stackoom
  简体   繁体   中英

Powershell Remote Stop and Disable Service

 原文  2020-03-25 14:19:08       powershell/ get-wmiobject

Question

SO Braintrust. I'm not a Powershell person, but I'm working on it. Trying to address yet another zero-day, I'm trying to build a reuseable script to remotely stop and disable the affected service. It is based on a script I got from a Microsoft MVP at (ultimately): http://portal.sivarajan.com/2010/07/stopstart-or-enabledisable-service_26.html

The prompt for the service name was added by me as well as the output information (Write-host & Add-Content lines), so I could get a results summation (the output part's not working fully, but it's the least of my concerns at the moment.).

$output = "c:\scripts\results.csv"
Add-content -path $output "======================"
Add-content -path $output "StopAndDisableService Output Start"
cls
$Cred = Get-Credential
$service = Read-Host -Prompt 'Enter Service Name" '
Import-CSV C:\Scripts\computers.csv | % 
{ 
   $computer = $_.ComputerName
   Write-Host "Working on $computer"
   Add-content -path $output "$computer"
   $result = (Get-WmiObject win32_service -computername $computer -filter "name='$service'" -Credential $cred).stopservice()
   Add-content -path $output "    Stop - $result"
   $result = (Get-WmiObject win32_service -computername $computer -filter "name='$service'" -Credential $cred).ChangeStartMode("Disabled")
   Add-content -path $output "    Disable - $result"
} 
Add-content -path $output "======================"
Add-content -path $output "StopAndDisableService Output End"

when I run it, I get an error on the computer name

Get-WmiObject : Cannot validate argument on parameter 'ComputerName'. The argument is null or empty. Provide an argument that is not null or empty, and then try the command again. At C:\\Scripts\\StopAndDisableService.ps1:12 char:54 + ... result = (Get-WmiObject win32_service -computername $computer -filter ... + ~~~~~~~~~ + CategoryInfo : InvalidData: (:) [Get-WmiObject], ParameterBindingValidationException + FullyQualifiedErrorId : ParameterArgumentValidationError,Microsoft.PowerShell.Commands.GetWmiObjectCommand Get-WmiObject : Cannot validate argument on parameter 'ComputerName'. The argument is null or empty. Provide an argument that is not null or empty, and then try the command again. At C:\\Scripts\\StopAndDisableService.ps1:14 char:54 + ... result = (Get-WmiObject win32_service -computername $computer -filter ... + ~~~~~~~~~ + CategoryInfo : InvalidData: (:) [Get-WmiObject], ParameterBindingValidationException + FullyQualifiedErrorId : ParameterArgumentValidationError,Microsoft.PowerShell.Commands.GetWmiObjectCommand

Computer.csv contains one computer name per line, no punctuation, no FQDN, just the computer name

1 answers

solution1
 0  2020-03-25 16:00:41

Special thanks to @Mathias R. Jessen for his help on this. Final working code. you will have to analyze the screen output to catch any errors and see which machines it did not catch due to being offline @ time of running (some output file items have been commented out since they don't work as intended)

$output = "c:\scripts\results.csv"

Add-content -path $output "======================"
Add-content -path $output "StopAndDisableService Output Start"
cls
$Cred = Get-Credential
$service = Read-Host -Prompt 'Enter Service Name" '
Import-CSV C:\Scripts\computers.csv -Header ComputerName | % { 
$computer = $_.ComputerName
Write-Host "Working on $computer"
Add-content -path $output "$computer"
$result = (Get-WmiObject win32_service -computername $computer -filter "name='$service'" -Credential $cred).stopservice()
#Add-content -path $output "    Stop - $result"
$result = (Get-WmiObject win32_service -computername $computer -filter "name='$service'" -Credential $cred).ChangeStartMode("Disabled")
#Add-content -path $output "    Disable - $result"
}
Add-content -path $output "======================"
Add-content -path $output "StopAndDisableService Output End"

Analyzing results on the screen output, any results with

  • Just the machine name - means it's processed without error on that machine (success)
  • RPC server is unavailable means machine is offline
  • Cannot call a method on Null-Valued expression on line 12 or line 14 means that service doesn't exist on that machine

The results.csv output file will contain list of names of the machines this script was run against

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Stop remote service using PowerShell PowerShell Script to Stop a service on multiple remote machines PowerShell script to stop service and backup a folder in remote path C# run powershell script (remote start/stop service) How to find, stop and disable a Windows service using Powershell powershell stop service remotely How can i stop and disable a srvice in remote machines using powershell by parallel execution? How to start/stop a service on a remote server using PowerShell - Windows 2008 & prompt for credentials? stop or start a service on remote machine Stop the Service, Restart and Start the service using Powershell
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM