PowerShell for Desktop Support, Part 1: Remoting, Services and Processes

In my current desktop support role, I often find that I need to remote into a computer to get information about it or make changes without interrupting whoever is currently using the machine. This means that I can't just use the Remote Desktop application, as only one desktop session can run at a time, which would require me to kick the user off. Luckily, PowerShell provides remote access capabilities much like SSH on Unix-based systems that solve this problem.

Our Windows images have PowerShell remoting enabled by default. The PS command to enable remoting on a machine is simple:
Enable-PSRemoting
Optionally, additional flags like -Confirm, -Force, and -SkipNetworkProfileCheck may be specified. The first two are what they sound like; -SkipNetworkProfileCheck allows you to enable remote access from public networks (as opposed to private or domain networks, which are enabled by default), but only within the same subnet. There are security implications for this, so make sure to run
Get-Help Enable-PSRemoting -Examples and read the explanation there.

To connect to a remote PC with an interactive command prompt, run
Enter-PSSession <computer name>
and, once the connection is complete, you will be able to run commands directly on the remote computer. This is really useful for desktop support, as it lets you do work on a computer without disturbing a busy user who may have long-running jobs (graphics/video rendering, etc.) that can't be interrupted.

One thing that we do often is to restart services running on a computer. For example, the Pharos Systems ComTaskMaster service often fails to start automatically after an update to a Pharos package, and must be started manually so that it will resume its normal functionality on further reboots.

To see a list of all of the services running on a computer, use
Get-WmiObject -Class Win32_Service

The output of that command is pretty verbose, as it's listing all of the properties of each object and their values. To get just the names of services, run
Get-WmiObject -Class Win32_Service | Select-Object Name

If you know the name of the service you want to work with, you can look at it specifically with
Get-WmiObject -Class Win32_Service | Where { $_.Name -eq "<service name>" }
and, to work with it, you can store a reference to it in a variable:
$service = Get-WmiObject -Class Win32_Service | Where { $_.Name -eq "<service name>" }

Then, you can interact with the service by piping it to various cmdlets:
$service | Restart-Service
etc. Of course, you don't necessarily need to get the service as a WmiObject if you already know its name; in that case, you can simply do
Restart-Service "<service name>"
for the same effect.

Processes can be interacted with very similarly to services. To get a list of processes running on the computer, you can run
Get-WmiObject -Class Win32_Process
And, to get just the names,
Get-WmiObject -Class Win32_Process | Select-Object Name

For example, to stop a process called "Stuck.exe", you could use
Get-WimObject -Class Win32_Process | Where { $_.Name -eq "Stuck.exe" } | Stop-Process
or, more concisely,
Stop-Process -Name "Stuck.exe"

Other cmdlets to work with processes include Start-Process, Wait-Process, and Debug-Process. Processes are not restartable in the same way that services are.

To end the remote session, simply run
Exit-PSSession .