A PowerShell Session Challenge

PowerShell Remoting is a key management tool. But just because you’ve turned it on, doesn’t mean you are done. The Chairman thinks it should still be managed. To that end, he has commissioned the following advanced challenge. Although, as with all challenges, don’t let the label deter you. The Chairman hopes you will tackle as much of the challenge as you can.

The focus of this challenge is on traditional, or WSMan, PowerShell remoting connections. Your goal is to identify remote sessions on a remote Windows computer. Your task is to write a PowerShell function to connect to remote computers and query for connected sessions. Your function should support credentials. You will need to filter out your own connection. The goal is to identify who has connected and details about their connection. The function should write a custom object to the pipeline that includes this information:

  • The remote computer name
  • The name of the connected user
  • The name of the connected PSSessionConfiguration
  • The process ID of their connection
  • When the connection was made
  • The connection state (i.e. connected)
  • How long the connection has been running
  • How much memory is being used
  • The current date and time

Bonus

For extra credit, or to truly test your skills, here are additional items to include in your solution:

  • The connected user’s SID
  • The process IDs of any child processes
  • The originating computer name, or at least its IPv4 address
  • Show all date time values as UTC values
  • Create a custom formatting file that shows a subset of properties, but include memory usage formatted as MB

As usual, please submit links to your work in the comments. Good Scripting!


One Reply to “A PowerShell Session Challenge”

Leave a Reply

Your email address will not be published. Required fields are marked *