4

I'm writing a powershell script which needs to RDP to a few servers and do processes there and then come back.

mstsc /v:<computer> by itself looks great as it's security/credential prompt is the same as if you manually executed it.

However, after some research it appears that's meant to be a command line utility and nothing more because trying things like: 

mstsc /v:104.209.198.181 | Invoke-Command -ScriptBlock {"New-Item C:\Users\<me>\Desktop\Success.txt -ItemType file"}

doesn't work.

So I tried Enter-PSSession <computer> -Credential $env:UserName which people use but it looks like a mess to deal with compared to mstsc because it looks primitive (an article I read yesterday tried to say this type of prompt is ALWAYS a phishing scam which obviously it's not but try telling management), it doesn't auto-populate domains, and I get a WinRM error which I'm sure will be a rabbit hole.

So is it possible to RDP with mstsc and then pipe commands to it so they're executed on that computer?

Ryan
  • 43
  • 1
  • 3
  • There's a good chance you don't even need to prompt for a credential if the current user is an administrator on the remote machine. `Get-Credential (whoami)` will pre-populate the prompt with both username and domain. You can also use `-Message` to provide additional info. – Matthew Wetmore Jul 13 '18 at 02:49
  • Ah I didn't think of that! Yes, that would work if it wasn't GP blocked – Ryan Jul 13 '18 at 13:15

2 Answers2

4

No. MSTSC is a terminal client. You should really get enter-pssession working if you want to run scripts on remote machines. It will make your life much easier.

It may be as simple as you just need to allow Powershell Remoting by running a single command on each machine:

Enable-PSRemoting –force
Dre
  • 1,710
  • 7
  • 12
  • 1
    I just want to clarify an aspect to this question. Enter-PSSession is good for interactive session commands but it is not for use IN scripts. If you need to remote inside a script, use invoke-command. – Colyn1337 Jul 25 '18 at 21:50
3

You can create a scheduled task which will be triggered by logging into the server using a special account within in domain and by the trigger a system will run a prepared script which will be located on each server independently.

Steps: You can create a scheduled task that will run when your computer is unlocked:

Start > Administrative Tools > Task Scheduler In Left top corner select Task Scheduler Library click Create Task in the Right top corner in the Create Task dialog: General tab -- provide a name for your task Triggers tab -- click New... and select On workstation unlock Action tab -- click New... and click Browse... to locate your script Conditions tab -- uncheck Start the task only if the computer is on AC power

Net Runner
  • 6,169
  • 12
  • 34