Skip to main content

Rebooting Clients with PowerShell Part 2 of 2



Last Tuesday, we looked at how to reboot/shutdown/logoff remote clients in powershell. We also looked the GPO settings to allow you to do this to any client. Now, we are going to allow you to do this to multiple clients all at once.

First off, the original objective of this post was to recreate a script that I used in VBScript to reboot my servers during the wee morning hours so I would not have to get out of bed. So, before proceeding any further, please create a service account with appropriate rights. In 2008, there is an OU called Managed Service Accounts. Why not place it there.

OK, here are our tasks:
• Create a text file containing the names of the clients that we want to reboot.
• Create a script that reads each file and reboots the correct client.
• Create a scheduled task for you to designate when this should happen.

Task 1: Create a text file containing the names of the clients that we want to reboot.
This is a simple one. Just create a text file and put one client name per line. Save it in a location that the service account has access to. By using this text file, you will be able to easily add and remove client names.

Task 2: Create a script that reads each file and reboots the correct client.
# ======================================
# Script Name:
# Author: Jason A.Yoder, MCT
# Company: MCTExpert, Inc.
# Website: www.MCTExpert.com
# Blog: www.MCTExpert.blogspot.com
# Version: 1.0
# Created: Aug. 9, 2009
# Purpose: This script is designed to allow
# Network Administrators the ability
# too schedule the rebooting of any of
# their client.
# ======================================

# ======================================
# Script Body
# --------------------------------------

#Load the list of clients.
$ClientList = gc c:\ClientList.txt

# Cycle through each name on the list and Force Reboot
# that client.
ForEach ($Comp in $ClientList)
{
$CompObj = gwmi Win32_OperatingSystem –computer $Comp
$CompObj.Win32Shutdown(6)
}


# ======================================
# End of Script Body
# ======================================

In the above script, we are assuming that the text file containing the names of the clients to reboot is contained at c:\ClientList.txt. We use the Get-Content, or GC, cmdlet to read the contents into the variable $ClientList. From there we use the ForEach loop to cycle through each client and reboot it. You should recognize the two lines of code from part I of this article.

Task 3: Create a scheduled task for you to designate when this should happen.
PowerShell has some built in security. If you double click on a .PS1 file (PowerShell script), it just opens in Notepad. That is by design. You can execute a command line to run the script without opening the PowerShell Shell.

The command to do this is: PowerShell.exe FilePath\Filename.ps1

The problem here is that you need to run the Set-ExecutionPolicy command from inside of PowerShell to allow scripts to run. Running this command will only error out:
File ----- cannot be loaded because the execution of scripts is disabled on
This system. Please see “get-help about_signing” for more details.”

To fix this problem, you need to set the execution policy in Group Policy.
• Open Group Policy Editor.
• Create or edit the policy that will control the client that the script is running on.
• Expand: Computer Configuration --> Policies --> Administrative Templates --> Windows Powershell.
• Open Turn on Script Execution.
• Select Enabled
• From the drop down box, select Allow local scripts and remote signed scripts.
• Click OK.
• Close Group Policy Management Editor.
• Make sure you refresh the policy on the computer that the script will run on.

Now that we have set the Execution Policy, we can create the scheduled task.

• Click Start.
• Right Click Computer and select Manage.
• Click Configuration --> Task Schedular.
• Click Create Task from the Actions pane.
• Provide a name and description for this task. Remember, you want other people who may look at your work to be able to understand it.
• Click Change User or Group.
• Provide the credentials for your service account.
• Click the Triggers tab.
• Click New.
• Select One Time for the frequency.
• Give it the date and time you want this task to run. Remember, this is a forced reboot. Make sure you are not interfering with work or backups.
• Click Actions tab.
• Click New.
• Click Start a program and click Next.
• In the Program/Script field type powershell.exe FilePath\FileName.ps1.
• Click OK.
• If you are prompted about running a program with arguments, click Yes.
• Click OK

From here on out, each time you need to use the task, just edit the trigger for the date and time that you want. A lot of work, but we learned many key activities in both part I and part II

• How to create an instance of a WMI Object.
• How to enumerate the methods and properties of an object.
• The different shutdown parameters available in Win32_OperatingSystem.Win32Shutdown.
• How to open PowerShell with administrative credentials.
• How to manually allow PowerShell to execute scripts on remote computers.
• How to configure PowerShell to execute scripts on remote computers via Group Policy.
• The PowerShell cmdlets that let us read text files into our scripts.
• How to execute a PowerShell script without having to open PowerShell.
• How to set the Execution Policy through Group Policy.
• How to create a Scheduled Task.

By the way, That VB script had 58 lines of code in the main code, and 1 function with 25 lines of code. We did this in 6 lines of code with no functions. Can you see any advantages to PowerShell now?


Comments

Popular posts from this blog

Adding a Comment to a GPO with PowerShell

As I'm writing this article, I'm also writing a customization for a PowerShell course I'm teaching next week in Phoenix.  This customization deals with Group Policy and PowerShell.  For those of you who attend my classes may already know this, but I sit their and try to ask the questions to myself that others may ask as I present the material.  I finished up my customization a few hours ago and then I realized that I did not add in how to put a comment on a GPO.  This is a feature that many Group Policy Administrators may not be aware of. This past summer I attended a presentation at TechEd on Group Policy.  One organization in the crowd had over 5,000 Group Policies.  In an environment like that, the comment section can be priceless.  I always like to write in the comment section why I created the policy so I know its purpose next week after I've completed 50 other tasks and can't remember what I did 5 minutes ago. In the Group Policy module for PowerShell V3, th

Return duplicate values from a collection with PowerShell

If you have a collection of objects and you want to remove any duplicate items, it is fairly simple. # Create a collection with duplicate values $Set1 = 1 , 1 , 2 , 2 , 3 , 4 , 5 , 6 , 7 , 1 , 2   # Remove the duplicate values. $Set1 | Select-Object -Unique 1 2 3 4 5 6 7 What if you want only the duplicate values and nothing else? # Create a collection with duplicate values $Set1 = 1 , 1 , 2 , 2 , 3 , 4 , 5 , 6 , 7 , 1 , 2   #Create a second collection with duplicate values removed. $Set2 = $Set1 | Select-Object -Unique   # Return only the duplicate values. ( Compare-Object -ReferenceObject $Set2 -DifferenceObject $Set1 ) . InputObject | Select-Object – Unique 1 2 This works with objects as well as numbers.  The first command creates a collection with 2 duplicates of both 1 and 2.   The second command creates another collection with the duplicates filtered out.  The Compare-Object cmdlet will first find items that are diffe

How to list all the AD LDS instances on a server

AD LDS allows you to provide directory services to applications that are free of the confines of Active Directory.  To list all the AD LDS instances on a server, follow this procedure: Log into the server in question Open a command prompt. Type dsdbutil and press Enter Type List Instances and press Enter . You will receive a list of the instance name, both the LDAP and SSL port numbers, the location of the database, and its status.