Powershell Invoke-Command with hyphen arguments
I need to be able to run the following cmd command on a remote computer.
"C:\Program Files\IIS\Microsoft Web Deploy V3\msdeploy.exe" -verb:sync -source:package="\\Server\Share\Package.zip" -dest:auto,computerName=Server1
Powershells Invoke-Command looks promising but I cannot figure out how to pass the arguments to msdeploy.
I've tried
Invoke-Command -ComputerName RemoteServer1 -ScriptBlock { "C:\Program Files\IIS\Microsoft Web Deploy V3\msdeploy.exe" -verb:sync -source:package="\\Server\Share\Package.zip" -dest:auto,computerName=Server1 }
But it says "you must provide a value expression on the right-hand side of the '-' operator.". So I'm guessing the issue is the hyphens but I don't know how to escape them to make the command work.
Part one: dealing with PowerShell command-line specifics
Use & to call external executable. Syntax: & "[path] command" [arguments].
Also note, that msdeploy supports alternate way of specifying arguments when called from PowerShell:
With a minor modification to its usual syntax, Web Deploy commands can be run from a Windows PowerShell prompt. To do this, change the colon character (:) after the verb, source, and dest arguments of the Web Deploy command to an equal sign (=). In the following example, compare the Web Deploy command with its PowerShell version.
Web Deploy command:
command: msdeploy -verb:sync -source:metakey=/lm/w3svc/1 -dest:metakey=/lm/w3svc/2 -verbosePowerShell command:
.\msdeploy.exe -verb=sync -source=metakey=/lm/w3svc/1 -dest=metakey=/lm/w3svc/2 -verbose
Note, that arguments are wrapped in the array: this hints PowerShell how to pass them correctly to the target application.
Example:
Invoke-Command -ComputerName RemoteServer1 -ScriptBlock {&"C:\Program Files\IIS\Microsoft Web Deploy V3\msdeploy.exe" @('-verb=sync', '-source=package="\\Server\Share\Package.zip"', '-dest=auto,computerName=Server1')}
Part two: dealing with multi-hop authentication
From your comments I'm seeing that now PowerShell successfully runs msdeploy on remote server, but msdeploy can't access the remote share:
While the command executes, now msdeploy it saying:
"More Information: Object of type 'package' and path '\Server\Share\Package.zip' cannot be created. Learn more at: http://go.microsoft.com/fwlink/?LinkId=221672#ERROR_EXCEPTION_WHILE_CREATING_OBJECT.
Error: The Zip package '\Server\Share\Package.zip' could not be loaded. Error: Access to the path '\Server\Share\Package.zip' is denied. Error count: 1."
Even though the user has access to the share (read/write).
That's because you actually trying to establish a remoting session from computer A (client) to computer B (server) and then from computer B, you trying to access the file in a share on computer C (\\Server\Share\Package.zip).
Invoke-Command fails because remote session tries to access the file share using the machine credentials instead of the credentials used to invoke the remote session. There is a way to pass or delegate credentials from the client so that we can authenticate to the file share. This is what is called multi-hop authentication and PowerShell remoting enables this using CredSSP.
To enable CredSSP, run those commands from elevated prompt:
On your PC:
Enable-WSManCredSSP -Role Client -DelegateComputer "TargetServer.FQ.DN"DelegateComputerparameter is used to specify the server or servers that receive the delegated credentials from the client. TheDelegateComputeraccepts wildcards (*.FQ.DN). You can also specify*to specify all computers in the network.On target server:
Enable-WSManCredSSP -Role Server
Now, you should be able to run Invoke-Command with CredSSP as the authentication method and pass the credentials:
Invoke-Command -ComputerName RemoteServer1 -Authentication Credssp -Credential Domain\Username -ScriptBlock {&"C:\Program Files\IIS\Microsoft Web Deploy V3\msdeploy.exe" @('-verb=sync', '-source=package="\\Server\Share\Package.zip"', '-dest=auto,computerName=Server1')}
Part three: passing parameters with Invoke-Command
How would I go about having the server parameterized. If I have a parameter
$Serveras the server name, how would I go about putting that in as a replacement for the-dest=auto,computerName=Server1part?
To pass arguments to a scriptblock, use ArgumentList parameter:
$Servers = @('Server1', 'Server2', 'Server3')
$Command = {
Param($Srv)
&"C:\Program Files\IIS\Microsoft Web Deploy V3\msdeploy.exe" @('-verb=sync', '-source=package="\\Server\Share\Package.zip"', "-dest=auto,computerName=$Srv")
}
$Servers |
ForEach-Object {
Invoke-Command -ComputerName RemoteServer1 -Authentication Credssp -Credential Domain\Username -ScriptBlock $Command -ArgumentList $_
}
And going further:
Нow would I go about adding extra parameters dynamically to the command. I need to add in
-skip:objectName=dirPath,absolutePath="<folder>"to the arguments in the&"C:\Program Files\..."line, for each folder in an array of strings.
If you have one set of folders to exclude for all servers:
$Servers = @('Server1', 'Server2', 'Server3')
$SkipPaths = @('C:\folder\to\skip1', 'C:\folder\to\skip2', 'C:\folder\to\skip3')
$SkipCmd = $SkipPaths | ForEach-Object {"-skip=objectName=dirPath,absolutePath=$_"}
$Command = {
Param($Srv, $Skp)
&"C:\Program Files\IIS\Microsoft Web Deploy V3\msdeploy.exe" $(@('-verb=sync', '-source=package="\\Server\Share\Package.zip"', "-dest=auto,computerName=$Srv") + $Skp)
}
$Servers |
ForEach-Object {
Invoke-Command -ComputerName RemoteServer1 -Authentication Credssp -Credential Domain\Username -ScriptBlock $Command -ArgumentList ($_, $SkipCmd)
}
If you have different set of folders for each of servers:
$Servers = @{
Server1 = @('C:\folder\to\skip_1', 'C:\folder\to\skip_2', 'C:\folder\to\skip_3')
Server2 = @('C:\folder\to\skip_A', 'C:\folder\to\skip_B', 'C:\folder\to\skip_C')
Server3 = @('C:\folder\to\skip_X', 'C:\folder\to\skip_Y', 'C:\folder\to\skip_Z')
}
$Command = {
Param($Srv, $Skp)
&"C:\Program Files\IIS\Microsoft Web Deploy V3\msdeploy.exe" $(@('-verb=sync', '-source=package="\\Server\Share\Package.zip"', "-dest=auto,computerName=$Srv") + $Skp)
}
$Servers.GetEnumerator() |
ForEach-Object {
$SkipCmd = $_.Value | ForEach-Object {"-skip=objectName=dirPath,absolutePath=$_"}
Invoke-Command -ComputerName RemoteServer1 -Authentication Credssp -Credential Domain\Username -ScriptBlock $Command -ArgumentList ($_.Key, $SkipCmd)
}
- Vim on Windows started showing ^M characters
- virtualenv activate does not work
- Launch process with priority
- Get the permissions of users with respect to the repositories via the API of ADO
- Start a non-elevated instance of "powershell.exe -NoProfile" from an elevated host/console
- How to quickly change shell folder to match the currently open file
- Escaping quotes inside nested powershell calls
- Replacing illegal characters in XML / plist file and keeping the formatting
- How to concisely add/update keys in JSON?
- Remove lines from a text file if it contains a string
- PowerShell output is crossing between functions
- Modify OuterXml of a given node to keep it in file, but render node useless
- vcpkg: `pwsh.exe` is not recognized as an internal or external command
- Powershell is not excluding the right values to delete the images from the azure repository
- How can I add email recipients to a Graph API request programmatically?
- How To Use Regex in Powershell to replace all but first character of a match
- Get-ADGroup member count domain issue
- How to add color to symbol objects?
- How can I use Terraform to run a script to initialise the database on a newly-created Azure mssql_virtual_machine?
- Hi this is my PowerShell code I am writing this code to validate IP and add them in a text file
- PowerShell history: how do you prevent duplicate commands?
- How to call preprocessor in c
- How do you edit the command line in an external editor?
- How do I get the return value of a Powershell script that is run in Excel VBA?
- Get file type description for file extensions
- Finding duplicate file names in Powershell
- PowerShell 7.3.0 breaking command invocation
- Send email based on log file generated/found at path
- dotnet ef scaffold Unrecognized option '-t firstTable -t secondTable' - pass arguments stored in a string
- How to escape special characters in PowerShell?