Forum Discussion
Entering in commands on a remote workstation using a PS script
I am trying to create a PS script that opens a session on a remote workstation and executes these commands:
$session = New-PSSession -ComputerName $workstationName
# Prompt for credentials
$cred = Get-Credential
# Use Invoke-Command to run the script block with elevated credentials
Invoke-Command -Session $session -Credential $cred -ScriptBlock {
# Check if the session is available
if ($session -ne $null) {
Write-Host "Session established. Waiting for the session to be ready..."
# PowerShell commands here
netsh advfirewall firewall set rule name="File and Printer Sharing (Echo Request - ICMPv4-In)" new enable=yes profile=domain
Set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server'-name "fDenyTSConnections" -Value 0
Enable-NetFirewallRule -DisplayGroup "Remote Desktop"
netsh advfirewall firewall set rule group="windows management instrumentation (wmi)" new enable=yes
Set-NetFirewallRule -DisplayGroup "Network Discovery" -Enabled True
Get-Process
}
# Exit the remote session
Exit-PSSession
} else {
Write-Host "Failed to establish a session."
}
Here is the error. Any help is appreciated
Invoke-Command : Parameter set cannot be resolved using the specified named parameters.
At C:\XXXX\VMPrepBeta6.ps1:67 char:5
+ Invoke-Command -Session $session -Credential $cred -ScriptBlock {
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (:) [Invoke-Command], ParameterBindingException
+ FullyQualifiedErrorId : AmbiguousParameterSet,Microsoft.PowerShell.Commands.InvokeCommandCommand
- LainRobertsonSilver Contributor
Hi, Andrew.
You're getting that error because using both -Session and -Credential on the same call to Invoke-Command is not a supported combination, which you can see from the documentation:
That said, this script is also unnecessarily complex, where you can simplify it down to the following:
# Prompt for credentials $cred = Get-Credential; # Use Invoke-Command to run the script block with elevated credentials Invoke-Command -ComputerName $workstationName -Credential $cred -ScriptBlock { # PowerShell commands here Set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server'-name "fDenyTSConnections" -Value 0; Enable-NetFirewallRule -Name "FPS-ICMP4-ERQ-In-NoScope"; # Using the pre-defined name of the rule specific to the domain profile. Enable-NetFirewallRule -DisplayGroup "Remote Desktop", "Network Discovery", "windows management instrumentation (wmi)"; Get-Process; }
The only time you might look to create a separate session would be if you have a valid use case for calling Invoke-Command against the same workstation multiple times, but I can't recall seeing such a scenario.
Cheers,
Lain
- balasubramanimIron Contributor
Use the credentials when creating the session, not with Invoke-Command
Please try this script.
$cred = Get-Credential
$session = New-PSSession -ComputerName $workstationName -Credential $credif ($session -ne $null) {
Invoke-Command -Session $session -ScriptBlock {
netsh advfirewall firewall set rule name="File and Printer Sharing (Echo Request - ICMPv4-In)" new enable=yes profile=domain
Set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server' -Name "fDenyTSConnections" -Value 0
Enable-NetFirewallRule -DisplayGroup "Remote Desktop"
netsh advfirewall firewall set rule group="windows management instrumentation (wmi)" new enable=yes
Set-NetFirewallRule -DisplayGroup "Network Discovery" -Enabled True
Get-Process
}
Remove-PSSession -Session $session
} else {
Write-Host "Failed to establish a session."
}