How to Run PowerShell Script on Remote Computer?

The functionality of remote command execution in PowerShell is called PowerShell Remoting (appeared in PowerShell 2.0) and based on the capabilities of the Web Services for Management protocol (WS-Management). With PowerShell Remoting, you can run commands on one or several remote computers. You can use the interactive session mode with remote computers, a temporary, or permanent connection. Earlier we’ve covered how to run PowerShell script from Task Scheduler. In this article, we will take a look at several examples of how to execute a PowerShell script remotely.

Configuring WinRM for PowerShell Remoting

To connect to a computer remotely via PowerShell, the WinRM (Windows Remote Management service) must be enabled and configured on it (it is disabled by default). Communication between computers is performed over HTTP or HTTPS protocols, and all network traffic between computers is encrypted. You can use NTLM and Kerberos to authenticate on a remote computer.

To check the status of the WinRM service, run the Get-service command:

get-service winrm

run powershell script on remote computer

As you can see, the WS-Management service is running.

If the WinRM service is not running, you must enable it on the remote computer with the command:

Enable-PSRemoting

This command prepares the computer for remote management: starts the WinRM service, changes startup type to Automatic, and adds necessary exceptions to Windows Defender Firewall.

Hint. PowerShell Remoting uses TCP ports HTTP (5985) and HTTPS (5986) for network communications.

If the remote computer is in a workgroup (not joined to the Active Directory domain), and a Public network profile is applied to it (instead of Domain or Private), you need to explicitly allow incoming WinRM traffic in Windows Firewall:

Set-NetFirewallRule -Name "WINRM-HTTP-In-TCP-PUBLIC" -RemoteAddress Any

To test the connection to a remote server via WinRM use the following command:

Test-WSMan server1

powershell run script on remote computer

If you get a response, then the remote computer is accessible through PowerShell Remoting.

Hint. If you are connecting to a remote computer via PS Remoting by an IP address, you may receive an error:

Connecting to remote server 192.168.1.70 failed with the following error message: The WinRM client cannot process the request. Default authentication may be used with an IP address under the following conditions: the transport is HTTPS or the destination is in the TrustedHosts list, and explicit credentials are provided.

In this case, you need to install an HTTPS certificate for PowerShell Remoting on the remote computer (the long way), or add this host to the trusted ones on your management computer:

Set-Item wsman:\localhost\Client\TrustedHosts -value 192.168.1.70

Running Remote Commands with PowerShell Remoting

To interactively connect to a remote computer (with a hostname Server1) via PowerShell, run the following command:

Enter-PSSession Server1

The PowerShell CLI view will change. At the beginning of the line, there will be the name of the remote computer to which you are connected via WinRM. After the remote session is established, all commands that are being entered in the PowerShell console are executed on the remote computer. PS Remoting works as follows: the commands entered on the local computer are transmitted to the remote computer and are executed there, then the result is transmitted back. Since all commands are executed locally, there is no need to worry about compatibility with the PoSh version and modules.

READ ALSO  Import Users Into Active Directory From CSV

To end the remote interactive session run the command:

Exit-PSSession

run powershell script remotely

Only the simple management tasks are typically performed on remote computers in the interactive mode. To run a complex command or run the PowerShell script remotely, use the Invoke-Command cmdlet.

Using Invoke-Command to Run PowerShell Scripts Remotely

The following command will create a remote connection with the computer Server1 and run the block of commands specified in the ScriptBlock parameter. After that, the remote session will automatically close.

Invoke-Command -ScriptBlock {Restart-Service spooler} -ComputerName server1

You can run the task in the background by running Invoke-Command with the -AsJob parameter. But in this case, the command will not return the result to the PoSh console. To get the detailed background job information, use the Receive-Job cmdlet.

execute powershell script remotely

PowerShell allows you to run local PS1 scripts on remote computers. The idea is that you store all PowerShell instructions in a local .PS1 file on your computer. With PowerShell Remoting, you can transfer a PS1 file to a remote computer and execute it there.

To do this, use the -FilePath parameter in the Invoke-Command cmdlet instead of -ScriptBlock. For example, to run the c:\ps\tune.ps1 script on three remote servers, you can use the following command:

Invoke-Command -FilePath c:\ps\tune.ps1 -ComputerName server1,server2,server3

powershell execute remote script

The main advantage of this way of running PowerShell scripts is that you don’t need to copy the PS1 script file to remote computers. You can use not only the local script but also the PS script in a shared network folder that can be accessed from the local computer.

READ ALSO  How to Check Windows Uptime?

If you need to run PowerShell scripts with credentials other than the current user, you need to use the Credential parameter.

First, you need to get the credential and save them to a variable:

$cred = Get-Credential

execute powershell script on remote computer

Now you can run the PS script on remote computers under the saved credential permissions.

Invoke-Command -FilePath c:\ps\tune.ps1 -ComputerName server1,server2,server3 -Credential $cred

You can save the list of computers in a text file and run PowerShell script remotely on all computers at once:

Invoke-command -comp (get-content c:\ps\servers.txt) -filepath c:\ps\tune.ps1

By default, the Invoke-Command cmdlet sends the PS1 script to 32 remote computers from the list at the same time. If there are more than 32 computers, then PoSh checks the execution status of the script on the first 32 computers. If the script is completed, the command is executed on the next computer. With the ThrottleLimit parameter, you can increase this limit, but be careful not to overload your network.

Using Persistent PowerShell Connections (Sessions)

Each time you run Invoke-Command, a new session is created with the remote computer. This takes time and system resources. In PowerShell, you can create one session and execute all commands and scripts in it.

Using the New-PSSession cmdlet, you can create persistent PowerShell sessions with remote computers.

READ ALSO  To Sign in Remotely, You Need the Right to Sign in Through Remote Desktop Service

For example, let’s create sessions with three computers and save them in the $PSSess variable:

Invoke-Command -FilePath c:\ps\tune.ps1 -ComputerName server1,server2,server3

$PSSess = New-PSSession -ComputerName server1, server2, server3

After establishing a session, you can run it to run commands and scripts. Because sessions are persistent, you can get data from them and use in other commands and scripts.

For example, the following command will get a list of processes on remote servers and store them in the $RemoteProcesses variable:

Invoke-Command -Session $PSSess {$RemoteProcesses = Get-Process}

Now you can use this variable in other commands in the same sessions. In the following example, we use the Where-Object cmdlet to find processes that use more than 500MB of RAM):

Invoke-Command -Session $PSSess {$RemoteProcesses | where-object {$_.WorkingSet -GT 500000*1024}|select processname,@{l="Working Memory (MB)"; e={$_.workingset / 1mb}} |sort "Working Memory (MB)" -Descending}

powershell connect to remote computer and run command

The persistent remote PowerShell session will remain active until you close the PowerShell console, or forcefully close or delete the session using the Disconnect-PSSession or Remove-PSSession cmdlets, respectively.

As you can see, PowerShell provides ample opportunities for running scripts and commands on remote computers. Windows administrators surely can use PowerShell Remoting in addition to the classic PsExec tool from Sysinternals.

Cyril Kardashevsky

3 comments

  1. Hi,
    My requirement is to delete few folders from Windows Server1 by executing script from Windows Server2.
    I tried running the Enter-PSSession Server1 and Invoke-Command but I get a permission denied error as shown below:
    You do not have sufficient access rights to perform this operation.
    + CategoryInfo : PermissionDenied [Remove-Item], IOException
    Can you please help?

    Thanks,
    Varun

  2. In this command

    Invoke-Command -FilePath c:pstune.ps1 -ComputerName server1,server2,server3

    Can you use a UNC path for the ps1 file?

    i.e. Invoke-Command -FilePath \\server0\share0\folder0\pstune.ps1 -ComputerName server1,server2,server3

    Thanks!

  3. Hi,
    I want to run(executes) Windows PS scripts on remote computers(servers) via Invoke commands, I am using the same commands you have mentioned here, but the script file in remote server not executed.
    Can you tell me how I can execute/run files parallel in remote computers

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.