had a question about not only running a scheduled job, but how to unregister it after it finishes.  Good question.  The answer is actually very simple.
The code below is a very simple job.  The problem with it is that after it executes, it will stay in memory until you unregister it.

$Trigger = New-ScheduledTaskTrigger -Once -At (Get-Date).AddMinutes(1)

Register-ScheduledJob -Trigger $Trigger `
                      -Name "Test1" `
                      -ScriptBlock {Get-CimInstance -ClassName Win32_Bios}

In the Task Scheduler, we can see that the job completed, but it still in memory.

The cmdlet Unregister-ScheduledJob must be run to remove this object from memory.

PS C:\> Unregister-ScheduledJob -Name Test1

Now we will re-code the script to automatically remove the job after it completes.

$Trigger = New-ScheduledTaskTrigger -Once -At (Get-Date).AddMinutes(1)

Register-ScheduledJob -Trigger $Trigger `
                      -Name "Test1" `
                      -ScriptBlock {
                        Get-CimInstance -ClassName Win32_Bios
                        Unregister-ScheduledJob -Name "Test1"

Notice that the final cmdlet in the script block is Unregister-ScheduledJob.  This removal will take effect immediately in the Task Scheduler once the job completes.  If you are still in the same PowerShell session as the one you used to create the job, you will see the following error for a few minutes after the job is unregistered.

PS C:\> Get-ScheduledJob
Get-ScheduledJob : Cannot get the Test1 scheduled job because it is corrupted or in an irresolvable state. Because it cannot run,
Windows PowerShell has deleted Test1 and its results from the computer. To recreate the scheduled job, use the Register-ScheduledJob
cmdlet. For more information about corrupted scheduled jobs, see about_Scheduled_Jobs_Troubleshooting.
At line:1 char:1
+ Get-ScheduledJob
+ ~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (:) [Get-ScheduledJob], RuntimeException
    + FullyQualifiedErrorId : CantLoadScheduledJobDefinitionFromStore,Microsoft.PowerShell.ScheduledJob.GetScheduledJobCommand

Again this error will correct itself shortly.

This method is only appropriate if you do not intent on recovering data from the script later on.  One of the benefits of a scheduled job is that the objects returned are serialized and written to disk for you to consume later.  If you un-register the job, that stored data is removed from this.  For this reason, you should ether explicitly commit the objects to disk before the Unregister-Scheduled job cmdlet is executed or only use this procedure for scripts that perform actions.  In any case, I would consider a little extra code to at least email you to let you know if the task was successful or not.

Wednesday, June 8, 2016

How to close a selected instance of Internet Explorer

Yesterday in my PowerShell class we were doing a lab on object enumeration.  I took a few minutes to take a look at the forums on and found a question that related directly to our lab content.  Here is the scenario.

This individual needed to close an instance of Internet Explorer.  The problem is that there were multiple instances open.  He needed a way to select a specific instance.  Using the Get-Process cmdlet, you can grab each instance, but the process object does not contain anything useful to isolate a particular instance. So I tried a different approached.

I opened an IE instance and went to  I then executed the code below.

(New-Object -COM "Shell.Application").Windows() |
    Where-Object LocationName -like "PowerShell*"

Here is the result.
Application          : System.__ComObject
Parent               : System.__ComObject
Container            :
Document             : mshtml.HTMLDocumentClass
TopLevelContainer    : True
Type                 : HTML Document
Left                 : 56
Top                  : 161
Width                : 936
Height               : 641
LocationName         : – PowerShell Scripts, Tips, Forums, and Resources
LocationURL          :
Busy                 : False
Name                 : Internet Explorer
HWND                 : 1249664
FullName             : C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Path                 : C:\Program Files (x86)\Internet Explorer\
Visible              : True
StatusBar            : True
StatusText           :
ToolBar              : 1
MenuBar              : True
FullScreen           : False
ReadyState           : 4
Offline              : False
Silent               : False
RegisterAsBrowser    : False
RegisterAsDropTarget : True
TheaterMode          : False
AddressBar           : True
Resizable            : True

Examining the LocationName property, I can see that I am referencing the correct instance.  Next, I sent the object to Get-Member.
    TypeName: System.__ComObject#{d30c1661-cdaf-11d0-8a3e-00c04fc9e26e}

Name                 MemberType Definition                                                 
----                 ---------- ----------                                                 
ClientToWindow       Method     void ClientToWindow (int, int)                             
ExecWB               Method     void ExecWB (OLECMDID, OLECMDEXECOPT, Variant, Variant)    
GetProperty          Method     Variant GetProperty (string)                               
GoBack               Method     void GoBack ()                                             
GoForward            Method     void GoForward ()                                          
GoHome               Method     void GoHome ()                                              
GoSearch             Method     void GoSearch ()                                           
Navigate             Method     void Navigate (string, Variant, Variant, Variant, Variant) 
Navigate2            Method     void Navigate2 (Variant, Variant, Variant, Variant, Variant)
PutProperty          Method     void PutProperty (string, Variant)                         
QueryStatusWB        Method     OLECMDF QueryStatusWB (OLECMDID)                           
Quit                 Method     void Quit ()                                               
Refresh              Method     void Refresh ()                                            
Refresh2             Method     void Refresh2 (Variant)                                     
ShowBrowserBar       Method     void ShowBrowserBar (Variant, Variant, Variant)            
Stop                 Method     void Stop ()                                               
AddressBar           Property   bool AddressBar () {get} {set}                             
Application          Property   IDispatch Application () {get}                             
Busy                 Property   bool Busy () {get}                                         
Container            Property   IDispatch Container () {get}                               
Document             Property   IDispatch Document () {get}                                
FullName             Property   string FullName () {get}                                   
FullScreen           Property   bool FullScreen () {get} {set}                             
Height               Property   int Height () {get} {set}                                  
HWND                 Property   int HWND () {get}                                           
Left                 Property   int Left () {get} {set}                                    
LocationName         Property   string LocationName () {get}                               
LocationURL          Property   string LocationURL () {get}                                
MenuBar              Property   bool MenuBar () {get} {set}                                
Name                 Property   string Name () {get}                                       
Offline              Property   bool Offline () {get} {set}                                
Parent               Property   IDispatch Parent () {get}                                  
Path                 Property   string Path () {get}                                       
ReadyState           Property   tagREADYSTATE ReadyState () {get}                          
RegisterAsBrowser    Property   bool RegisterAsBrowser () {get} {set}                      
RegisterAsDropTarget Property   bool RegisterAsDropTarget () {get} {set}                   
Resizable            Property   bool Resizable () {get} {set}                              
Silent               Property   bool Silent () {get} {set}                                 
StatusBar            Property   bool StatusBar () {get} {set}                              
StatusText           Property   string StatusText () {get} {set}                           
TheaterMode          Property   bool TheaterMode () {get} {set}                             
ToolBar              Property   int ToolBar () {get} {set}                                 
Top                  Property   int Top () {get} {set}                                     
TopLevelContainer    Property   bool TopLevelContainer () {get}                            
Type                 Property   string Type () {get}                                       
Visible              Property   bool Visible () {get} {set}                                
Width                Property   int Width () {get} {set}   

There is a Quit method.  In class, we are using ForEach-Object to execute object methods, so I just added a little code from class.

(New-Object -COM "Shell.Application").Windows() |
    Where-Object LocationName -like "PowerShell*" |
    ForEach-Object -MemberName Quit

This closed the instance of IE that was on  I also did this when was opened in a tab among several other websites in the same instance.  No problem.  Only that tab closed.

Tuesday, June 7, 2016

Don’t use PING!

One of the questions that I often get is “How do I know if a client is online?” Traditionally we would PING the client.  PowerShell has a cmdlet called Test-Connection.  It essentially is the PING command, but gives you an object as the output. Let’s see the difference.

PS C:\> Ping

Pinging with 32 bytes of data:
Reply from bytes=32 time=19ms TTL=56
Reply from bytes=32 time=20ms TTL=56
Reply from bytes=32 time=20ms TTL=56
Reply from bytes=32 time=20ms TTL=56

Ping statistics for
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 19ms, Maximum = 20ms, Average = 19ms

This is what most IT Pros are seeing.  Let’s try to use this information.
As always, we need to see what properties are available to us to use.
PS C:\> Ping | GM

   TypeName: System.String

Name             MemberType            Definition                                                                                                                
----             ----------            ----------                                                                                                                 
Clone            Method                System.Object Clone(), System.Object ICloneable.Clone()                                                                   
CompareTo        Method                int CompareTo(System.Object value), int CompareTo(string strB), int IComparable.CompareTo(System.Object obj), int ICompa...

OK, let’s just stop right here.  The TypeName is System.String.  In other words, the information returned from PING is nothing but useless characters. Let’s try Test-Connection.
PS C:\> Test-Connection -ComputerName

Source   Destination IPV4Address  IPV6Address Bytes Time(ms)
------   ----------- -----------  ----------- ----- --------
JASONPC2             32       19      
JASONPC2                   32       21      
JASONPC2                   32       23      
JASONPC2                   32       20      

Now let’s check the TypeName

   TypeName: System.Management.ManagementObject#root\cimv2\Win32_PingStatus

Name                           MemberType     Definition                                                                                                          
----                           ----------     ----------                                                                                                         
PSComputerName                 AliasProperty  PSComputerName = __SERVER                                                                                          
Address                        Property       string Address {get;set;}                                                                                           
BufferSize                     Property       uint32 BufferSize {get;set;}       

Now we are talking.  This give us an object that we can use.  There is just one problem, we are relying on ICMP Echo Requests.  If you have PowerShell remoting turned on, you can actually use it to verify if a client is online.  Take a look at the code.

Function Test-Online
Param (
    ForEach ($N in $Nodes)
        $Obj = New-Object -TypeName PSObject -Property @{
            ComputerName = $N
            Online = $False
            DateTime = (Get-Date)
        Try {
            $SO = New-PSSessionOption -OpenTimeout 500
            $S = New-PSSession -ComputerName $N -ErrorAction Stop -SessionOption $SO
            $Obj.Online = $True
            $S | Remove-PSSession
        Catch {

        Write-Output $Obj
    } # END: ForEach ($N in $Nodes)
Uses PowerShell Remoting to test if a node is online.

Uses PowerShell Remoting to test if a node is online.

The name of the nodes to be tested.

"SVR1", "SVR2" | Test-Online

ComputerName  DateTime               Online
------------  --------               ------
SVR1          6/7/2016 10:30:59 AM     True
SVR2          6/7/2016 10:31:00 AM    False

Test to determine if a list ofnodes are online.

Get-ADComputer -Filter * | Select-Object -ExpandProperty Name | Test-Online

ComputerName  DateTime               Online
------------  --------               ------
SVR1          6/7/2016 10:30:59 AM     True
SVR2          6/7/2016 10:31:00 AM    False

Test all clients in Active Directory to see if they are online.

Any node that does not have PowerShell Remoting enabled will report an online status of False.

== Cmdlet: Test-Online                                                       ==
== Author: Jason A. Yoder                                                    ==
== Company: MCTExpert of Arizona                                             ==
== Date: June 7, 2016                                                        ==
== Copyright: All rights reserved.                                           ==
== Version:                                                          ==
== Legal: The user assumes all responsibility and liability for the usage of ==
== this PowerShell code.  MCTExpert of Arizona, Its officers, shareholders,  ==
== owners, and their relatives are not liable for any damages.  As with all  ==
== code, review it and understand it prior to usage.  It is recommended that ==
== this code be fully tested and validated in a test environment prior to    ==
== usage in a production environment.                                        ==
==                                                                           ==
== Does this code make changes: NO                                           ==
} # END: Function Test-Online

Here is what it looks like when used:
"SVR1", "SVR2" | Test-Online

ComputerName  DateTime               Online
------------  --------               ------
SVR1          6/7/2016 10:30:59 AM     True
SVR2          6/7/2016 10:31:00 AM    False

For every node that we pass to this cmdlet, a custom object is created.  We provide the value on the ComputerName and the DateTime that we are testing.  We also set the value for Online to be $False.  Next, we attempt to create a PowerShell Session to this remote client.  If the connection is made, we set the value of Online to $True and close the session.  We then place the object in the pipeline.  If the session does not get established, then the object is placed in the pipeline with the Online value still set to $False.

PowerShell remoting is already enabled on all Windows Server 2012 and newer.  Why not enable it on your clients?  This allows your remote connections to use WS-MAN as the remoting protocol as opposed to the older DCOM.