PowerShell: Reusable PSSessions

Problem

I wanted to be able to run any script from any workstation on our network but I did not want to have any credentials hard-coded.

Solution

I quickly found that PSSession was the solution to my problem.
In my first implementation the amount of open PSSessions skyrocketed. So I wanted a solution that would easily let me reuse any open session to the server I needed.

Steps

  • I ran Enable-PSRemoting on the test server to be able to connect to it.
  • Experimented with the PSSession cmdlet
  • Added 2 new cmdlets to my default module

Result

A cmdlet to get a PSSession to our ActiveDirectory server.
This will return either a session that is already open or it will create a new one using the requested credentials.
If a new session is created the ActiveDirectory module is loaded inside that session.

Function Get-SADSession {
	<#
	.SYNOPSIS
		Gets a PSSession connected to an Active Directory server

	.DESCRIPTION
		The Get-SADSession cmdlet checks if there is any active connection to an Active Directory server.
		If any active connection exists it will return this connection.
		If no active connection exists a new session wil be created using Administrator credentials.
	
	.EXAMPLE
		Get-SADSession

	.OUTPUTS
		System.Management.Automation.Runspaces.PSSession
	#>
	[CmdletBinding()]
	Param(
	)
	Begin {}
	Process {
		$outputSession = $Null
		foreach($session in Get-PSSession){
			if(($session.ComputerName -eq $DomainController) -and ($session.Availability -eq "Available")){
				$outputSession = $session
			}
		}
		if ($outputSession -eq $Null){
			$outputSession = New-PSSession -ComputerName $DomainController -Credential $Administrator -Name 'Active Directory'
		}
		Invoke-Command -Session $outputSession -ScriptBlock {Import-Module ActiveDirectory}
		Write-Output $outputSession
	}
	End {}
}

And another cmdlet to get a session to our ExchangeServer.
(To be clear it is an EXSession for ExchangeSession and we prepend an S to all our cmdlets)

Function Get-SEXSession {
	<#
	.SYNOPSIS
		Gets a PSSession connected to an Exchange server

	.DESCRIPTION
		The Get-SADSession cmdlet checks if there is any active connection to an Active Directory server.
		If any active connection exists it will return this connection.
		If no active connection exists a new session wil be created using Administrator credentials.
	
	.EXAMPLE
		Get-SEXSession

	.OUTPUTS
		System.Management.Automation.Runspaces.PSSession
	#>
	[CmdletBinding()]
	Param(
	)
	Begin {}
	Process {
		$strSessionName = "SEXSession"
		$outputSession = $Null
		foreach($session in Get-PSSession){
			if(($session.ComputerName -eq $strSessionName) -and ($session.Availability -eq "Available")){
				$outputSession = $session
			}
		}
		if ($outputSession -eq $null){
			$outputSession = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri "http://$SRV_Exchange/Powershell/" -Authentication Kerberos -Credential $USR_Administrator -Name $strSessionName
		}
		Write-Output $outputSession
	}
	End {}
}

Then you can execute commands on the the server from any workstation by using the Invoke-Command cmdlet.

$session = Get-SADSession
Invoke-Command -Session $session -ScriptBlock {
	#DoStuff
}

Alternatively you can import the commands from a PSSession into your current session.

Import-PSSession (Get-SEXSession)
#DoStuff
Advertisements

Tags: , , , , , , ,

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: