I have this script:
Invoke-WUJob -ComputerName comp-1,comp-2,comp-3 -Script {ipmo PSWindowsUpdate; Get-WUInstall -Install -AcceptAll | Out-File C:\PSWindowsUpdate.log } -Confirm:$false -Verbose –RunNow
and after execution I get this:
Invoke-WUJob : PSWindowsUpdate module missing on destination machine
At line:1 char:1
+ Invoke-WUJob -ComputerName 1002-hk-ws-001,1002-hk-ws-002,1002-hk-ws-0 ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ResourceUnavailable: (:) [Invoke-WUJob], Exception
+ FullyQualifiedErrorId : ModuleMissing,PSWindowsUpdate.InvokeWUJob
I used these commands below on every PC to install to PSWindowsUpdate and setup winrm and it still does not work:
winrm quickconfig -q
winrm set winrm/config/client ‘#{TrustedHosts="comp1,comp2,comp3"}’
Set-ExecutionPolicy RemoteSigned
Install-Module PSWindowsUpdate -Scope CurrentUser -Force
Any ideas?
the windows update cannot use remotely, maybe the hardening, you could work with a schedule task Register-ScheduledJob -scriptblock { get-windowsupdate -acceptall}
I am going to assume that you are in a workgroup mode, vs Domain joined machines by virtue of what you said you did on each host.
You have to be an admin on the target to run this.
about_Remote_Requirements
Unless you make additional configs.
You Don’t Have to Be An Administrator to Run Remote PowerShell Commands
Thus, you need to pass credentials in your code, if you are not already running your PowerShell session with admin creds for the remote targets. This is really PowerShell remoting 101 and a well-documented use case.
Your error is saying the module is not on the remote host or can't be found.
Windows updates are a machine-level thing. So, the import should be to the AllUsers PowerShell profile not some individual user of the machines. There is extra work to get PSRemoting working on workgroup systems. For domain-joined, hosts, you can enable it using GPO. No need for extra steps.
See the steps here:
Enable PowerShell Remoting on a standalone (workgroup) computer
Running code on remote systems will always run in the user context that you started, regardless of who is on the remote target.
Ok so now I'am getting a different error :
Invoke-WUJob : You can not find requested file . (Error HRESULT: 0x80070002)
At line:1 char:1
+ Invoke-WUJob -ComputerName 1002-ski-ws-003,1002-ski-nb-002 -Script {i ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [Invoke-WUJob], FileNotFoundException
+ FullyQualifiedErrorId : System.IO.FileNotFoundException,PSWindowsUpdate.InvokeWUJob
I've installed everything on remote machines to : Windows\System32\WindowsPowerShell\v1.0\Modules\PSWindowsUpdate but it looks like it still does not see the module ?
Related
Does anyone know how to install an MSIX package into a Docker container?
Currently my Dockerfile does the following:
Install PFX certificate to "Trusted Root Certification Authorities", which is specified by "Cert:\LocalMachine\Root" in the PowerShell command.
Copy MSIX package from network drive.
Install MSIX as an app. (Fails)
Remove local copy of MSIX package.
Dockerfile:
RUN powershell $pwd = ConvertTo-SecureString -String 'CeRtPaSsWoRd' -AsPlainText -Force; Import-PfxCertificate -Password $pwd -FilePath "R:/app-stream-cert.pfx" -CertStoreLocation Cert:\LocalMachine\Root \
&& copy "R:/mcre-22-r2-x64.msix" "C:/" \
&& powershell Add-AppPackage -path "C:/mcre-22-r2-x64.msix" \
&& del "C:/mcre-22-r2-x64.msix"
I have this error:
Add-AppPackage : Deployment failed with HRESULT: 0x80073D19, An error occurred
because a user was logged off.
error 0x80073D0A: Failed to install package
AnsysInc.mcre-22-r2_22.2.0.0_x64__13gfg92hgbc9g because the firewall service
is not running. Ensure that the firewall service is enabled and started.
NOTE: For additional information, look for [ActivityId]
b9bbd738-fed5-0000-fec9-bdb9d5fed801 in the Event Log or use the command line
Get-AppPackageLog -ActivityID b9bbd738-fed5-0000-fec9-bdb9d5fed801
At line:1 char:1
+ Add-AppPackage -path C:/mcre-22-r2-x64.msix
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (C:\mcre-22-r2-x64.msix:String) [A
dd-AppxPackage], Exception
+ FullyQualifiedErrorId : DeploymentError,Microsoft.Windows.Appx.PackageMa
nager.Commands.AddAppxPackageCommand
I've tried enabling firewall service in the container and on the host machine using powershell Start-Service -Name mpssvc. I'm able to enable firewall service on the host, but not in the container. Some posts indicate that Windows Docker containers share firewall service with their host. However my 0x80073D0A error still persists.
Environment info:
Docker engine version 20.10.21
Base image mcr.microsoft.com/windows:20H2
Host OS Win 10 Pro 10.0.19044.2251
I am running a fresh mcr.microsoft.com/dotnet/framework/runtime:4.8-windowsservercore-ltsc2019
The first thing I try to do is install Print-Server but gives me an error (It is the first time I am installing a windows feature with powershell):
add-WindowsFeature -Name Print-Server
add-WindowsFeature : The request to add or remove features on the specified server failed.
Installation of one or more roles, role services, or features failed.
The source files could not be found.
Use the "Source" option to specify the location of the files that are required to restore the feature. For more information on specifying a source
location, see http://go.microsoft.com/fwlink/?LinkId=243077. Error: 0x800f081f
At line:1 char:1
+ add-WindowsFeature -Name Print-Services -IncludeAllSubFeature
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (#{Vhd=; Credent...Name=localhost}:PSObject) [Install-WindowsFeature], Exception
+ FullyQualifiedErrorId : DISMAPI_Error__Failed_To_Enable_Updates,Microsoft.Windows.ServerManager.Commands.AddWindowsFeatureCommand
I have tried to mount my host WinSxS inside the container and use the sources folder , but I get the same error.
Install-WindowsFeature -Name Print-Server -Source c:\sources
I have also tried online with Enable-WindowsOptionalFeature but gives me this error :
PS C:\> Enable-WindowsOptionalFeature -Online -FeatureName Print-Server
Enable-WindowsOptionalFeature : Feature name Print-Server is unknown.
At line:1 char:1
+ Enable-WindowsOptionalFeature -Online -FeatureName Print-Server
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [Enable-WindowsOptionalFeature], COMException
+ FullyQualifiedErrorId : Microsoft.Dism.Commands.EnableWindowsOptionalFeatureCommand
Looking at other questions this part seams to be working for other people. I am running windows 10 enterprise 2004.
Does someone know what can I do ?
From here:
The mcr.microsoft.com/windows image should be the targeted base image.
Other Windows container base images (such as Nano Server and Windows
Server Core) do not carry the Printing Server Role.
I've created a small cluster of 2 win servers in a domain and another for the remote executions.
I am able to run Get-NlbClusterNode locally on each of the servers.
I can establish remote session with the 2 nodes and have all the permissions in place.
I can run Get-NlbClusterNode command remotely if only one of the servers is in the cluster, but when both are in the cluster I get:
PS C:\Windows\system32> Invoke-Command -ComputerName 10.10.10.9 -ScriptBlock { Get-NlbClusterNode } -credential $Creds
Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))
+ CategoryInfo : PermissionDenied: (Microsoft.Netwo...tNlbClusterNode:GetNlbClusterNode) [Get-NlbClusterN
ode], UnauthorizedAccessException
+ FullyQualifiedErrorId : Access denied.,Microsoft.NetworkLoadBalancingClusters.PowerShell.GetNlbClusterNode
+ PSComputerName : 10.10.10.9
Is this the so called powershell double hop issue? How could be this fixed?
Thank you
I've created a C# WCF Windows service app in VS 2017 and added Docker Support.
The following Dockerfile was created:
FROM microsoft/dotnet-framework:4.7.1-windowsservercore-1709
ARG source
WORKDIR /app
COPY ${source:-obj/Docker/publish} .
ENTRYPOINT ["C:\\WcfService.exe"]
When I build it using docker-compose in VS I get an error:
Cannot start service from the command line or a debugger. A Windows
Service must first be installed (using installutil.exe) and then
started with the ServerExplorer, Windows Services Administrative tool
or the NET START command. The program '[2172] WcfService.exe' has
exited with code 0 (0x0).
I've opened PowerShell and typed docker ps - the container is running.
So I used New-Service command and to create "TestService".
When I use Get-Service to see all services, I can see it in the list in 'Stopped' mode.
When I use Start-Service TestService I get the following error:
Start-Service : Failed to start service 'TestService (TestService)'.
At line:1 char:1
+ Start-Service TestService
+ ~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : OpenError: (System.ServiceProcess.ServiceController:ServiceController)
[Start-Service], ServiceCommandException
+ FullyQualifiedErrorId : StartServiceFailed,Microsoft.PowerShell.Commands.StartServiceCommand
Tried to find info but nothing works. Any ideas?
Ok, so I took Jeroen's advice and dug deeper to see the event viewer. I used some filters on the 'Get-EventLog' command to get the relevant error line and stored it in a variable
$A = Get-EventLog -LogName System -Newest 10 -Source "Service Control Manager" | Select *
Then, I formatted it nice using something like:
$A | Format-List -Property *
and got the exception.
Apparently it has something to do with a C++ dll my app is using. It could be missing or the environment has trouble running it, but that's another issue which I believe I can solve.
Hope that helps others running into similar issues. Thanks.
I am pretty sure the answer is so simple but here it is;
I'm using TopShelf to install my service and I can succesfully install and run it from command line as
MyExecutable.Daemon install
MyExecutable.Daemon start
This is fine but it has to be amongst the Services and it wasn't so I tried;
sc create "MyExecutable.Daemon" binPath= "C:\'Program Files (x86)'\MyExecutable.Daemon.exe" DisplayName= "MyExecutable.Daemon" start= auto
but got
Set-Content : A positional parameter cannot be found that accepts argument 'binpath='.
At line:1 char:1
+ sc create MyExecutable.Daemon binpath= "C:\'Program Files (x86)'\...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (:) [Set-Content], ParameterBindingException
+ FullyQualifiedErrorId : PositionalParameterNotFound,Microsoft.PowerShell.Commands.SetContentCommand
So I'm stuck here. What am I missing here?
sc in powershell is the alias for set-Content cmdlet use sc.exe instead.
Try this (not tested)
sc.exe create "MyExecutable.Daemon" binPath="C:\'Program Files (x86)'\MyExecutable.Daemon.exe" DisplayName="MyExecutable.Daemon" start=auto
You should do MyExecutable.Daemon install start. I think I've done that successfully from a PowerShell prompt before but I guess I would have to verify. If that doesn't work, you need to enable logging with one of the logging plugins and provide the log file. You shouldn't use sc to install a Topshelf service. That will fail.