locked
Different behavior: running from command like (cmd.exe) vs. invoking from a .bat script RRS feed

  • Question

  • I'm sure this must be something simple, but being a powershell newbie I could sure use some help.

    I have a server that's a domain controller.  I wrote a script (plain old cmd.exe, not powershell) that runs periodically, scans my IIS logs looking for evidences of brute force attacks, and if detected will update a GPO to add a firewall block for the offending IP address range.  Today I noticed something odd.   When the script runs, detects a problem, and attempts to update the GPO it issues a command via cmd.exe that looks like this:

    powershell.exe New-NetFirewallRule -DisplayName xxx.xxx.xxx.xxx -Direction Inbound -Profile Any -Action Block -InterfaceType Any -RemoteAddress xxx.xxx.xxx.xxx-yyy.yyy.yyy.yyy -PolicyStore <domain name>\<GPO name>

    (Where xxx.xxx.xxx.xxx is the beginning of the IP address range and yyy.yyy.yyy.yyy is the end of the range that's being blocked)

    When this command runs from inside the script, it completes with this error status:

    New-NetFirewallRule : The requested object could not be found.
    At line:1 char:1
    + New-NetFirewallRule -DisplayName xxx.xxx.xxx.xxx -Direction Inbound - ...
    + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        + CategoryInfo          : ObjectNotFound: (MSFT_NetFirewallRule:root/stand
       ardcimv2/MSFT_NetFirewallRule) [New-NetFirewallRule], CimException
        + FullyQualifiedErrorId : MI RESULT 6,New-NetFirewallRule

    Here's the thing:  If I cut/paste that command into a running cmd.exe instance and run it, it completes just fine and does what I intended.   There must be something different about the two environments (running from a .bat file and running from the command line) that causes the two different results, but I have no idea what.

    Can someone please enlighten me?

    Thanks in advance,

    Rob

    Wednesday, January 3, 2018 10:00 PM

All replies

  • powershell -?

    powershell -command " ... command text ..."


    \_(ツ)_/

    Wednesday, January 3, 2018 10:17 PM
  • I'm not following your response at all.   As I tried to explain.  The command executed from inside a script file gets the error response I provided.  However, if I copy that very same command, paste it into a command prompt and run it --- making zero changes --- it works as intended.  Why does the exact same command, character for character, fail  from inside a script file but work from a command prompt?
    Thursday, January 4, 2018 7:41 AM
  • The command syntax for the two shells is different.  You need to quote the commands when used the way you are using them.

    In a script (ps1) do not use "powershell" as it is unnecessary.  The commands will now work the same.


    \_(ツ)_/

    Thursday, January 4, 2018 9:13 AM
  • The top level script is not a powershell script.  Actually, it's an ooREXX (Object Oriented REXX) "script" that's starting an instance of cmd.exe, then passing that command to it.  Does that make a difference?

    Thanks,

    Thursday, January 4, 2018 9:33 PM
  • Hi,

    Based on my research, please have a try with the following format to run a PowerShell command from batch file and see if it works, for your reference:
    PowerShell.exe -Command "& {New-NetFirewallRule ...}"

    If you need further help, please feel free to let us know.

    Best Regards,
    Albert

    Please remember to mark the replies as an answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    Friday, January 5, 2018 2:40 AM
  • Hi,

    Just checking in to see if the information provided was helpful. Does the script work?

    Please let us know if you would like further assistance.

    Best Regards,
    Albert

    Please remember to mark the replies as an answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    Tuesday, January 9, 2018 2:38 AM
  • Hi,

    I am checking how the issue is going, if you still have any questions, please feel free to contact us.

    If you resolved it using our solution, please "mark it as answer" to help other community members find the helpful reply quickly.
    If you resolve it using your own solution, please share your experience and solution here. It will be very beneficial for other community members who have similar questions.
    If no, please reply and tell us the current situation in order to provide further help.

    Appreciate for your feedback.

    Best Regards,
    Albert

    Please remember to mark the replies as an answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    Thursday, January 11, 2018 6:55 AM