获取由 Invoke-WmiMethod 启动的进程的状态

发布于 2024-10-25 03:29:02 字数 798 浏览 5 评论 0原文

PowerShell 新手,但喜欢到目前为止我可以如此快速地完成这么多工作:)

无论如何,我将在 PowerShell 脚本中启动一个远程进程:

$compname = "MY-PC"
$myinstallcmd = "c:\install\myprog.exe /s"
$proc = Invoke-WmiMethod -class Win32_Process -name Create -ArgumentList ($myinstallcmd) -ComputerName $compname

在我尝试过的大多数 PC 上,Invoke-WmiMethod cmdlet 都可以工作很好,但在一台电脑上,它就挂了。我现在要做的是获取正在运行的进程的状态,如果它挂起,则杀死它并记录杀死,然后继续。

我确实在帖子中找到了一种可能的方法 在 Powershell 中远程启动进程,出现 %ERRORLEVEL% Windows - 但是,当我尝试在进程 $proc.ProcessId 上执行 Register-WmiEvent 时,我收到了可怕的 0x80070005 (E_ACCESSDENIED) 错误...我正在运行PowerShell 主机作为域管理员。

任何人都可以建议一种方法,让我可以获得我已开始的流程的状态,并能够根据状态采取行动吗?

谢谢!

New to PowerShell, but loving the fact that I can do so much so quickly so far :)

Anyways, I am starting a remote process in a PowerShell script thusly:

$compname = "MY-PC"
$myinstallcmd = "c:\install\myprog.exe /s"
$proc = Invoke-WmiMethod -class Win32_Process -name Create -ArgumentList ($myinstallcmd) -ComputerName $compname

On most of the PCs I've tried, the Invoke-WmiMethod cmdlet works fine, but on one PC, it's hanging. What I'm now looking to do is get the status of the running process, and if it's hung up, kill it and log the kill, and then move on.

I did find a possible method to do this in the post
Starting a process remotely in Powershell, getting %ERRORLEVEL% in Windows - however, when I try to do the Register-WmiEvent on the process $proc.ProcessId, I'm getting the dreaded 0x80070005 (E_ACCESSDENIED) error... I am running the PowerShell host as domain admin.

Can anyone please suggest a way that I can get a status on the process I've started, and be able to take an action based on the status?

Thanks!

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(1

灼痛 2024-11-01 03:29:03

更新:我猜您缺少远程系统凭据:

尝试使用 -Credential 参数将凭据传递到远程系统。这需要一个 PSCredential 对象,因此您可以执行以下操作:

$cred = Get-Credential
Register-WMIEvent -Credential $cred <and other parameters here>

查看以下任一操作是否可以解决访问被拒绝错误:

0x80070005 (DCOM ACCESS_DENIED)
当连接的用户无法识别或受到远程服务器以某种方式限制(例如,用户可能被锁定)时,会发生此错误。当帐户位于不同域时,这种情况最常发生。最近对 WMI 安全性的更改也可能导致出现此错误:

  • Windows XP 和 Windows Server 2003 中不允许使用以前允许的空白密码。

  • WMI 不允许对 Windows 98 客户端进行异步回调。从 Windows 98 计算机到 Windows XP 计算机的 SWbemServices.ExecNotificationQueryAsync 之类的调用将导致返回到 Windows 98 计算机的拒绝访问错误。

  • DCOM 配置访问设置可能已更改。

  • 如果目标计算机运行的是 Windows XP,则注册表项 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa 下的 Forceguest 值可能会设置为强制关闭来宾帐户(值为零)。

来源:http://technet.microsoft.com/en-us/library/ee692772 .aspx

Update: I guess you are missing remote system credentials:

Try passing the credentials to remote system using -Credential parameter. This takes a PSCredential Object and hence you can do something like:

$cred = Get-Credential
Register-WMIEvent -Credential $cred <and other parameters here>

See if any of the following resolves the access denied error:

0x80070005 (DCOM ACCESS_DENIED)
This error occurs when the connected user is not recognized or is restricted in some fashion by the remote server (for example, the user might be locked out). This happens most often when accounts are in different domains. Recent changes to WMI security can also cause this error to occur:

  • Blank passwords, formerly permitted, are not allowed in Windows XP and Windows Server 2003.

  • WMI does not allow asynchronous callbacks to a Windows 98 client. A call like SWbemServices.ExecNotificationQueryAsync from a Windows 98 computer to a Windows XP computer will result in an Access Denied error returned to the Windows 98 machine.

  • The DCOM configuration access setting might have been changed.

  • If the target computer is running Windows XP, the Forceguest value under the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa might be set to force the Guest account off (value is zero).

Source: http://technet.microsoft.com/en-us/library/ee692772.aspx

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文