Remote server management with PowerShell

Remote server management with PowerShell provides advanced administration capabilities, saves time, and prevents human errors. In this article, you’ll learn about remote server management tricks, PowerShell scripting, common system administration tasks, and how can Syskit Monitor help you with them.

Why use PowerShell for remote server management?

By definition, PowerShell is a task automation and configuration management shell based on the .NET framework. It closely resembles Command Prompt, but it is in fact much more powerful, as one could conclude from the name. But what does it really do?

PowerShell lets you perform various tasks by executing scripts on remote and local servers. It tremendously lowers the effort required for bulk administration and multi-step processes in large corporate networks. Most importantly—it’s scalable. Manual task performing doesn’t scale, and doing the same task on a thousand servers is something you really should reconsider.

It includes a scripting language and introduces cmdlets—single-function command-lines built into the shell. You can use each cmdlet as a single function, but the real power shows when you combine cmdlets to perform complex tasks. The latest PowerShell version is 5.0, and it is compatible with scripts written for previous versions. PowerShell is not going away anytime soon, so learning it is a good investment.

Whether you need to track running processes, export NTFS folder permissions, monitor registry changes, download files, analyze SharePoint site, or manage just about anything on your servers, PowerShell can help get the job done—as precisely as you require and as quickly as possible.

How to perform remote server management with PowerShell?

First of all, you need to enable PowerShell Remoting (PS Remoting). This lets you transmit any command to a remote server for local execution. The real benefit of remote server management with PowerShell is obvious when you leverage it against multiple systems, allowing you to manage or report on multiple servers from one place.

PS Remoting is enabled by default on Windows Server 2012 and later, but you need to enable it on Windows workstations and older Windows Server OS. Note that PS remoting must be enabled on servers that you will manage, not on the server from which you are performing the remote server management.

To enable PS Remoting, the WinRM (Windows Remote Management) service must be started and set to start automatically, and a firewall rule must be enabled to allow communication to the server. For that, you can use the default cmdlet Enable-PSRemoting with the -Force switch from a PowerShell command-line.

For performing remote server management of multiple servers, you should configure a Group Policy Object to enable PS Remoting instead of manually executing the Enable-PS remoting cmdlet in each system.

The GPO requires three steps to enable PS Remoting on your domain computers:

• Allow the WinRM service to automatically listen for HTTP requests.
• Set the WinRM service to start automatically.
• Create a Windows firewall exception for the WinRM service on TCP port 5985.

There are two types of remote sessions used for remote server management with PowerShell:

• One-to-one session – In this case, the commands you enter in command-lines are transported to the remote computer for execution.
• One-to-many session – This lets you send a command to multiple computers at once. It allows up to 32 computers, and if you include more, it starts working with the first 32 and queue others.

That may not seem important, but when you run a one-to-one session cmdlet on multiple servers, the local computer has to do all the processing. In a one-to-many session, each remote server runs the command, spreading the workload. So, if you run PowerShell scripts against hundreds of servers, it is very important. One more thing. You can’t perform remote server management on non-domain computers unless you provide a mutual authentication using SSL certificates or add the computer to your TrustedHosts list.

Most used cmdlets in remote server management:

PowerShell (Cmdlet)	PowerShell (Alias)	Description
Get-ChildItem	gci, dir, ls	List all files/directories in the (current) directory
Test-Connection	N/A	Send ICMP echo requests to the specified machine from the current machine, or instruct another machine to do so
Get-Content	gc, type, cat	Get the content of a file
Get-Command	gcm	List available commands
Get-Help	help, man	Help with commands
Clear-Host	cls, clear	Clear the screen
Copy-Item	cpi, copy, cp	Copy one or several files/a whole directory tree
Move-Item	mi, move, mv	Move a file/directory to a new location
Remove-Item	ri, del, erase, rm	Delete a file/directory
Rename-Item	rni, ren, mv	Rename a file/directory
Get-Location	gl, cd, pwd	Display the current directory/present working directory
Pop-Location	popd	Change the current directory to the directory most recently pushed onto the stack
Push-Location	pushd	Push the current directory onto the stack
Set-Location	sl, cd, chdir	Change the current directory
Tee-Object	tee	Pipe input to a file or variable, then pass the input along the pipeline
Write-Output	echo, write	Print strings, variables, etc. to standard output
Get-Process	gps, ps	List all currently running processes
Stop-Process	spps, kill	Stop a running process
Select-String	sls	Print lines matching a pattern
Set-Variable	sv, set	Set the value of a variable/create a variable
Invoke-WebRequest	iwr, curl, wget	Get content from a web page

You can learn more about cmdlets and PowerShell scripting here.

Which remote tasks can you perform with PowerShell?

PowerShell lets you perform almost any system administration task. In this list, you’ll find some of the most common ones, and some that are so elaborate you couldn’t imagine doing them in just a few clicks. You will also find the free PowerShell script repository for Syskit Monitor, the tool you’ll learn about later.

Kill non-responsive processes

If you have a Windows service running that will not respond to stop commands, use PowerShell to do the equivalent of ending the task within the Task Manager. For instance, you’d do the following for process1.exe:

get-process process1*

Once the process ID has been identified from returned results, you can kill the errant process by entering:

stop-process -id xxxx (*xxxx stands for process ID)

At that point, the selected process will be hard-stopped, and you can attempt to start the service. As the short alternative, for this task you can use script:

$proc = get-process processName
stop-process -id $proc.Id

Diagnose network problems, and test network adapters

Troubleshooting network problems on Windows is not easy. But if you use PowerShell, your life gets a lot easier. To test multiple network aspects, just use the cmdlet:

Test-NetConnection

You can add parameters to test specific computers or domains by using -ComputerName after the cmdlet. Besides that, you can run a series of tests on your virtual machine network adapters by using cmdlet:

Test-VMNetworkAdapter

You can find full scripts for retrieving network data in Syskit Monitor script repository.

Convert PowerShell to XML

Did you know you can take a PowerShell expression or output and turn it into an XML file? It’s called serialization, and it is a great way to reuse data in another PowerShell session or even in an external XML-aware application. If you’re looking to reuse a PowerShell expression or output, convert it to an XML document, and bring it back to life in a PowerShell session, you can use this cmdlet:

Export-Clixml (Learn more here)

If you need to reuse a PowerShell expression or output in an external application, you can use cmdlet:

ConvertTo-XML (Learn more here)

This is useful when you wish to, for example, automate the installation of Windows Software Update Services in order to keep the test domain current on patches and updates.

Retrieve IIS server data, and configure IIS

According to popular belief, the IIS server role requires the most attention from system admins. By using PowerShell, you can easily configure and retrieve detailed IIS data, such as a list of all sites, application pools, users configured for the app pools, recycled settings, and much more.

You can download IIS scripts from the Syskit Monitor PowerShell repository.

Manage Active Directory

With PowerShell you can interact directly with the Active Directory, users, and Organizational Units. For example, you can display all users in the Active Directory and create new users, or you can find empty OUs and delete them from Active Directory.

Cmdlets for Active Directory administration can be found here.

Retrieve registry values, and compare them across servers

Registry values cannot be directly browsed in the user interface, so PowerShell provides you with a great way to reach that data. You can retrieve specific registry values from specific servers and compare them with values on other servers. To do that, just combine the registry path, for example:

HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersion

And the cmdlet:

Get-ItemProperty

To rename the registry path, use the existing path combined with the cmdlet:

Rename-ItemProperty

Install custom Windows build

With PowerShell 5.0 arrived the new feature, the PowerShell Package Manager, that lets you install, uninstall, and maintain software remotely. You can use PowerShell to set up a Windows build according to your preferred configuration. After Windows has installed from WDS, use PowerShell to install a custom build of applications and patches, perform system reboots, and verify all applications in the build document. The most important cmdlets for software management tasks are:

• Get a list of all configured package sources – Get-PackageSource
• Get a list of available package providers – Find-PackageProvider
• Find available packages – Find-Package
• Install chosen package – Install-Package

Execute all tasks when an employee leaves the company

This example shows how you can automate the entire process by creating an elaborate PowerShell script.

Let’s say an employee leaves your company, and now you need to clean up all of his accounts, documents, etc., without losing important corporate data. With some PowerShell knowledge and a little effort, you can create a script that performs the following tasks:

• Moves the user to an ex-employees OU
• Changes user password to company default
• Logs on to Office365
• Changes user mailbox to a shared mailbox
• Forwards incoming mail to the user’s manager
• Removes user licenses
• Archives user data
• Checks whether there are phones or laptops assigned to that user
• Creates a report and e-mails it to HR

This is more than an hour of work reduced to a few minutes!

Simpler and more efficient remote server management?

So, it is clear that remote server administration with PowerShell is the right way to go, and probably the only way in the near future. All you need now is a reliable tool to make this process much easier! Meet Syskit Monitor – the versatile server management solution! Syskit Monitor is an agentless tool that enables you remote server management and auditing from a single console.

Syskit Monitor is your central PowerShell repository. It lets you manage and execute all your PowerShell scripts, effortlessly set up triggers, store and configure your scripts, and perform all PowerShell-related tasks.

Syskit Monitor enables you to report on everything that has a PowerShell exposure. And that’s pretty much your entire environment! Report on Active Directory, Group Policies, IIS, Network, Virtual Machines, and more.

With Syskit Monitor, you can easily compare all PowerShell reports across servers and over different time periods. You can set up Syskit Monitor to automatically compare all PowerShell reports and alert you if any difference is spotted. This is done using Syskit Monitor inventory reports.

For each PowerShell script you execute, Syskit Monitor provides an output with all the execution details. That way, you know what, where and how was successfully executed. upcoming Syskit Monitor update, we will present the PowerShell Alerts feature, enabling you to receive notifications for returned script outputs.