PowerShell array not working multiple versions of Win10 RS4

PowerShell Help
1

Hi,

First time user, probably read stuff on here before in regards to other issues I’ve had in the past. I’m trying to write a script that will put certain info into the array. The script doesn’t seem to be an issue, but a certain part of PowerShell seems to be misbehaving. Here’s what I have:

Physical machine 1: This is on a domain and I’m running the script as an admin. It works perfectly. I get everything I need with no issue.

Physical machine 2: This is on a different domain than the first physical machine. The script runs, however certain parts of the output are missing.

Virtual machine: This is on the same domain as physical machine 2. Same errors happen.

PowerShell version on all 3 hosts is: 5.1.17134.228. All machines have Win 10 x64 RS4 and are up to date.

Please note all of the machines have AV products on them. Even if I clone the VM to have the same as physical machine 1 it still fails, even if that machine is not on the domain.

So I’m trying to get certain info out of $user into an array. I notice if I type in '$user.'on physical machine 1 it starts to show me other options (In PowerShell ISE) which is what I would expect. The script runs fine there. If I do the same thing on the other two machines it fails to load anything. I’ve run a sfc /scannow and that didn’t make a difference. I’m not sure what’s causing this and this script will eventually be something deployed to many other machines (In the domain for PM2 and VM). I don’t see anything really in the GPO that would be blocking this (If that’s even possible), so I’m really confused here. Can anybody help? Thanks in advance.

2

Can you share a bit of what you’re actually doing in code, and show a bit of how the output differs?

3

Sure. Meant to do that in the original post.

Function InsertArray($Category,$item,$value,$type, $metric_value){

$temp_array={}|select category,item,value,type,metric_value

$temp_array.category=$Category #activity user, activity system
$temp_array.item=$item
$temp_array.value=$value #username, machine name
$temp_array.type=$type
$temp_array.metric_value=$metric_value

$global:results_array+=$temp_array
}

$results_array=@()
$user_sessions=@()

$user_sessions=quser|select -skip 1

foreach($session in $user_sessions) {

write-host Working now on $session
}

$Computer = $env:COMPUTERNAME
$Users = query user /server:$Computer 2>&1

$Users = $Users | ForEach-Object {
(($_.trim() -replace “>” -replace “(?m)^([A-Za-z0-9]{3,})\s+(\d{1,2}\s+\w+)”, ‘$1 none $2’ -replace “\s{2,}”, “,” -replace “none”, $null))
} | ConvertFrom-Csv

if ($user.STATE -eq ‘active’)
{
$state=1
} else {
$state=0
}
InsertArray -Category “activity.user” -item $User.USERNAME -value $user.‘IDLE TIME’ -type “days” -metric_value $state

$overallstatus = @()
$overallstatus = $results_array | where {$_.metric_value -gt 0}
if ($overallstatus){
$state = 1
}else{
$state = 0
}
InsertArray -Category “activity.system” -item $Computer -value $user.STATE -type “count” -metric_value $state
if ($results_array.count -ge 1){
$results_array|select category, item,value,type,metric_value

}

So basically if on physical machine 1 if I type $user.STATE in the command line I get this:

PS C:\Users\Desktop> $user.state
Active

If I type that in either physical machine 2 or the VM it just takes me to another line to type code into. No output at all.

The script output when done should look like this:

category : activity.user
item :
value : 11+06:27
type : days
metric_value : 1

category : activity.system
item :
value : Active
type : count
metric_value : 1

Now on the machines that aren’t working I get this:

category : activity.user
item :
value :
type : days
metric_value : 0

category : activity.system
item :
value : 0
type : count
metric_value : 0

4

So… you may be running into a PowerShell ISE thing. The ISE plays some funky games with scope, meaning after you run a script the artifacts - like variables - from that script continue to exist. That’s not the case anyplace else; the behavior is intended to facilitate development, but the ISE isn’t considered a “production” environment. So if this is working in the ISE but not elsewhere, that’s totally what I’d expect.

Or are you doing this in the ISE everywhere?

5

So it’s happening in ISE on each machine that I described. I noticed on the machine that is working with ISE if I run the script in just PowerShell I get this:

Working now on > console 1 Active 1+05:44 8/15/2018 7:57 AM

Method invocation failed because [System.Management.Automation.PSObject] does not contain a method named ‘op_Addition’.
At C:\Users\Desktop\TestScript.ps1:15 char:1

  • $global:results_array+=$temp_array
  • CategoryInfo : InvalidOperation: (op_Addition:String) , RuntimeException
  • FullyQualifiedErrorId : MethodNotFound

 

So I don’t know what’s really going on now, if this really is working or not. Once the script works right it’s actually supposed to be deployed by another program to all the machines in the domain and report to that program, so I’m hesitant to think anything works properly at this moment.

6

I have refactored your code a little bit.

Function InsertValue {
    Param(
            $Category,
            $Item,
            $Value,
            $Type,
            $MetricValue
        )
    $TempHashTable = @{
        Category     = $Category
        Item         = $Item
        Value        = $Value
        Type         = $Type
        MetricValue = $MetricValue
    }
    New-Object -TypeName PSObject -Property $TempHashTable
}
$results_array = @()
$user_sessions = @()
$user_sessions = quser|select -skip 1
foreach ($session in $user_sessions) {
    write-host Working now on $session
}
$Computer = $env:COMPUTERNAME
$Users = query user /server:$Computer 2>&1
$Users = $Users | ForEach-Object {
    (($_.trim() -replace ">" -replace "(?m)^([A-Za-z0-9]{3,})\s+(\d{1,2}\s+\w+)", '$1  none  $2' -replace "\s{2,}", "," -replace "none", $null))
} | ConvertFrom-Csv
if ($user.STATE -eq 'active') {
    $state = 1
}
else {
    $state = 0
}
$results_array +=InsertValue -Category "activity.user" -item $User.USERNAME -value $user.'IDLE TIME' -type "days" -metricvalue $state
$overallstatus = @()
$overallstatus = $results_array | where {$_.metricvalue -gt 0}
if ($overallstatus) {
    $state = 1
}
else {
    $state = 0
}
$results_array +=InsertValue -Category "activity.system" -item $Computer -value $user.STATE -type "count" -metricvalue $state
if ($results_array.count -ge 1) {
    $results_array | select category, item, value, type, metricvalue
}
  • Using global variables are basically not recommended (at least in my opinion), it makes the script difficult to maintain and enhance.
  • Basically you need Custom Objects here, hence I have refactored your function.
  • When creating function, it is better to use Param() blocks to define parameters even though the other way works.

And of course as Don mentioned, ISE is intended only for Development, you should always test and execute script using powershell.exe

btwn, I would request you to use code posting tags while posting code in this forum. This will help in easily understanding your code.

7

Thanks for the format change on it. Script was given to me by someone else who just wanted it to work a particular way. I ran it, but I’m still not seeing all the results I want to see. I get this when running it in PowerShell:

Working now on >redacted console 1 Active 4+00:30 8/15/2018 7:57 AM

Category : activity.user
Item :
Value :
Type : days
MetricValue : 0

Category : activity.system
Item : name removed
Value :
Type : count
MetricValue : 0

So how do I get data into those blank fields? Is it even possible with the script the way it is, or is there something else that needs to be done?

So in the top Item field I’d like to see the username of the logged on user. For value I’d like to get the login time or idle time if possible.

In the bottom Value field I’d like to get the state of the user (Active, Idle, Disconnected). From what I’ve noticed when I run the original script in ISE or even the new one the MetricValue for both is 1 and it gives me all of the info. For whatever reason when that’s run in PowerShell the MetricValue is 0 and the info I want is missing. Is there something that’s missing here? I’m not sure I understand why it works one way but not the other and its’ preventing me from completing some work.