Powershell Unable to run Invoke-Command - OpenError: (System.Manageme....RemoteR

Hi All,

I’m trying to run the below PowerShell script to get the list of servers (Windows Server 2008 and 2008 R2) that is missing some updates installed:

$SearchBase = 'DC=Domain,DC=com'
$ComputerList = @(Get-ADComputer -Filter { (Enabled -eq $True) -and (operatingSystem -like '*2008*') } -SearchBase $SearchBase | Select-Object -ExpandProperty Name | Where-Object {Test-Connection $_ -Count 1 -Quiet})

$KBList = @(
	'KB3033929','KB123456','KB4503308' #all Win7 and 2008 R2 systems 

$ComputerList | ForEach-Object {
	Write-Host "Processing $($_) ..."
    $RemoteSession = new-pssession -computername $_

	Invoke-Command -ComputerName $_ -ArgumentList ($KBList) -Session $RemoteSession -ScriptBlock {
		$LastBootUpTime = [Management.ManagementDateTimeConverter]::ToDateTime((Get-WmiObject Win32_OperatingSystem).LastBootUpTime)
		$Session = New-Object -ComObject Microsoft.Update.Session
		$Searcher = $Session.CreateUpdateSearcher()
		$HistoryCount = $Searcher.GetTotalHistoryCount()
		$Results = $Searcher.QueryHistory(0, $HistoryCount)
        $AllKB = @($Results |
			Select-Object -Property `
				@{n='ComputerName'; e={$ENV:Computername}},
				@{n='InstalledOn'; e={$_.Date}},
				@{n='KBArticle'; e={If ($_.Title -match '(?<KBArticle>KB\d{6,7})\b') {$Matches['KBArticle']} Else {$Null}}},
				@{n='Name'; e={$_.Title}},
				@{n='Status'; e={
					Switch ($_.ResultCode) {
						0		{'NotStarted'}
						1		{'InProgress'}
						2		{'Succeeded'}
						3		{'SucceededWithErrors'}
						4		{'Failed'}
						5		{'Aborted'}
						default	{$_}
				@{n='LastBootTime'; e={$LastBootUpTime}} |
			Where-Object {$_.KBArticle -ne $null})
		[Runtime.InteropServices.Marshal]::FinalReleaseComObject($Session) | Out-Null

		$MissingKB = @($KBList | Where-Object {$_ -notin $AllKB.KBArticle})
                $MissingList = $MissingKB | % {[pscustomobject]@{
                        ComputerName = $ENV:Computername
                        KBArticle    = $_
                        Status       = "KB not found: $_"
        return $MissingList
    Remove-PSSession -Session  $RemoteSession
} | 	Sort-Object -Property ComputerName -Descending:$true | Export-CSV -Path C:\TEMP\ScannedResult.csv -NoTypeInformation
However, it is failed with the below error message: new-pssession : [PRODDC01-VM] Connecting to remote server PRODDC01-VM failed with the following error message : The client cannot connect to the destination specified in the request. Verify that the service on the destination is running and is accepting requests. Consult the logs and documentation for the WS-Management service running on the destination, most commonly IIS or WinRM. If the destination is the WinRM service, run the following command on the destination to analyze and configure the WinRM service: "winrm quickconfig". For more information, see the about_Remote_Troubleshooting Help topic. At line:10 char:22 + $RemoteSession = new-pssession -computername $_ + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : OpenError: (System.Manageme....RemoteRunspace:RemoteRunspace) [New-PSSession], PSRemotingTransportException + FullyQualifiedErrorId : CannotConnect,PSSessionOpenFailed Invoke-Command : Cannot validate argument on parameter 'Session'. The argument is null or empty. Provide an argument that is not null or empty, and then try the command again. At line:12 char:67 + ... mputerName $_ -ArgumentList ($KBList) -Session $RemoteSession -Script ... + ~~~~~~~~~~~~~~ + CategoryInfo : InvalidData: (:) [Invoke-Command], ParameterBindingValidationException + FullyQualifiedErrorId : ParameterArgumentValidationError,Microsoft.PowerShell.Commands.InvokeCommandCommand

Remove-PSSession : Cannot bind argument to parameter ‘Session’ because it is null.
At line:51 char:32

  • Remove-PSSession -Session $RemoteSession
  • CategoryInfo : InvalidData: (:slight_smile: [Remove-PSSession], ParameterBindingValidationException
  • FullyQualifiedErrorId : ParameterArgumentValidationErrorNullNotAllowed,Microsoft.PowerShell.Commands.RemovePSSessionCommand

Does it mean that it is failed for Windows Server 2008 R2?
How to fix the script line so it would work?

Any help would be greatly appreciated.

Thank you

I got this console prompt when testing running that command in the Windows Server 2008 R2 VMs:


PS C:\> winrm quickconfig WinRM already is set up to receive requests on this machine. WinRM is not set up to allow remote access to this machine for management. The following changes must be made:

Create a WinRM listener on HTTP://* to accept WS-Man requests to any IP on this machine.
Enable the WinRM firewall exception.

Make these changes [y/n]?

The problem is there are 100+ of them, and how do I enable it on all of those servers via GPO or different script?

Please when you crosspost the same question in more than one forum at the same time mention that in all posts to avoid people willing to help you doing work unnecessarily twice. Thanks.