1
00:00:00,140 --> 00:00:03,210
So let's go back into our environment, and we'll first look at

2
00:00:03,210 --> 00:00:06,740
how we create a PowerShell remote session.

3
00:00:06,740 --> 00:00:10,080
We'll then look at how we reuse an existing remote

4
00:00:10,080 --> 00:00:12,700
PowerShell session after we've disconnected.

5
00:00:12,700 --> 00:00:16,840
And then lastly, we'll look at how we remove PowerShell sessions completely,

6
00:00:16,840 --> 00:00:18,790
effectively closing them down.

7
00:00:18,790 --> 00:00:21,940
So we're back on a Windows 10 workstation, and this

8
00:00:21,940 --> 00:00:23,560
one is the one that's on the domain,

9
00:00:23,560 --> 00:00:26,040
so there's no limitations of connecting here.

10
00:00:26,040 --> 00:00:28,900
So what we want to do is actually create a remote session.

11
00:00:28,900 --> 00:00:31,250
Now there's a couple of different ways of doing this, and our first

12
00:00:31,250 --> 00:00:34,800
approach is to use what's called Invoke‑Command.

13
00:00:34,800 --> 00:00:40,070
So Invoke‑Command allows us to pass in a ‑ComputerName.

14
00:00:40,070 --> 00:00:43,770
So our ‑ComputerName, in this instance, will be 10.0.0.5,

15
00:00:43,770 --> 00:00:48,170
which is the IP address of the Active Directory server, so

16
00:00:48,170 --> 00:00:50,740
we'll utilize this as the connection.

17
00:00:50,740 --> 00:00:50,980
Now,

18
00:00:50,980 --> 00:00:53,650
of course, with this command we actually have what's

19
00:00:53,650 --> 00:00:55,760
referred to as the script block.

20
00:00:55,760 --> 00:00:59,460
Now the script block is the command or commands that we

21
00:00:59,460 --> 00:01:04,140
wish to execute on that remote machine.

22
00:01:04,140 --> 00:01:08,820
So what we're doing here is saying invoke a request to this

23
00:01:08,820 --> 00:01:10,870
remote computer. And while you're there,

24
00:01:10,870 --> 00:01:12,030
once you've got connected,

25
00:01:12,030 --> 00:01:16,860
run Get‑ComputerInfo as a cmdlet. So if I press Enter here,

26
00:01:16,860 --> 00:01:18,570
it's going to come back and say, okay,

27
00:01:18,570 --> 00:01:22,600
connecting to the remote server failed. The WinRM client

28
00:01:22,600 --> 00:01:26,060
cannot process the request, so there's some kind of

29
00:01:26,060 --> 00:01:28,670
connectivity issues between the two.

30
00:01:28,670 --> 00:01:32,440
Now we've already worked through some of these issues before of

31
00:01:32,440 --> 00:01:36,340
how to communicate between various machines.

32
00:01:36,340 --> 00:01:37,100
Now, of course,

33
00:01:37,100 --> 00:01:43,900
we've also added trusted hosts to the various machines, so that's one

34
00:01:43,900 --> 00:01:45,440
of the options that we're going to have to check.

35
00:01:45,440 --> 00:01:50,340
So I'm going to paste in that same syntax and just choose

36
00:01:50,340 --> 00:01:53,770
Get‑Item, and you'll see that that has no value.

37
00:01:53,770 --> 00:01:56,960
So what we'll do is we'll go back and change that to

38
00:01:56,960 --> 00:02:01,510
Set‑Item again on this machine, Set‑Item,

39
00:02:01,510 --> 00:02:08,550
TrustedHosts, and we'll just do an asterix sign here, and we'll choose yes,

40
00:02:08,550 --> 00:02:13,460
and then we'll clear that down, and then I'll go back and invoke my command,

41
00:02:13,460 --> 00:02:17,650
so I'll click Enter. Now, same process again. You can see it's kind of a

42
00:02:17,650 --> 00:02:21,620
little bit confused like what's going on, why is it not connecting? It failed

43
00:02:21,620 --> 00:02:26,530
because of the authentication option, and, of course, maybe we need to pass

44
00:02:26,530 --> 00:02:28,140
credentials to that machine.

45
00:02:28,140 --> 00:02:32,540
So instead of just trying to invoke a request to that machine,

46
00:02:32,540 --> 00:02:35,970
we obviously need to say, well actually, we're trying to connect in a

47
00:02:35,970 --> 00:02:40,980
certain way. So, we already know how to do this, so let's create our

48
00:02:40,980 --> 00:02:49,140
creds object here, so $creds = GetCredential, and we'll say ‑UserName

49
00:02:49,140 --> 00:02:57,170
"TRAINING\Trainer" like so. We'll press Enter. It's asking me for a

50
00:02:57,170 --> 00:03:00,590
message, so I'm just going to type the word Test, and then we'll put

51
00:03:00,590 --> 00:03:04,840
the password in.

52
00:03:04,840 --> 00:03:08,120
Okay, let's just make sure my creds object's working. Sure enough,

53
00:03:08,120 --> 00:03:13,710
I've got one here. So, let's go back to Invoke‑Command, and I'm

54
00:03:13,710 --> 00:03:17,210
going to go a little bit further up here to the IP address, and I'm

55
00:03:17,210 --> 00:03:20,550
going to say ‑Credential $creds.

56
00:03:20,550 --> 00:03:23,520
So we now have ‑‑‑‑ This is the computer I want to connect to,

57
00:03:23,520 --> 00:03:27,280
this is the credential I want to use, and this is what I'd like you to execute.

58
00:03:27,280 --> 00:03:29,640
So we're now going to press Enter, and you can see it's now

59
00:03:29,640 --> 00:03:33,440
launching the Get‑ComputerInfo on that machine.

60
00:03:33,440 --> 00:03:37,010
And you can see, even by just looking here where it says LogonServer,

61
00:03:37,010 --> 00:03:37,840
it says the name.

62
00:03:37,840 --> 00:03:41,310
If we scroll a bit further up here, you can see all of the details of

63
00:03:41,310 --> 00:03:44,270
that machine. And as we scroll towards the top,

64
00:03:44,270 --> 00:03:46,170
you'll see, you know, the network adapters,

65
00:03:46,170 --> 00:03:48,080
the name, TRAININGAD.

66
00:03:48,080 --> 00:03:52,230
So, it created a connection to that other machine,

67
00:03:52,230 --> 00:03:53,930
and it was a one‑time connection.

68
00:03:53,930 --> 00:03:57,820
It effectively went over and connected to it, and then we

69
00:03:57,820 --> 00:04:02,140
turned the values that we had before.

70
00:04:02,140 --> 00:04:06,520
Now, we have a different command that we can utilize here, so I'm

71
00:04:06,520 --> 00:04:10,610
going to say Get‑PSSession and press Enter.

72
00:04:10,610 --> 00:04:16,640
Now you notice we have no sessions because when we did the Invoke‑Command,

73
00:04:16,640 --> 00:04:21,560
the Invoke‑Command is literally just invoking a command on

74
00:04:21,560 --> 00:04:26,350
the other machine and returning a value. It's not meant to

75
00:04:26,350 --> 00:04:29,040
be a reusable connection.

76
00:04:29,040 --> 00:04:32,340
Now, what about if we wanted to use that approach?

77
00:04:32,340 --> 00:04:35,840
Well, what we can do is if I just clear this here,

78
00:04:35,840 --> 00:04:37,180
we'll come down a bit further,

79
00:04:37,180 --> 00:04:42,630
I'm going to create a session. Call it Session1, a variable.

80
00:04:42,630 --> 00:04:47,930
And what we'll do is we'll say New‑PSSession, which is another

81
00:04:47,930 --> 00:04:51,440
way of connecting, and we'll pass in the computer name, which is

82
00:04:51,440 --> 00:04:54,510
the same one as before, so 10.0.0.5.

83
00:04:54,510 --> 00:04:59,630
And, of course, we have a credential object that we wish to utilize that just

84
00:04:59,630 --> 00:05:02,640
makes sure that we connect, and I'm going to press Enter.

85
00:05:02,640 --> 00:05:05,730
Now, if I look inside that session variable,

86
00:05:05,730 --> 00:05:09,010
you can see that I have a remote machine connection

87
00:05:09,010 --> 00:05:11,990
using PowerShell to that other machine.

88
00:05:11,990 --> 00:05:13,100
So that's connected.

89
00:05:13,100 --> 00:05:15,240
It has an ID of 4.

90
00:05:15,240 --> 00:05:19,970
Now what I can do now is I can say, well, I would like to invoke

91
00:05:19,970 --> 00:05:24,000
a command to that machine, but I already have a session, so I

92
00:05:24,000 --> 00:05:26,340
don't need to pass a computer name.

93
00:05:26,340 --> 00:05:29,470
So what I can do instead is we use the property called

94
00:05:29,470 --> 00:05:34,640
‑Session, and then I can say use my $session1.

95
00:05:34,640 --> 00:05:39,270
Once I've got my $session1, I can then use my script block

96
00:05:39,270 --> 00:05:42,100
where I don't necessarily have to declare it,

97
00:05:42,100 --> 00:05:47,190
but I can say Get‑ComputerInfo and press Enter. Notice what happens. It goes

98
00:05:47,190 --> 00:05:51,510
into the existing PowerShell session and will then retrieve the same details

99
00:05:51,510 --> 00:05:56,080
as before. But if I now say Get‑PSSession,

100
00:05:56,080 --> 00:05:58,440
you'll see that my session still exists.

101
00:05:58,440 --> 00:06:02,120
So it's a great way of getting a connection to a machine and then

102
00:06:02,120 --> 00:06:05,420
being able to reuse it again and again. Because when we execute

103
00:06:05,420 --> 00:06:11,200
commands, we can just drop them into that session ID. So let's

104
00:06:11,200 --> 00:06:12,840
just clear that for a second.

105
00:06:12,840 --> 00:06:15,950
Now, when we use these kind of,

106
00:06:15,950 --> 00:06:20,810
I suppose, interactive sessions, then what we're able to do is effectively

107
00:06:20,810 --> 00:06:24,140
run commands again and again into those environments.

108
00:06:24,140 --> 00:06:29,440
Now, that session that we created is actually more a persistent session.

109
00:06:29,440 --> 00:06:32,580
So it's not interactive. I'm not effectively running a

110
00:06:32,580 --> 00:06:35,570
command, and it's running it on that machine.

111
00:06:35,570 --> 00:06:39,430
Now, if we used Enter‑PSSession,

112
00:06:39,430 --> 00:06:42,580
which is obviously one option that we've looked at in the past., so I'm going

113
00:06:42,580 --> 00:06:48,940
to say 10.0.0.5, I'm going to pass my ‑Credential object just to make sure,

114
00:06:48,940 --> 00:06:54,190
$creds, and press Enter here, you'll see that the interactive session

115
00:06:54,190 --> 00:06:58,420
basically hijacks the current session that we've got, and it tells me that

116
00:06:58,420 --> 00:07:02,660
I've got this IP address, and then it says this is where you can start typing

117
00:07:02,660 --> 00:07:03,820
information that's there.

118
00:07:03,820 --> 00:07:06,490
So, when we do an interactive session,

119
00:07:06,490 --> 00:07:11,420
it's as if we are on that specific machine. So it works really,

120
00:07:11,420 --> 00:07:12,220
really well.

121
00:07:12,220 --> 00:07:15,990
It just means that I'm on this session on that machine,

122
00:07:15,990 --> 00:07:18,600
and then when I'm finished with that, I'm then going to come back.

123
00:07:18,600 --> 00:07:20,940
So, let me type exit here.

124
00:07:20,940 --> 00:07:24,380
This will bring me back to there. I'm now going to go ahead and

125
00:07:24,380 --> 00:07:31,520
create a New‑PSSession, a brand‑new one, ‑ComputerName, same as

126
00:07:31,520 --> 00:07:36,630
before, like so, and we'll make sure that we have a credential

127
00:07:36,630 --> 00:07:39,540
object of $creds. Press Enter.

128
00:07:39,540 --> 00:07:43,680
Okay, so I've now got another one with an ID of 6. If I now

129
00:07:43,680 --> 00:07:47,340
say Get‑PSSession, you should see both.

130
00:07:47,340 --> 00:07:51,020
So I have two sessions. Now you may have thought that that would've said, no,

131
00:07:51,020 --> 00:07:53,780
you already have a session, but that's not how that works.

132
00:07:53,780 --> 00:07:59,170
I now have two remote PowerShell sessions to the same machine, which means

133
00:07:59,170 --> 00:08:03,540
that I can drop in and out of those sessions as I need to.

134
00:08:03,540 --> 00:08:13,110
So if I say Enter‑PSSession, I can say ‑Session, and I could say 6,

135
00:08:13,110 --> 00:08:15,200
and you can go through. Of course, it's going to come back and

136
00:08:15,200 --> 00:08:18,590
complain, but it's going to come back and say, well, what session

137
00:08:18,590 --> 00:08:20,880
is it that you want to go into?

138
00:08:20,880 --> 00:08:26,000
And I obviously need to pass a unique kind of session ID or have

139
00:08:26,000 --> 00:08:30,940
retrieved the session to kind of enter that session again.

140
00:08:30,940 --> 00:08:32,380
Now how does that work?

141
00:08:32,380 --> 00:08:39,030
Well, from a syntax perspective, we're going to use Enter‑PSSession, and

142
00:08:39,030 --> 00:08:43,560
then we're going to use the session variable. And then at some point, we

143
00:08:43,560 --> 00:08:50,070
need to run Get‑PSSession, and you can see we've got some various options

144
00:08:50,070 --> 00:08:52,330
here. So we can go and say get the name,

145
00:08:52,330 --> 00:08:54,450
get the instance ID, if we need to.

146
00:08:54,450 --> 00:08:57,540
So I'm going to say get number 6, and then we can press Enter.

147
00:08:57,540 --> 00:09:01,510
Now, of course, notice what happens. If we do InstanceId, it gives

148
00:09:01,510 --> 00:09:04,840
me a GUID, which isn't really the one that I'm looking for, but if

149
00:09:04,840 --> 00:09:07,160
we say I and keep looping,

150
00:09:07,160 --> 00:09:11,750
you'll see Id. I can now get that session back. So just be careful.

151
00:09:11,750 --> 00:09:16,380
There's lots of IDs around, but you want the actual ID field. So I can

152
00:09:16,380 --> 00:09:21,290
enter a session and then kind of drop into that session, but I can only

153
00:09:21,290 --> 00:09:26,260
go into one session at any time. So I would need to exit. I can come

154
00:09:26,260 --> 00:09:30,230
back. I can then get rid of 6 and type 4, and then I'm now in the 4

155
00:09:30,230 --> 00:09:32,950
session. Even though they're the same IP address, it doesn't really make

156
00:09:32,950 --> 00:09:37,590
a difference, but it lets me go in and out of those sessions. Now, of course,

157
00:09:37,590 --> 00:09:38,460
that's great.

158
00:09:38,460 --> 00:09:43,660
So if I just say Get‑PSSession, it listed both.

159
00:09:43,660 --> 00:09:46,890
Now, if I wanted to clear down any of these,

160
00:09:46,890 --> 00:09:52,950
then I can say Remove‑PSSession. And from the Remove‑PSSession option,

161
00:09:52,950 --> 00:09:55,870
it's going to expect a session object or container.

162
00:09:55,870 --> 00:09:59,020
You can see me scrolling through. It's got an Id option.

163
00:09:59,020 --> 00:10:03,860
If I say 6, and say remove, and then go back to Get‑PSSession,

164
00:10:03,860 --> 00:10:06,740
you'll notice that number 6 is now gone.

165
00:10:06,740 --> 00:10:11,520
So we can manage creation of those remote sessions either by going

166
00:10:11,520 --> 00:10:14,530
through the process of creating a standard one.

167
00:10:14,530 --> 00:10:19,190
That's just an invoke command, which means it's a one‑time kind of connection.

168
00:10:19,190 --> 00:10:23,950
Or we can drop that into a variable to make it a persistent connection, or

169
00:10:23,950 --> 00:10:28,060
we can do what's referred to as the interactive connection, which means

170
00:10:28,060 --> 00:10:32,570
that it's hijacking the current session we have open. It allows us to run

171
00:10:32,570 --> 00:10:35,040
commands, and then it works from there.

172
00:10:35,040 --> 00:10:39,440
Now, of course, we can also remove sessions fairly painlessly.

173
00:10:39,440 --> 00:10:40,040
Now, of course,

174
00:10:40,040 --> 00:10:43,310
we do have the option of modifying the way the session

175
00:10:43,310 --> 00:10:46,030
connects, so we can use PowerShell options,

176
00:10:46,030 --> 00:10:50,440
etc., and they get created, and then we can utilize them as needed.

177
00:10:50,440 --> 00:10:54,540
So when we create connections out to other machines,

178
00:10:54,540 --> 00:11:01,000
it's important to choose the right way of connecting, depending on how we wish to execute any of the commands.