advanced PS run script on client - remote session calls

Topics: Archive - General
Jan 16, 2014 at 12:26 PM
Hi

A little difficult to explain in a headline but I'll give a go here.. and explain it a bit better..

I've created a PS script to log who logs in to the client PC, counts the number of times within X days and if it counts 10 usersnames that are the same it creates a pssession to my adserver and then updates device description. (I'll add the script later in this post)

It works fine when running from my laptop with adm. rights..

but running from sccm via psappdeploy script I run in to some issues..

I've added it as a package and set it to run every time a user logs on..

Powershell execution policy is 'restricted' on all clients..

How can I get this up and running?

The script is below... and I am aware of the potential problem that when running in system context it will not log the correct user.. but right now I just want the script to run on my test clients..
AND I'm sorry it isn't prettied up.. and sorry for the non english comments strewn about in the script


$session = New-PSSession -cn AD1
Invoke-Command -session $session -script { Import-Module ActiveDirectory }



$user=[Environment]::UserName
$pcName=[Environment]::MachineName
$a = get-Date
$time = $a.ToShortDateString()

##ModelType Query
$mt = Get-WmiObject Win32_ComputersystemProduct | Select-Object -Property Version
$modeltype=$mt.Version
#$modeltype

##Modeltype.version is the one we want

$var1 = $user
$var2 = $pcName
$var3 = $ModelType.Version



##Get full username
$RemName=Invoke-Command -session $session -script { get-aduser -identity $args[0] -Properties Name | Select-Object Name } -argumentlist $var1
$fullname = $RemName.Name


Function Get-Duplicate {
    param($array, [switch]$count)
    begin {
        $hash = @{}
    }
    process {
        $array | %{ $hash[$_] = $hash[$_] + 1 }
        if($count) {
            $hash.GetEnumerator() | ?{$_.value -gt 1} | %{
                New-Object PSObject -Property @{
                    Value = $_.key
                    Count = $_.value
                }
            }
        }
        else {
            $hash.GetEnumerator() | ?{$_.value -gt 1} | %{$_.key}
        }    
    }
}




#write to text file - Username and append
$outfile="C:\tmp\LoggedInUsers.txt"
#Write-output "Login Time = $Time", "Username = $var1" | out-File $outfile -append 
Write-output "$Time, $var1" | out-File $outfile -append 

#get file content
$LogStats = Get-Content C:\tmp\LoggedInUsers.txt
$count=0
$array = @();
#$timespan = new-timespan -days 7
foreach ($Data in $Logstats) { 
$Date, $User = $Data  -split ',' -replace '^\s*|\s*$'
  
  $a=[datetime]::ParseExact($Date,'dd-MM-yyyy',$null)
  
   
  IF ($a.AddDays(7) -gt (get-date))
    {
  $count++
  $array += $User
    }
else
   #Don't do anything
   {}
}

IF ($count -gt 10)
{ 

#($array | group | ?{$_.Count -gt 1}).Values
$same = get-duplicate $array -count
if($same.Count -eq $array.Count)
{write-host "this computer belongs to $User"
Invoke-Command -session $session -script {Set-ADComputer -identity $($args[0]) -Description "$($args[1]) - $($args[2])"} -argumentList $var2, $fullname, $modelType
Invoke-Command -session $session -script {Get-ADComputer -identity $args[0] -Properties Description | Select-Object Description} -ArgumentList $var2

}
else

{write-host "someone else was logged on"}

}
else
{write-host "mindre end 10"}

    

Remove-PSSession -ComputerName AD1
Coordinator
Jan 16, 2014 at 2:23 PM
You need to have RSAT installed on the clients in order to use the ActiveDirectory module for PowerShell. Can you run the script locally on the test clients?
Jan 16, 2014 at 2:44 PM
If I run it as admin user on client then yes..
I shouldn't need RSAT when I use:
$session = New-PSSession -cn AD1
Invoke-Command -session $session -script { Import-Module ActiveDirectory }
Invoke-Command -session $session -script {Set-ADComputer -identity $($args[0]) -Description "$($args[1]) - $($args[2])"} -argumentList $var2, $fullname, $modelType