How to run PowerShell cmdlets on remote servers
The
Invoke-Command and New-PSSession PowerShell cmdlets can make it easier for
admins to manage a number of remote servers.
PowerShell is a powerful command-line
environment that can be used to manage and maintain Windows. While it is easy
to think of PowerShell as a local management tool, it can also be used to
manage remote servers. In fact, admins can create PowerShell scripts that
perform management tasks against large numbers of servers. And the
Invoke-Command and New-PSSession commands are two ways to execute PowerShell
cmdlets on remote systems.
Invoke-Command
If you only need to run a single cmdlet (or a
series of piped cmdlets) against one or more remote servers, the easiest way to
do so is to use the Invoke-Command cmdlet. Microsoft'sdocumentation for this cmdlet lists an overwhelming
number of parameters and syntax variations, leading to the Invoke-Command
cmdlet's reputation for being excessively complex. Even so, using
Invoke-Command to run a cmdlet on a remote system is surprisingly easy.
For basic remote cmdlet execution, you only
need to supply the name of the remote computer and the block of code that you
want to execute. Suppose you wanted to run the Get-VM cmdlet on a remote server named Production1. You
could do so by using this command:
Invoke-Command
–ComputerName Production1 {Get-VM}
While this seems simple, there are a few things
that you need to know about this method.
First, the Invoke-Command cmdlet does not
limit you to executing a cmdlet on a single remote system. You can run a cmdlet
on multiple computers. All you have to do is separate the computer names with a
comma. For instance, to run this command on Production1, Production2 and
Production3, the command would look like this:
Invoke-Command
–ComputerName Production1, Production2, Production3 {Get-VM}
The second thing you need to know about this
method is that even though it is designed to make it easy to run a single
command against a remote system, you can run multiple commands. If you look at
the previous line of code, you will notice that Get-VM, which is the command
that is being run against the remote systems, is enclosed in braces. Anything
within those braces will run on the specified remote computers. As such, you
can link cmdlets together using the pipe symbol so long as all of the commands
are enclosed in braces.
The third thing you need to know is that the
syntax shown above only works if Kerberos authentication is being used and all of the
computers, including the one on which the command is being typed, are
domain-joined. Otherwise, you will have to make use of the HTTPS transport and
will have to designate the remote systems as trusted hosts.
New-PSSession
The New-PSSession is commonly used to execute
commands on remote systems. While Invoke-Command is designed to run a single
command (or string of commands) on a remote system, New-PSSession actually
redirects PowerShell to the remote server. In essence, any command that you
type is automatically sent to and executed on the remote machine.
Like the Invoke-Command
cmdlet, there are a number of different variations of the New-PSSession cmdlet.
You can find Microsoft's documentation for this cmdlet here.
At its simplest, this cmdlet requires only
that you provide the name of the remote computer. For example, if you want to
establish a session with a computer named Production1, you could use this
command:
New-PSSession –ComputerName
Production1
This command establishes a session with the
specified computer, but it doesn't automatically redirect PowerShell so any
commands you type are executed on the remote system. The reason for this is
that Microsoft doesn't limit you to using only one remote session. You may need
to establish remote sessions with a number of different servers. As such,
entering the command listed above establishes a session and PowerShell provides
confirmation of the session and lists a session ID number, but that's about it.
If you want to use the remote session then
you will have to make use of another PowerShell cmdlet named Enter-PSSession. Simply append
the session number you want to connect to. For example, if the New-PSSession
cmdlet lists 1 as the session ID for the connection to Production1, then you
could enter that session by using the following command:
Enter-PSSession 1
When you use this command, you will see the
PowerShell prompt change to reflect the name of the remote system. That way you
can easily keep track of which system you are sending commands to.
Once again, you will need to make sure that
Kerberos authentication is being used and that both systems are domain joined.
Otherwise, you will have to jump through a few extra hoops in order to
establish a remote session.
As you can see, PowerShell makes it easy to
execute commands against remote servers. This is especially true if all of the
servers and your workstation belong to a common domain.