CMD not working within Invoke-Command

I’m trying to run this command within a script, but it won’t run the DJOIN command.

Invoke-Command -ComputerName $DirectServer -ScriptBlock {
New-Item -ItemType directory -Path “c:\OfflineJoinDomain” -ErrorAction SilentlyContinue
cmd /c Djoin.exe /provision /domain $using:Domain /dcname $using:DomainController /machine $using:NewComputer /policynames “DirectAccess Client Settings” /rootcacerts /savefile “c:\OfflineJoinDomain$using:ComputerFile” /reuse
Copy-Item “c:\offlineJoinDomain$using:ComputerFile” -Destination “\server1\c$\PSDeployment\OfflineJoinDomain$using:ComputerFile”

That description is actually not that helpful. :wink: What exactly happens? Do you get any error messages?
Have you considered using a native PowerShell command instead? As there is

… you don’t need the external tool djoin.exe.

Regardless of that … PowerShell is - just like CMD - a command line shell. So at the moment you’re using one command line shell to call another command line shell to call an external executable. I urgently recommend to re-consider that process.

And last but not least - when you post code, error messages, console output or sample data please format it as code using the “preformatted text” button ( </> ).

Thanks in advance.

Thanks for the response Olaf. I’m adding this computer via the Internet so after the file is generated from the djoin command I run another djoin from the remote computer which talks to my DirectAccess server over https. I don’t think Add-Computer will work in this instance.
I don’t get an error when the djoin command is run. It appears that it’s just not running at all.
Should I use invoke-command multiple times, one for each command?

Hmmm … I don’t have experiences with the offline domain join but I assume you know the following documentation …

I’d recommend instead of running the external command via CMD you should run it via

and catch the potentially occuring output in files via -RedirectStandardOutput and -RedirectStandardError.

For debugging and testing you should try to run the commands by hand and see what happens.

1 Like

I would ensure you’re not running into the common double hop issue. To even query AD from a remote machine via invoke-command, you’ll not be able to make that second hop without passing creds, using credssp, or other work arounds.

1 Like

Doug has a great point, and this is likely a typo, but your UNC is missing a “\” as in “\\server…”

Good catch Tonyd. I changed the server name so probably fat fingered it when I was posting.

One thing you might do to avoid the double hop is move Copy-Item outside of the Inovke-Command, something like:

Copy-Item “\\$DirectServer\c$\offlineJoinDomain$ComputerFile” -Destination “\\server1\c$\PSDeployment\OfflineJoinDomain$ComputerFile”