PowerShell script to check if process is running on multiple remote computers and copy a file if process is NOT running, keep list of those which succeeded etc

Question

PowerShell script to check if process is running on multiple remote computers and copy a file if process is NOT running, keep list of those which succeeded etc

Darren Rose 496

Hi, I would like some advice/help on improving the script below which was written with help on another forum.

I will explain the requirements first so you can see what I am doing.

To copy a file to lots of computers on domain network, but file can only be copied if specific process (app) is not running

So the steps I need to do:-

1) Check if computer is online or accessible - I used Test-Connection for this as seemed to work okay - but had to add -ErrorAction SilentlyContinue if not got error "Test-Connection : Testing connection to computer 'Tfdffdd' failed: No such host is known" for computers which didn't exist in DNS etc. Store failure computer namesin a variable to try later, if pass then continue - NOTE: Perhaps I should use -Quiet here to just get back a boolean result?

2) I then need to check I can actually access the computer using PS Remoting as had some cases where get error below due to firewall config or because they are on a public network - these are things I can easily fix when I know which computers are affected - but no point in trying to copy a file if can't even connect etc - so handy to store failure computer names in another variable which I can sort later, and if connect okay to continue

[Lxxxx] Connecting to remote server Lxxxx failed with the following error message : WinRM cannot process the request. The following error with errorcode 0x80090322 occurred while using Kerberos authentication: An unknown security error occurred. Possible causes are: -The user name or password specified are invalid. -Kerberos is used when no authentication method and no user name are specified. -Kerberos accepts domain user names, but not local user names. -The Service Principal Name (SPN) for the remote computer name and port does not exist. -The client and remote computers are in different domains and there is no trust between the two domains. After checking for the above issues, try the following: -Check the Event Viewer for events related to authentication. -Change the authentication method; add the destination computer to the WinRM TrustedHosts configuration setting or use HTTPS transport. Note that computers in the TrustedHosts list might not be authenticated. -For more information about WinRM configuration, run the following command: winrm help config. For more information, see the about_Remote_Troubleshooting Help topic. + CategoryInfo : OpenError: (Lxxxx:String) [], PSRemotingTransportException + FullyQualifiedErrorId : -2144108387,PSSessionStateBroken

For this I had tried Test-WSMan but that comes back as all okay even though I can't connect to them, so instead I used Invoke-Command which worked fine

3) I then check to see if a specifc process is running - using Get-Process which works fine - if process is running then store computer name in variable to try again later, if process is not running then continue

4) Copy file to computer - for this Copy-Item worked fine - BUT on the odd computer (down to a current DNS issue) I get an error below which I need to handle somehow as with current script it thinks it is a success wrongly

Copy-Item : The network path was not found
At C:\Tmp\PCA_TESTING_ONLY\file_copy.ps1:11 char:37

... =$computer; Copy-Item -Path "\lb-nordc\SoftwareInstalls\CCH_ProAudit ...

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

CategoryInfo : NotSpecified: (:) [Copy-Item], IOException

FullyQualifiedErrorId : System.IO.IOException,Microsoft.PowerShell.Commands.CopyItemCommand

5) show results based on which of the four stages it got to - e.g. offiline, remoting failed, process running, file copied okay

Below are two version of the scripts I have been using.

I am still learning so would like any comments / advice on

a) how the scripts can be made better - any other methods I could use e.g. try..catch to make it better / more bulletproof?

b) any poor scripting practices etc

c) how to combine the two checks e.g. Test-Connection first and then check can access remotely second before continuing (point 1 and 2 above) - or is the second bit an area for try..catch perhaps?

d) how to handle file copy-item error in point 4 above

Anything I have missed please ask.

Much appreciated in advance for any feedback / help given :)

Script 1 - just checking if online using Test-Connection

$computers = @("PC1", "PC3")
$RNote = @()
$NNote = @()
$off = @()

Foreach ($computer in $computers) {
    $TestC = Test-Connection -ComputerName $computer -Count 1 -ErrorAction SilentlyContinue 
    If (!($TestC)) { $off += $computer } Else {

        $Procs = Invoke-Command -ComputerName $computer { Get-Process Notepad -ErrorAction SilentlyContinue }
        If (!$Procs) { $NNote += $computer; Copy-Item -Path "\\lserver\myfile.txt" -Destination "\\$computer\c$\folder\" -Force }
        elseif ($Procs) { $RNote += $computer }
    }
}

$leng = [array]$RNote.count, $NNote.Count, $off.count
[int]$max = ($leng | Measure-Object -Maximum).Maximum
for ($i = 0; $i -lt $max; $i++) {
    [pscustomobject]@{
        "Notepad On"  = $(if ($RNote[$i]) { $RNote[$i] })
        "Notepad Off" = $(if ($NNote[$i]) { $NNote[$i] })
        "Offline "    = $(if ($off[$i]) { $off[$i] })
    }
}

Script 2 - checking if can access using ps remoting

$computers = @("NOa-IT")
$RNote = @()
$NNote = @()
$off = @()

Foreach ($computer in $computers) {
    $TestRemote = Invoke-Command -ComputerName $computer { 1 } -ErrorAction SilentlyContinue
    If (($TestRemote -ne 1)) { $off += $computer } Else {

        $Procs = Invoke-Command -ComputerName $computer { Get-Process Proaudit -ErrorAction SilentlyContinue }
        If (!$Procs) { $NNote += $computer; Copy-Item -Path "\\server\myfile.txt" -Destination "\\$computer\c$\folder\" -Force }
        elseif ($Procs) { $RNote += $computer }
    }
}

$leng = [array]$RNote.count, $NNote.Count, $off.count
[int]$max = ($leng | Measure-Object -Maximum).Maximum
for ($i = 0; $i -lt $max; $i++) {
    [pscustomobject]@{
        "File NOT Copied" = $(if ($RNote[$i]) { $RNote[$i] })
        "File Copied"     = $(if ($NNote[$i]) { $NNote[$i] })
        "Offline "        = $(if ($off[$i]) { $off[$i] })
    }
}

Answer accepted by question author

2 additional answers

Your answer

Answer 1

Rich Matheisen 48,026

Ignoring, for the moment, the "best" way to test for connectivity, or WinRM (or both) connectivity, if you have a lot of machine that are going to be the subject of that script, you can speed thing up by running things in parallel with Invoke-Command.

Try this on a small set of computers and see if it works in the same way as your "Script 1":

$computers = @("PC1", "PC3")
$Results = @()
# get online machines
$TestC = Test-Connection -Computer $computers -Count 2 -ErrorAction SilentlyContinue -WarningAction SilentlyContinue |
            Select-Object -ExpandProperty Address
# get offline machines
$Computers |
    ForEach-Object{
        if ($TestC -notcontains $_){
            $Results += [PSCustomObject]@{
                Computer = $_
                "Notepad On" = "N/A"
                "Notepad Off" = "N/A"
                "Offline" = $true
            }
            $_
        }
    }
# see if notepad is running on online machines
$Procs = Invoke-Command -ComputerName $TestC { Get-Process Notepad -ErrorAction SilentlyContinue }
$Procs |
    ForEach-Object{
        $Results += [PSCustomObject]@{
                        Computer = $_.PSComputerName
                        "NotePad On" = $true
                        "Notepad Off" = $false
                        "OffLine" = $false
                    }
    }
# copy file to machine if not running notepad
$xProcs = $Procs | Select-Object -ExpandProperty PSComputerName
$TestC |
    ForEach-Object{
        if ($xProcs -notcontains $_){
            $Results += [PSCustomObject]@{
                Computer = $_
                "NotePad On" = $false
                "Notepad Off" = $true
                "OffLine" = $false
            }
            Copy-Item -Path "\\lserver\myfile.txt" -Destination "\\$_\c$\folder\" -Force
        }
    }
$Results

Darren Rose 496 Reputation points

2021-01-22T22:17:38.66+00:00

I thought the scripts I was using were already using Invoke-Command to check the process - same as your example, or am I missing something - to be fair I find your scripting much easier to read and understand than the one I was using

It worked but for some reason duplicated two of the three computers I added

Computer Notepad On Notepad Off Offline

PC3 N/A N/A True
PC1 False True False
PC1 False True False
PC2 False True False
PC2 False True False
Rich Matheisen 48,026 Reputation points

2021-01-23T00:00:43.863+00:00

Oops. The Test-Connection cmdlet returns one result for each test. I bumped the number of tests from 1 to 2, so each positive test yields two results. To fix that, add "-Unique" to the Select-Object on line #5.

BTW, using a count of "1" with the Test-Connection can add a lot of failures. A "ping" uses ICMP and there's no guaranty that the ICMP "echo" request or reply won't just be dropped. Always test a minimum of two times.

And, yes, you do use Invoke-Command, but only on one machine at a time. By supplying an array of names instead of a single name, the script block is run up to "ThrottleLimit" times at once (the default is 32 -- adjustable by using the -ThrottleLimit parameter on the Invoke-Command). This can dramatically reduce the time it takes to process large numbers of requests.
Darren Rose 496 Reputation points

2021-01-23T00:21:17.56+00:00

Okay that makes sense and would be perfect to speed up my task, but in your code I only see Invoke-Command being used for checking the Process is running, not for copying the file?

I will take a further look tomorrow as I understand some of the new code, but the ForEach-Object bit confuses me so need to look at it with a clearer head (is late here now)

Thank you though, handy to learn better ways to achieve my requirements
Rich Matheisen 48,026 Reputation points

2021-01-23T03:31:03.35+00:00

To use "Copy-Item" the way you coded it I don't think it's possible because each invocation of the script block would need a different value for the target machine.

However, you could use Start-Job and then wait for them all to complete. It needs more code, and there's a bit more overhead. I'll add another answer with the modified script. I can't test it because I have only one machine!

Answer 2

Rich Matheisen 48,026

This should "parallelize" the copying. Test it first!

$computers = @("PC1", "PC3")
$Results = @()
# get online machines
$TestC = Test-Connection -Computer $computers -Count 2 -ErrorAction SilentlyContinue -WarningAction SilentlyContinue |
            Select-Object -ExpandProperty Address -Unique
# get offline machines
$Computers |
    ForEach-Object{
        if ($TestC -notcontains $_){
            $Results += [PSCustomObject]@{
                Computer = $_
                "Notepad On" = "N/A"
                "Notepad Off" = "N/A"
                "Offline" = $true
                Copied = "N/A"
            }
            $_
        }
    }
# see if notepad is running on online machines
$Procs = Invoke-Command -ComputerName $TestC { Get-Process Notepad -ErrorAction SilentlyContinue }
$Procs |
    ForEach-Object{
        $Results += [PSCustomObject]@{
                        Computer = $_.PSComputerName
                        "NotePad On" = $true
                        "Notepad Off" = $false
                        "OffLine" = $false
                        Copied = "N/A"
                    }
    }
# copy file to machine if not running notepad
$xProcs = $Procs | Select-Object -ExpandProperty PSComputerName
$TestC |
    ForEach-Object{
        if ($xProcs -notcontains $_){
            [array]$RunOn += $_
        }
$RunOn |
    ForEach-Object{
        $Jobs += Start-Job -Name "CopyTo-$_" -ScriptBlock{
                    param (
                        [String]$Machine
                    )
                    Try{
                        Copy-Item -Path "\\lserver\myfile.txt" -Destination "\\$Machine\c$\folder\" -Force -ErrorAction Stop | Out-Null
                        $true
                    }
                    Catch{
                        $false
                    }
                } -ArgumentList $_
        $Jobs | 
            Wait-Job |
                Receive-Job |
                    ForEach-Object{
                        $Results += [PSCustomObject]@{
                            Computer = $_
                            "NotePad On" = $false
                            "Notepad Off" = $true
                            "OffLine" = $false
                            Copied = $_
                        }
                    }
        $Jobs | 
            Remove-Job | 
                Out-Null
    }
$Results

Darren Rose 496 Reputation points

2021-01-23T13:04:46.7+00:00

@Rich Matheisen - many thanks for the answers, sorry for delay in replying (time zone difference), I will spend some time testing today and respond in more detail later :)
Darren Rose 496 Reputation points

2021-01-23T13:14:28.163+00:00
N.B. Potentially still need to handle the issue I mentioned in point 4 above e.g. error I sometimes get on Copy-Item to some computers - I don't want it thinking file has been copied successfully (which it did in original script) when it hadn't been copied due to error?

4) Copy file to computer - for this Copy-Item worked fine - BUT on the odd computer (down to a current DNS issue) I get an error below which I need to handle somehow as with current script it thinks it is a success wrongly

Copy-Item : The network path was not found
At C:\Tmp\PCA_TESTING_ONLY\file_copy.ps1:11 char:37

... =$computer; Copy-Item -Path "\lb-nordc\SoftwareInstalls\CCH_ProAudit ...

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

CategoryInfo : NotSpecified: (:) [Copy-Item], IOException

FullyQualifiedErrorId : System.IO.IOException,Microsoft.PowerShell.Commands.CopyItemCommand
Darren Rose 496 Reputation points

2021-01-23T13:29:18.327+00:00

Also not sure if I still need to do the second check (point 2 above and my second example script) e.g. checking if I can connect remotely between test-connection and checking notepad open? I think it may still be handy to do as it would give me a list back of computers with remoting errors to then fix later
Darren Rose 496 Reputation points

2021-01-23T16:19:39.44+00:00

Update: point 4 handled using Try..Catch
Darren Rose 496 Reputation points

2021-01-23T17:25:23.927+00:00

have added this in successfully
Rich Matheisen 48,026 Reputation points

2021-01-23T19:38:02.447+00:00

See line #46 in the code I posted last night.
Darren Rose 496 Reputation points

2021-01-23T19:57:40.377+00:00

Noted - thanks
Rich Matheisen 48,026 Reputation points

2021-01-23T20:01:55.46+00:00

Test-Connection is using ICMP "echo". The machine being tested could be in an almost-dead condition and it would "ping". OTOH, a lot of machines (or firewalls) block "ping" requests. So it's a test that may provide inconclusive results. IOW, just because a "ping" fails does not necessarily mean a WinRM will fail.

A simple test to connect on port tcp:5989 is a better indication that WinRM will succeed, but it doesn't verify that the WinRM connection won't fail because of another problem (e.g., a credential failure).

Also, testing for the presence of a running process might not be the thing to do. Simply returning a "$true" value would suffice, unless Notepad is going to interfere with the Copy-Item. But if you're checking for Notepad, what if Notepad is running but it's using some other file -- does that matter?
Rich Matheisen 48,026 Reputation points

2021-01-23T20:07:47.047+00:00

A question for you: Does it matter, when running the Copy-Item -Path "\lserver\myfile.txt" -Destination "\$Machine\c$\folder\" -Force if you were to use an Invoke-Command and run Copy-Item -Path "\lserver\myfile.txt" -Destination "c:\folder\" -Force instead? I don't know if the destination machine has the permission or ability to access the share.

If an Invoke-Command can be used then the does can I posted can be simplified.
Darren Rose 496 Reputation points

2021-01-23T20:30:38.613+00:00

I was just using notepad as a process during testing, when used in real-world it is a specific LOB app that needs to be closed for the file copy to work, if it is open then the new (correct) file is overwritten when the app closes, so checking it is closed and only copying then solved the problem - and so far seems to work well.

We allow pings on our firewall so again this seems to suffice for now, but I get your point and in future may just rely on test to connect on specific port instead. Test-Connection seems quite reliable as it has seems to get correct results for those IP's where a ping returns things such as TTL Expired in Transit etc
Darren Rose 496 Reputation points

2021-01-23T20:32:20.243+00:00

Quite happy to try an Invoke-Command for that instead, the destination machines will definitely have permissions for the share I am using as I chose a location they can access specifically to avoid any issues
Darren Rose 496 Reputation points

2021-01-24T23:40:42.217+00:00

@Rich Matheisen - any suggestion you have on improving the Copy-Item part using Invoke-Command as per your message yesterday would be greatly appreciated -- thanks
Darren Rose 496 Reputation points

2021-01-26T22:11:38.853+00:00

Hi, can you tell me your thoughts re simplyfying the code using Invoke-Command for the Copy-Item as per your message a few days back? many thanks
Darren Rose 496 Reputation points

2021-01-28T23:23:14.78+00:00

@Rich Matheisen - would appreciate you responding - you asked me a question which I answered in the hope you had a solution for doing the copy-item with invoke-command, was interested in your ideas

Answer 3

Here's a script that checks for "ping" status, WinRM status, and then offloads the check for a running process and file transfer to the remote machine. The results are sent to a CSV.

It looks larger than it really is. A lot of the code is checking/recording success/failure.

$computers = @("WS05", "WS06", "WONKY")
$Results = @{} # a hash of hashes, key = machine name

# test all machines for online status
# may not be entirely necessary but may help with troubleshooting
Test-Connection -Computer $computers -Count 2 2>&1 |
    ForEach-Object{
        $State = [ordered]@{
            Machine = ""
            Pingable = ""
            PingError = ""
            WinRM = "N/A"
            WinRMError = ""
            AppRunning = "N/A"
            FileCopied = "N/A"
            ExecError = ""
        }
        If ($_ -is [System.Management.Automation.ErrorRecord]){
            # only record failure if there have been no other successes
            # ICMP is an unreliable protocol and success and failures may
            # be intermingled. A failure followed by a success means the
            # machine is reachable and responding. After a success don't
            # record any failure
            if (-not $results.ContainsKey($_.TargetObject)){
                $State.Machine = $_.TargetObject
                $State.Pingable = $false
                $State.PingError = $_.Exception
                $Results.($_.TargetObject) = $State
            }
        }
        elseif($_.pstypenames -contains 'System.Management.ManagementObject#root\cimv2\Win32_PingStatus'){
            $State.Machine = $_.Address
            $State.Pingable = $true
            $State.PingError = ""
            $Results.($_.Address) = $State
        }
        else{
            "Uh-Oh" # shouldn't happen -- maybe throw exception to see why??
        }
    }

# Check each machine for WinRM, process running, and copy-item
# Do this for ALL machines regardless of ping failures becasue
# a failure to ping doesn't mean WinRM will fail too
Invoke-Command -ComputerName $computers -ScriptBlock{
    $x = [PSCustomObject]@{
            AppRunning = $false
            FileCopied = $false
            ExecError = ""
        }
    Try{
        if (Get-Process Notepad -ErrorAction Stop){
            $x.AppRunning = $true
        }
    }
    Catch{
        if (-not $_.Exception -like "Cannot find a process with the name*"){
            $x.ExecError = $_.ToString()
        }
    }
    if ( (-not $x.AppRunning) -and $x.ExecError.Length -eq 0 ){
        Try{
            Copy-Item -Path "\\lserver\myfile.txt" -Destination "c:\folder\" -Force -ErrorAction Stop | Out-Null
            $x.FileCopied = $true
        }
        Catch{
            $x.ExecError = $_.ToString()
        }
    }
    $x
} 2>&1 |
    ForEach-Object{
        If ($_ -is [System.Management.Automation.ErrorRecord]){
            $Results.($_.TargetObject).WinRM = $false
            $Results.($_.TargetObject).WinRMError = $_.Exception
        }
        elseif($_ -is [PSCustomObject]){
            $Results.($_.PSComputerName).WinRM = $true
            $Results.($_.PSComputerName).ExecError = $_.ExecError
            $Results.($_.PSComputerName).AppRunning = $_.AppRunning
            $Results.($_.PSComputerName).FileCopied = $_.FileCopied
        }
    }
$Results.GetEnumerator()|
    ForEach-Object{
        [PSCustomObject]$_.Value
    } | Export-CSV c:\junk\Whatever.csv -NoTypeInformation

Darren Rose 496 Reputation points

2021-01-29T20:58:23.383+00:00

Thank you so much Rich, I will spend some time over the weekend dissecting it and testing it :)

Really appreciate your help, I have learnt so much already from your answers, really helping my powershell knowledge.
Darren Rose 496 Reputation points

2021-02-04T16:06:33.67+00:00

Still haven't had chance to spend time with it - lots of work on this week, will get round to it though and leave feedback - Thanks again
Darren Rose 496 Reputation points

2021-02-12T20:58:58.697+00:00

Just wanted to say thank you very much Rich, with a combination of what I learnt from your scripts and some other bits I have managed to achieve what I wanted, and have learnt so much more in the process - much appreciated :)

Share via

PowerShell script to check if process is running on multiple remote computers and copy a file if process is NOT running, keep list of those which succeeded etc

2 additional answers

Your answer