Exercise 2: Remoting in PowerShell V2
PowerShell’s main purpose has always been to provide an easy way for IT professionals to manage servers, query information and, overall, automating a wide range of tasks on multiple software products from a single scripting solution.
However up until now, PowerShell V1 had a limited reach in terms of managing and accessing multiple computers at the same time. Because PowerShell is built on .Net, there has always been an option to create distributed scripts that would interact with each other. Pure remoting is way more than that.
PowerShell remoting means having the ability to invoke commands through the network on remote machines. If you are familiar with PowerShell you know that it is object-oriented using .Net. Unlike any remote shell you have probably seen in the past, this means that you not only have the option to access the CLI remotely (Telnet style), but you can also pull remote objects, have local references for them, and make transparent calls of their properties and methods through the network, just as if they were local objects.
Microsoft .Net’s remoting technologies are now being exploited in PowerShell. This makes it possible to invoke instances of objects whose types are not known by the local machine. In these cases all referenced calls are sent to the remote machine, the remote machine processes it, and sends back a serialized version of the resulting object when necessary. PowerShell’s remoting capabilities are built on Windows Remote Management (WinRM). In this exercise you will see how PowerShellV2 is combined with WinRM to easily create PowerShell Sessions that you can invoke and connect to.
Part 1: Invoking Remote Commands
The following exercise must be carried out on your server machine.
Open an elevated PowerShell v2 prompt by accessing:
Start All Programs Accessories Windows PowerShell
and right clicking on Windows PowerShell and selecting R un as Administrator:
- Click Yes when prompted by UAC.
- Since this is not a domain-based machine, we must make some changes in the registry by entering the following command:
new-itemproperty -path HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System -name LocalAccountTokenFilterPolicy -propertyType DWord -value 1
- Next, we need to add the local machine to the list of trusted computers. To simplify things, we will add all machines by entering the following command (please note that we are adding all machines for the sake of simplicity, we do not recommend doing this at the enterprise level):
set-item wsman:localhost\client\trustedhosts -value *
- When all the requirements for remoting have been fulfilled, PowerShell V2 provides a very simple way to enable it, simply run the following command:
Enable-PSRemoting -force
For more information about the requirements for remoting in PowerShell V2 run the cmdlet “Get-Help About_Remote”
- Let’s first create a process to play with during this exercise. Run the following commands:
Start-Process Notepad
- Return to the PowerShell window and type:
$notepadLocal = Get-Process Notepad
- We will connect to the localhost machine as if it were a remote machine. Use the following command to create a remote session (connection) to the machine:
New-PSSession –Computer localhost $remoteSession = Get-PSSession
If you have a domain and you want to set up a couple of machines of in that domain with PowerShell V2 (equal versions) and remoting, you can try this same procedure on different machines.
- Get a reference to the same Notepad process, except this time, do it remotely. To do this you need to invoke the Get-Process command remotely and assign the result to a variable.
$notepadRemote = Invoke-Command –Session $remoteSession –ScriptBlock { Get-Process Notepad }
You might expect at this point that $notepadLocal and $notepadRemote are the same, but they’re not. Through remoting you could get any kind of object, even if they’re not available locally. Instances are serialized and shipped.
For comparison purposes query the methods in the $notepadLocal instance:
$notepadLocal | Get-Member –MemberType Method
You should see a list similar to the one below. Notice that the TypeName is System.Diagnostics.Process:
Try the same listing for the remote representation of the process:
$notepadRemote | Get-Member –MemberType Method
Now the result is very different, and even the TypeName is different after deserialization:
Certain properties and methods in some remote objects have been excluded from remoting in PowerShell. This is a safety measure. However for some objects you will be able to invoke a method, and in those cases the execution will also be seamlessly remote.
- So, you cannot call any of the methods that were there originally. If we want to kill the Notepad process remotely, we might have to invoke the Kill method directly, and not indirectly.
Invoke-Command –Session $remoteSession –ScriptBlock { (Get-Process Notepad).Kill() }
Did that close the Notepad window remotely?
- Now try something slightly different, and start Notepad remotely:
Invoke-Command –Session $remoteSession –ScriptBlock { Start-Process Notepad }
You should not be able to see Notepad open because it will open on a different session that you are using. However you should see that the process is running locally. Run the following command:
Get-Process Notepad
- Before moving on, kill the Notepad process:
$notepadLocal = Get-Process Notepad $notepadLocal.Kill()
Part 2: Connecting to a Remote Session
In the previous part of this exercise you learned how to run script blocks remotely on a remote session. In that case, objects are serialized and shared through different sessions. However there is another option, you can connect to a remote session and use it just as if you were sitting in front of that computer.
- As a confirmation that we will be using separate sessions, run the following two commands:
$mySessionVar = 1 Start-Process Notepad
- To connect to our remote session simply run the following command:
Enter-PSSession $remoteSession
Check $mySessionVar in this remote session by typing:
$mySessionVar
The variable was not defined in this session and its value is therefore null.
In the local session you started a process that is running Notepad. Because both sessions are running locally you should still be able to query the process in this remote session. Try to get the list of methods supported for the process in this remote session:
$notepadRemote = Get-Process Notepad $notepadRemote | Get-Member –MemberType Method
You are connected to a remote session and yet when you get the methods in the process you don’t see a serialized instance, you see the process as if you were looking at it locally:
Basically you are not accessing the instances in your original session, that’s why they don’t need to be serialized. In this remoting mode you simply get a view of the remote session, there is no other form of interaction between the sessions.
- Kill the Notepad process that’s open in the original session and open a new one from the remote session:
$notepadRemote.Kill() Start-Process Notepad
You may notice that you cannot see the new Notepad window. This is happening because even though it looks as if you are using a local session, it is still a remote session.
- Exit the remote session to go back to the original.
Exit-PSSession
Now, you should be back in the local session where you created $mySessionVar. Check its value to confirm this.
- You started a Notepad process in the remote session. Verify that the process is running with the following command:
Get-Process Notepad
You should see that the process is still there. The process was started in the remote session. You can close the remote session with the command:
Remove-PSSession $remoteSession
Is the Notepad process still running?
Please wait for the Instructor to resume the lecture.
Exercise-2: Conclusions
PowerShell is a strong automation framework that’s very easy to use for the IT Pro in Windows operating systems. All Microsoft product teams as well as several Partners are building on top of PowerShell making it possible to use it a common ground for the management of an entire Data Center infrastructure.
This growth has gaps that have been obvious almost from the beginning of PowerShell V1, and remoting is perhaps the most acclaimed feature by the PowerShell Community and users in general. Having the ability to send commands remotely in a simple, secure, agile manner is something that every PowerShell script writer has wanted at some point (or many). In this exercise you saw how you can make remote calls, and obtain serialized objects that give the apparent experience of using the remote instances as if they were local.
How many times have you wanted to open a PowerShell command prompt on two or three servers just to run a couple of commands and go? You saw how you can easily enter PS Sessions remotely and run commands just as if you were sitting in front the remote machine. PowerShell leverages to the advantages of WinRM and makes remoting available for you in Windows Vista and Windows Server 2008.