Execute a PowerShell command once remote machine access the network

67 views Asked by At

I'm currently working on a PowerShell module that dynamically assigns a unique local admin password to each machine on the network based on a specific naming convention. I've got that script working well, but obviously, if one of the computers the script is accessing isn't turned on or is disconnected from the network, I just get the 'Could not connect to RPC server' error message. Now, if I were to push out these password changes via group policy, even if the computer wasn't connected to the network, once it did check in, the change would be implemented. I can think of a couple of ways to mimic this behavior in PowerShell, such as setting it as a scheduled task, rerunning the script only against computers that weren't reached the previous run, but I was wondering if anyone knew of any best practices for carrying out this kind of operation?

Thanks!

1

There are 1 answers

0
djsnakz On

Unless you had a way to send a Wake on LAN packet of some sort via another tool then its not exactly possible to interact with PowerShell on a computer that is offline. SCCM is a great Product for something like this. since it will just deploy as the machines become available.

There is functionality of PowerShell to pause certain tasks or components of scripts using a Workflow, however this type of configuration is being used less and less with since the arrival of PowerShell Desired State Configuration.

Since we're talking about best practises, you should never correlate anything in common with your Local Admin password (i.e the name of a computer) if that combination is discovered then local admin to every computer is accessible. Also, Local admin should be defined from base build of the machine/server. This is where a tool like SCCM would have a step in a task sequence that defines the local admin password for that machine. After that it could be stored in a password vault of some sort and tucked away.