Scribd
Upload
38 views

Remote Managment With PowerShell Final

This document provides a case study on using PowerShell for remote management. It describes setting up a test environment with two virtual machines, configuring them for remote access. It then provides PowerShell scripts for retrieving login data from the security log, taking an inventory of office computers, uninstalling and installing programs remotely, and viewing installed programs. References for the techniques are also included, along with a hyperlink to a demonstration video.

Uploaded by

Pierina Lopez
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
38 views

Remote Managment With PowerShell Final

This document provides a case study on using PowerShell for remote management. It describes setting up a test environment with two virtual machines, configuring them for remote access. It then provides PowerShell scripts for retrieving login data from the security log, taking an inventory of office computers, uninstalling and installing programs remotely, and viewing installed programs. References for the techniques are also included, along with a hyperlink to a demonstration video.

Uploaded by

Pierina Lopez
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 6

THOMAS MORE GEEL

Case Study with PowerShell

REMOTE MANAGMENT WITH POWERSHELL

By Pierina Lopez

Lecturer
Bart Portier

2022
Remote Management with PowerShell

Table of Contents
1. Description 2
1.1. Scenario 2
2. Prior Preparations 2
2.1. Setup and configuration 2
3. Process 3
3.1. Filter the login data that you find in the 'security' log. Look for the time that a user has
been logged in the last 14 days 3
3.2. Retrieve system information: Make inventory of the computers in the office 3
3.3. Uninstall and Install programs in remote computer 3
3.4. See programs installed 4
4. References 4
5. Script with explanation 4
6. Hyperlink with demo film no more than 10 min on youtube 6

1. Description

The purpose of this case is to use PowerShell as a Remote Management tool, so in this way
we can minimize the work in a company.

1.1.Scenario

You work in a company or own a company and need to remotely make and inventory of
the computers in the office, install and uninstall programs, retrieve system information
and know when a user logs in to the computer.

2. Prior Preparations

For this demonstration we need to install a two test environment with Virtual Box and a trial
version of Windows 10 enterprise edition.

2.1.Setup and configuration


- Change network in the Virtual machine
Create a Nat Network in the virtual box Manager, we call it “TeamWork” and then we
setup both virtual machine to the same network.
- Execution Policy as unrestricted
Set-executionPolicy -ExecutionPolicy unrestricted
- Remote desktop connection:
- Set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal
Server' -name "fDenyTSConnections" -value 0
- Enable-NetFirewallRule -DisplayGroup "Remote*"
Page 2|6
Remote Management with PowerShell

- Review if Net Connection Profile is private if not, change it with following commands
Get-NetConnectionProfile
Set-NetConnectionProfile -name "Network" -networkCategory private
- Allow remote access with:
Enable-PSRemoting -Force
Get-PSSessionConfiguration
- Add trusted Host
Get-Item WSMan:\localhost\Client\TrustedHosts
Set-Item WSMan:\localhost\Client\TrustedHosts -Concatenate -Value Server1
- Now we need to restart the Windows Remote Shell (WinRS) service so your new
settings take effect.
Restart-Service WinRM
- Test connection
Test-WsMan server1

3. Process
3.1. Filter the login data that you find in the 'security' log. Look for the time that a user has
been logged in the last 14 days

Solution:

Invoke-Command -ComputerName server1 -ScriptBlock {Get-EventLog -LogName


Security -After (Get-Date).AddDays(-7) -Before (Get-Date) | where {$_.eventID -eq
4624} } -credential admin2 | Out-File -Append C:\powershell\securitylog.txt

3.2. Retrieve system information: Make inventory of the computers in the office

Solution:

- Write Script
- Create function “Get-Inventory”:
. .\Get-Inventory.ps1
- Invoke function
Invoke-Command -ScriptBlock ${function:Get-Inventory} -ComputerName server1 -
credential admin2 | Out-File -Append .\inventory.txt

3.3.Uninstall and Install programs in remote computer

Solution:
- Uninstall
- Invoke-Command -ComputerName server1-Credential admin2 -ScriptBlock {Get-
WmiObject Win32_product | Where {$_.name -eq $appName} | ForEach
{ $_.Uninstall()}}
- Install
- Enter-PSSession -computername server1 -credential admin2
- Find-Package -Provider powershellget -name *note*
- Install-Package -provider PowerShellGet -name PowerShellNotebook
- Exit-PSSession
Page 3|6
Remote Management with PowerShell

3.4.See programs installed

Solution:

- Get-WmiObject Win32_Product -ComputerName server1 -credential admin2 | Select-


Object -Property IdentifyingNumber, Name

4. References

https://powershellexplained.com/2017-04-22-Powershell-installing-remote-software/

https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.management/get-
wmiobject?view=powershell-5.1

https://www.cyberautomate.io/posts/2016/remote-computer-inventory-powershell/

https://www.youtube.com/watch?v=4dlfAJcuXqU&list=PLD7rlIrZEkLjv5TaAb-
KFFG6x8PVMwOSO&index=3

https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.management/get-
eventlog?view=powershell-5.1

5. Script

Page 4|6
Remote Management with PowerShell

Page 5|6
Remote Management with PowerShell

6. Hyperlink

https://youtu.be/FgGRJTUFsZM

Page 6|6

You might also like