Get-Process –Computer george | Stop-Process Works just fine.
In Devin’s code below, gotta do the same thing with Get-Service and Set-Service. And you gotta put the initial start-scriptblock on the same line as invoke-command (that’s the error you got) Invoke-Command –Computer $Server-asjob –Command { …. } And then wait on everything to complete Get-Job | Receive-Job From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On Behalf Of Orlebeck, Geoffrey Sent: Tuesday, June 14, 2016 5:19 PM To: 'powershell@lists.myitforum.com' Subject: RE: [powershell] Kill Processes Across Multiple Computers: Devin: I went down the WMI route because the Stop-Process command doesn’t allow remote calls like Get-Process and Set-Service do. If I attempt the code you provided it errors out with: Invoke-Command : Parameter set cannot be resolved using the specified named parameters. So is the Foreach loop necessary regardless? I tried statically assigning a single host (Invoke-Command -ComputerName Hostname) without success as well. I’m wondering if it stems from the $Server variable within Get-Process -ComputerName $Server. I understand you may not have tested what you sent, so I’m asking out of curiosity. Thanks, Geoff From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> [mailto:listsad...@lists.myitforum.com] On Behalf Of Devin Rich Sent: Tuesday, June 14, 2016 9:32 AM To: powershell@lists.myitforum.com<mailto:powershell@lists.myitforum.com> Subject: Re: [powershell] Kill Processes Across Multiple Computers: I forgot to note 1 thing: Invoke-Command does NOT work against your local machine. My understanding is that because you can't establish a remote session to yourself, it fails to connect. So be sure to test this against a remote computer. Thanks, Devin Rich Systems Administrator On Tue, Jun 14, 2016 at 10:28 AM, Devin Rich <dr...@firstelectronicbankusa.com<mailto:dr...@firstelectronicbankusa.com>> wrote: It seems like you are doing this the hard way to me. I may just not be understanding everything correctly though. Would something like this work? Function Stop-RedCloak { [CmdletBinding()] param ( [Parameter(Mandatory=$false,ValueFromPipeline=$true)] [string[]]$Servers = $env:COMPUTERNAME ) Invoke-Command -ComputerName $Servers #Invoke-Command by default runs against 32 servers at once without negatively affecting network performance. You can turn it up with -ThrottleLimit XX { $Process = Get-Process -ComputerName $Server -Name "Inspector*","Procwall*","RedCloak*" If ($Process) { $Process | Stop-Process -Force Set-Service Redcloak -StartupType Disabled } } } Thanks, Devin Rich Systems Administrator On Tue, Jun 14, 2016 at 9:53 AM, Orlebeck, Geoffrey <geoffrey.orleb...@chomp.org<mailto:geoffrey.orleb...@chomp.org>> wrote: Hello, We previously encountered performance issues in our VDI environment when one a vendor kicked off a “deep scan” of all agents, causing our hypervisors to peg CPU and bring VDI to a crawl. We ended up powering down VMs and our team (under the gun) just used whatever methods were familiar to kill the processes (PSExec, Taskkill, PowerCLI, etc.). While we surely hope this doesn’t happen again, we want to be prepared with a way to hopefully kill the processes without having to kill entire VMs and potentially causing loss of work. I am attempting to have a script ready to kill the relevant RedCloak processes and disable the service otherwise they will restart (as we discovered this last go round). I have the following script, but I’ve never worked with jobs or runspaces. I’m thinking with our ~2500 endpoints, it would be best to look into leveraging that, but I’m not sure which is most appropriate for this type of job. Based on the below process, should I focus my efforts on jobs or runspaces? Any helpful examples/tips? I’ve read a few articles but having trouble understanding how to deal with each. Anyway, if the multi-thread doesn’t seem appropriate and I can just turn this loose on a long list of hostnames, I can do that. Just looking for opinions/options. Thank you! Function Stop-RedCloak{ [CmdletBinding()] param ( [Parameter(Mandatory=$false,ValueFromPipeline=$true)] [string[]]$Servers = $env:COMPUTERNAME, [string]$Query = "Name LIKE 'procwall%.exe'` OR Name LIKE 'inspector%.exe'` OR Name LIKE 'redcloak%.exe'" ) Foreach($Server in $Servers) { $Process = Get-Process -ComputerName $Server -Name "Inspector*","Procwall*","RedCloak*" If($Process -ne $null) { (Get-WMIObject Win32_Process -ComputerName $Server -Filter $Query).terminate() Set-Service Redcloak -StartupType Disabled -ComputerName $Server } } } Confidentiality Notice: This is a transmission from Community Hospital of the Monterey Peninsula. This message and any attached documents may be confidential and contain information protected by state and federal medical privacy statutes. They are intended only for the use of the addressee. If you are not the intended recipient, any disclosure, copying, or distribution of this information is strictly prohibited. If you received this transmission in error, please accept our apologies and notify the sender. Thank you. The information contained in this message is privileged, confidential, and protected from disclosure. If you are not the intended recipient, you are hereby notified that any review, printing, dissemination, distribution, copying or other use of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by replying to the message and deleting it from your computer.