locked
Need to run Powershell script on remote servers. RRS feed

  • Question

  • I am able to run the below script locally. Please help me to run the below script remotely on the compters. 

    Import-Module -Name WebAdministration

    Clear-content C:\Scripts\CertReport.htm

    $result=Get-ChildItem -Path IIS:SSLBindings | ForEach-Object -Process `
    {
        if ($_.Sites)
        {
            $certificate = Get-ChildItem -Path CERT:LocalMachine/My |
                Where-Object -Property Thumbprint -EQ -Value $_.Thumbprint

            [PsCustomObject]@{
                Sites                        = $_.Sites.Value
                CertificateFriendlyName      = $certificate.FriendlyName
                CertificateDnsNameList       = $certificate.DnsNameList
                CertificateNotAfter          = $certificate.NotAfter
                CertificateIssuer            = $certificate.Issuer
            }
        }
    }
    $a = "<style>"
    $a = $a + "BODY{background-color:#d6eaf8;font-family:verdana;font-size:8pt;}"
    $a = $a + "TABLE{border-width: 1px;border-style: solid;border-color: black;border-collapse: collapse;}"
    $a = $a + "TH{border-width: 1px;padding: 0px;border-style: solid;border-color: black;background-color:thistle}"
    $a = $a + "TD{border-width: 1px;padding: 0px;border-style: solid;border-color: black;background-color:palegoldenrod}"
    $a = $a + "</style>"
    $result | ConvertTo-HTML -Head $a | Out-File C:\Scripts\CertReport.htm
    if
     ($result –eq $Null)
    {
    $bodym = "Certificate Report-No Expiration"
    Send-MailMessage -To abc@def.com -from PKI@nn.com -Subject "Certificate Report-No Expiration" -Body $bodym -SmtpServer a.l.v.net
    }
    else
    {
    $body = Get-Content C:\Scripts\CertReport.htm -Raw
    Send-MailMessage -To abc@def.com -from PKI@nn.com -Subject "IISBinding" -Body $body -BodyAsHtml -SmtpServer a.l.v.net

    }

    Wednesday, June 7, 2017 11:10 AM

All replies

  • What have you tried.  Have you tried to use remoting?


    \_(ツ)_/

    Wednesday, June 7, 2017 12:17 PM
  • Here what I have tried till now.

    Import-Module -Name WebAdministration

    Clear-content C:\Scripts\CertReport.htm

    $result=Invoke-Command -ComputerName (get-content C:\Scripts\DP.txt) -ScriptBlock {Get-ChildItem -Path IIS:SSLBindings | ForEach-Object -Process `
    {
        if ($_.Sites)
        {
            $certificate = Get-ChildItem -Path CERT:LocalMachine/My |
                Where-Object -Property Thumbprint -EQ -Value $_.Thumbprint

            [PsCustomObject]@{
                Sites                        = $_.Sites.Value
                CertificateFriendlyName      = $certificate.FriendlyName
                CertificateDnsNameList       = $certificate.DnsNameList
                CertificateNotAfter          = $certificate.NotAfter
                CertificateIssuer            = $certificate.Issuer
            }
        }
    }
    $a = "<style>"
    $a = $a + "BODY{background-color:#d6eaf8;font-family:verdana;font-size:8pt;}"
    $a = $a + "TABLE{border-width: 1px;border-style: solid;border-color: black;border-collapse: collapse;}"
    $a = $a + "TH{border-width: 1px;padding: 0px;border-style: solid;border-color: black;background-color:thistle}"
    $a = $a + "TD{border-width: 1px;padding: 0px;border-style: solid;border-color: black;background-color:palegoldenrod}"
    $a = $a + "</style>"
    $result | ConvertTo-HTML -Head $a | Out-File C:\Scripts\CertReport.htm
    if
     ($result –eq $Null)
    {
    $bodym = "Certificate Report-No Expiration"
    Send-MailMessage -To abc@def.com -from PKI@nn.com -Subject "Certificate Report-No Expiration" -Body $bodym -SmtpServer a.l.v.net
    }
    else
    {
    $body = Get-Content C:\Scripts\CertReport.htm -Raw
    Send-MailMessage -To abc@def.com -from PKI@nn.com -Subject "IISBinding" -Body $body -BodyAsHtml -SmtpServer a.l.v.net

    }

    ====================================================================================================
    When I tried to use Invoke-command like above. I got an Error mentioned below: 
    ====================================================================================================
    At C:\Scripts\Orignal.PS1:5 char:83
    + ... ) -ScriptBlock {Get-ChildItem -Path IIS:SSLBindings | ForEach-Object -Process `
    +                    ~
    Missing closing '}' in statement block.
        + CategoryInfo          : ParserError: (:) [], ParseException
        + FullyQualifiedErrorId : MissingEndCurlyBrace


    ====================================================================================================================================================================


    Import-Module -Name WebAdministration

    Clear-content C:\Scripts\CertReport.htm

    $result=Get-ChildItem -Path IIS:SSLBindings | ForEach-Object -Process `
    {
        if ($_.Sites)
        {
            $certificate = Get-ChildItem -Path CERT:LocalMachine/My |
                Where-Object -Property Thumbprint -EQ -Value $_.Thumbprint

            [PsCustomObject]@{
                Sites                        = $_.Sites.Value
                CertificateFriendlyName      = $certificate.FriendlyName
                CertificateDnsNameList       = $certificate.DnsNameList
                CertificateNotAfter          = $certificate.NotAfter
                CertificateIssuer            = $certificate.Issuer
            }
        }
    }

    Invoke-Command -ComputerName (get-content C:\Scripts\DP.txt) -ScriptBlock $result


    $a = "<style>"
    $a = $a + "BODY{background-color:#d6eaf8;font-family:verdana;font-size:8pt;}"
    $a = $a + "TABLE{border-width: 1px;border-style: solid;border-color: black;border-collapse: collapse;}"
    $a = $a + "TH{border-width: 1px;padding: 0px;border-style: solid;border-color: black;background-color:thistle}"
    $a = $a + "TD{border-width: 1px;padding: 0px;border-style: solid;border-color: black;background-color:palegoldenrod}"
    $a = $a + "</style>"
    $result | ConvertTo-HTML -Head $a | Out-File C:\Scripts\CertReport.htm
    if
     ($result –eq $Null)
    {
    $bodym = "Certificate Report-No Expiration"
    Send-MailMessage -To abc@def.com -from PKI@nn.com -Subject "Certificate Report-No Expiration" -Body $bodym -SmtpServer a.l.v.net
    }
    else
    {
    $body = Get-Content C:\Scripts\CertReport.htm -Raw
    Send-MailMessage -To abc@def.com -from PKI@nn.com -Subject "IISBinding" -Body $body -BodyAsHtml -SmtpServer a.l.v.net

    }

    ====================================================================================================
    When I tried to use Invoke-command like above. I got an Error mentioned below: 
    ====================================================================================================

    Invoke-Command : Cannot convert 'System.Object[]' to the type 'System.Management.Automation.ScriptBlock' required by
    parameter 'ScriptBlock'. Specified method is not supported.
    At C:\Scripts\Orignal.PS1:22 char:75
    + Invoke-Command -ComputerName (get-content C:\Scripts\DP.txt) -ScriptBlock $resul ...
    +                                                                           ~~~~~~
        + CategoryInfo          : InvalidArgument: (:) [Invoke-Command], ParameterBindingException
        + FullyQualifiedErrorId : CannotConvertArgument,Microsoft.PowerShell.Commands.InvokeCommandCommand

    Import-Module -Name WebAdministration

    Clear-content C:\Scripts\CertReport.htm

    $result=Get-ChildItem -Path IIS:SSLBindings | ForEach-Object -Process `
    {
        if ($_.Sites)
        {
            $certificate = Get-ChildItem -Path CERT:LocalMachine/My |
                Where-Object -Property Thumbprint -EQ -Value $_.Thumbprint

            [PsCustomObject]@{
                Sites                        = $_.Sites.Value
                CertificateFriendlyName      = $certificate.FriendlyName
                CertificateDnsNameList       = $certificate.DnsNameList
                CertificateNotAfter          = $certificate.NotAfter
                CertificateIssuer            = $certificate.Issuer
            }
        }
    }

    Invoke-Command -ComputerName (get-content C:\Scripts\DP.txt) -ScriptBlock $result


    $a = "<style>"
    $a = $a + "BODY{background-color:#d6eaf8;font-family:verdana;font-size:8pt;}"
    $a = $a + "TABLE{border-width: 1px;border-style: solid;border-color: black;border-collapse: collapse;}"
    $a = $a + "TH{border-width: 1px;padding: 0px;border-style: solid;border-color: black;background-color:thistle}"
    $a = $a + "TD{border-width: 1px;padding: 0px;border-style: solid;border-color: black;background-color:palegoldenrod}"
    $a = $a + "</style>"
    $result | ConvertTo-HTML -Head $a | Out-File C:\Scripts\CertReport.htm
    if
     ($result –eq $Null)
    {
    $bodym = "Certificate Report-No Expiration"
    Send-MailMessage -To abc@def.com -from PKI@nn.com -Subject "Certificate Report-No Expiration" -Body $bodym -SmtpServer a.l.v.net
    }
    else
    {
    $body = Get-Content C:\Scripts\CertReport.htm -Raw
    Send-MailMessage -To abc@def.com -from PKI@nn.com -Subject "IISBinding" -Body $body -BodyAsHtml -SmtpServer a.l.v.net

    }

    ====================================================================================================
    When I tried to use Invoke-command like above. I got an Error mentioned below: 
    ====================================================================================================

    Invoke-Command : Cannot convert 'System.Object[]' to the type 'System.Management.Automation.ScriptBlock' required by
    parameter 'ScriptBlock'. Specified method is not supported.
    At C:\Scripts\Orignal.PS1:22 char:75
    + Invoke-Command -ComputerName (get-content C:\Scripts\DP.txt) -ScriptBlock $resul ...
    +                                                                           ~~~~~~
        + CategoryInfo          : InvalidArgument: (:) [Invoke-Command], ParameterBindingException
        + FullyQualifiedErrorId : CannotConvertArgument,Microsoft.PowerShell.Commands.InvokeCommandCommand

    Wednesday, June 7, 2017 1:11 PM
  • Where did you find this script?

    I would start by removing all line continuation and formatting the script in a normal manner.  You have also pasted the same thing numerous times making it almost impossible to understand what you are trying to ask


    \_(ツ)_/


    • Edited by jrv Wednesday, June 7, 2017 1:27 PM
    Wednesday, June 7, 2017 1:26 PM
  • This is the first time I am working on such a complex script.

    I have pasted the script three times to show you the remoting I have used  (at different places) and the error I have received. 

    Wednesday, June 7, 2017 1:40 PM
  • This is the first time I am working on such a complex script.

    I have pasted the script three times to show you the remoting I have used  (at different places) and the error I have received. 

    First the script does not work even locally.  It references values that do not exist.

    Second you need to completely redesign the script to use it remotely.  I suggest starting by learning about PowerShell and remoting.

    To remote a script use Invoke-Command with a script block.  Decide what objects to return in you script block and redesign the output section to work with them.

    First fix the original script.  It does not return the certs in use.  It returns all certs in the store.


    \_(ツ)_/


    • Edited by jrv Wednesday, June 7, 2017 1:49 PM
    Wednesday, June 7, 2017 1:49 PM
  • Here is the correct method of getting site certificates.

    Get-ChildItem -Path IIS:\SSLBindings | 
    	ForEach-Object{
    		$thumbprint = $_.Thumbprint
    		$_.Sites |
    			ForEach-Object{
    				$sitename = $_.Value
    				Get-ChildItem -Path CERT:\LocalMachine\My\$thumbprint |
    					Add-Member -MemberType NoteProperty -Name SiteName -value $sitename -PassThru
        		}
    	}
    


    \_(ツ)_/

    • Proposed as answer by Hello_2018 Thursday, June 8, 2017 8:21 AM
    Wednesday, June 7, 2017 2:02 PM
  • Hi,

    This could be better:

    #main snips
    Import-Module -Name WebAdministration
    Clear-content C:\Scripts\CertReport.htm #note this path may not existing on remote servers
    $computers = Get-Content .\computers.txt # this line gets your computers ensure all enabled PS remoting
    foreach($computer in $computers)
    {
        Invoke-Command -ComputerName $computer -ScriptBlock { Get-ChildItem -Path IIS:SSLBindings | ForEach-Object -Process `
        {
            if ($_.Sites)
            {
                $certificate = Get-ChildItem -Path CERT:LocalMachine/My |
                    Where-Object -Property Thumbprint -EQ -Value $_.Thumbprint
                [PsCustomObject]@{
                    Sites                        = $_.Sites.Value
                    CertificateFriendlyName      = $certificate.FriendlyName
                    CertificateDnsNameList       = $certificate.DnsNameList
                    CertificateNotAfter          = $certificate.NotAfter
                    CertificateIssuer            = $certificate.Issuer
                }
            }
        }
      }
    }
    
    
    
    #sending email notification 
    
    $a = "<style>"
    $a = $a + "BODY{background-color:#d6eaf8;font-family:verdana;font-size:8pt;}"
    $a = $a + "TABLE{border-width: 1px;border-style: solid;border-color: black;border-collapse: collapse;}"
    $a = $a + "TH{border-width: 1px;padding: 0px;border-style: solid;border-color: black;background-color:thistle}"
    $a = $a + "TD{border-width: 1px;padding: 0px;border-style: solid;border-color: black;background-color:palegoldenrod}"
    $a = $a + "</style>"
    $result | ConvertTo-HTML -Head $a | Out-File C:\Scripts\CertReport.htm
    if($result –eq $Null)
    {
        $bodym = "Certificate Report-No Expiration"
        Send-MailMessage -To abc@def.com -from PKI@nn.com -Subject "Certificate Report-No Expiration" -Body $bodym -SmtpServer a.l.v.net #if you run these lines on remote servers, 
        #ensure that you have appropriate privileges
    }
    else{
        $body = Get-Content C:\Scripts\CertReport.htm -Raw
        Send-MailMessage -To abc@def.com -from PKI@nn.com -Subject "IISBinding" -Body $body -BodyAsHtml -SmtpServer a.l.v.net
    }
    
    

    Besides, if you wanted to run this script for all remote servers, you could also consider saving this script as .ps1 file then using GPO to deploy it.

    Best regards

    Andy


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    • Proposed as answer by Hello_2018 Tuesday, June 13, 2017 3:12 AM
    Thursday, June 8, 2017 8:20 AM