Using Powershell cmdlet Invoke-Command

Nowadays PowerShell Remoting is the main tool for remote management of Windows operating systems. Therefore, any Windows administrator should know about tool’s capabilities and to be able to use it. To run commands on remote computers using PowerShell Remoting, you can use the Powershell cmdlet Invoke-Command (alias icm).

The Invoke-Command cmdlet functionality is based on protocol Web Services for Management (WS-Management) and the Windows Remote Management (WinRM) service is used for communication. Communication between computers is performed via HTTP (default) or HTTPS. All traffic between the two computers is encrypted at the protocol level (except when SSL is used). Several authentication methods are supported, including NTLM and Kerberos. The possibility of creating remote sessions in Powershell appeared in version 2.

How to use Powershell cmdlet Invoke-Command?

To be able to remotely connect to a computer on it, you need to make a number of settings:

  1. At first you need to enable remote connection:
     Enable-PSRemoting -Force
  2. Then start the WinRM service:
     Start-Service WinRM
  3. Now allow incoming connections in the Windows firewall.

The client computer (from which the remote connection via PowerShell Remoting is established) also requires some additional configuration:

  1. You must enable connection to the remote systems. To access any computers, you can use the following command:
     Set-Item wsman:localhostclienttrustedhosts * -Force
  2. Verify that the firewall does not block outbound connections.
READ ALSO  PowerShell Function Parameters: How to Add?

Now to run the command on a remote computer through Powershell (for example, you want to restart the Spooler service), you need to run this command:

Invoke-Command -computername server1 -credential domainuser1 -scriptblock { Restart-Service spooler}

This command executes the Restart-Service spooler command on the remote computer server1. The Credential parameter is used to execute the command in the security context of the user domainuser1.

Windows PowerShell displays a dialog box in which you must specify the password for the account user1. Then the command is executed on server1 and returns the results. After executing the command, the PoSh session ends.


To run the task in the background, you can optionally specify the -AsJob parameter.

Remember that when you start command in the background, PowerShell does not return the result. To receive it, you must use the Receive-Job cmdlet.

Get-job –id 3 |Receive-Job

In order to run the script, the Invoke-Command cmdlet has the -FilePath option, which can be used instead of -ScriptBlock to specify the path to script file. For example, we created a small PoSh script that displays a list of stopped services and launched it on a remote computer server1:

Invoke-Command -computername server1 -FilePath .list.ps1

invoke cmdlet

To execute this script, you do not need to copy the script files on the remote computer. The result of the script is displayed on the local computer.

READ ALSO  How to Create a GUI for PowerShell Scripts?

Quite often there is a need to simultaneously perform a specific task on several computers. You can do that in a simple way using the same Invoke-Command. For example, you can enumerate computer names by commas:

Invoke-Command -ScriptBlock {Restart-Service spooler} -ComputerName server1,server2

Place to an array:

$srv_list = @(″server3″,″server4″,″server5″)
 Invoke-Command -ScriptBlock {Restart-Service spooler} -ComputerName $servers

Or take from the text file:

Invoke-Command -ScriptBlock {Restart-Service spooler} -ComputerName`
 (Get-Content .servers_list.txt)

Each computer individually executes the command and returns the result to the console.

Note. Invoke-Command has a ThrottleLimit parameter that limits the maximum number of computers that can be controlled at the same time. By default, this parameter is set to 32. If necessary – it can be changed (but note that increasing this parameter will increase the load on the processor and memory of your computer, so this operation must be performed with great care).

If the ActiveDirectory module is installed, it becomes possible to run commands on multiple systems using pipelines:

Get-ADComputer -Filter * -properties name | select {Name="computername";Expression={$_."name"}}| Invoke-Command -ScriptBlock {hostname}

Each time an Invoke-Command is executed, a new session is created, which takes time and resources to create. To avoid this, you can open one session in which to execute all the commands. For example, open a session named computer1 on the computer and put it into the $session variable, and then perform your task on this session:

$session = New-PSSession -ComputerName computer1  -Name computer1
 Invoke-Command -ScriptBlock { Restart-Service spooler } -Session $session

The session will be active until you close the PowerShell console. You can also close the session – Disconnect-PSSession or delete it – Remove-PSSession.

READ ALSO  Set Out Of Office Message In Outlook for A Different User
Cyril Kardashevsky

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.