What's easier: Have PS create batch file, or run this command in PS?

Happy New Year!

To start, I am VERY VERY NEW when it comes to scripting and powershell, so I apologize in advance. One of the facets of my new job is to learn Powershell and figure out how we can use this in my environment to make certain tasks easier. One of the first tasks is auditing a list of computers using dumpsec.exe and appending to a file the results of that command to a text file which I need to view later to determine if computers have are able to have a 0 length password (thus determining if group policy is properly affecting them or not).

I can’t do this quite in powershell because we’re stuck on an AD 2003 environment w/o AD Web Tools.

Using dumpsec, I am able to properly get it to scan each computer using a batch file with the following code:

for /f "delims=;" %%a in (c:\pcs.txt) do c:\dumpsec.exe /computer=\\%%a /rpt=policy /saveas=csv /outfile=c:\%%a.txt & copy /a c:\allcomputers.txt + c:\%%a.txt c:\allcomputers.txt & del c:\%%a.txt

The next step is I was attempting to add the ability to ping a computer first from PS, and then run the command. This is where I’m having the problem at.

foreach ($name in $names){
    if (Test-Connection -ComputerName $name -Count 1 -ErrorAction SilentlyContinue){
        Write-Host "$name is up" -ForegroundColor Green
        CMD /c dumpsec.exe /computer=\\$name /rpt=policy saveas=csv /outfile=C:\$name.txt "&" copy /a C:\allcomputers.txt + C:\$name.txt C:\allcomputers.txt $ del C:\$name.txt
        Write-Host "$name is down" -ForegroundColor Red

As you can see, I’m trying to pass the variable from powershell and run it using a standard command prompt. While dumpsec.exe tries to run, it in itself fails with the error message that /rpt and /outfile are missing (even though they are there).

Would this be easier (and possible) to have Powershell kind of run command prompt in a separate window using the variable from the computer that successfully pinged? Or am I just typing this in a wrong way in powershell and it would be easier to keep there?

You probably want to add -Quiet to Test-Connection, as that’ll make it return True/False, which seems to be what you’re expecting.

You don’t have to use CMD. Just run Dumpsec.exe. The problem you’re getting is because PowerShell’s trying to parse the syntax; you may need to fuss with using double quotes around the arguments to get it to not do that. Alternately, as you suggest, drop a batch file and run that. Neither is “easier” per se. Whatever you prefer.

First of all: great decision to learn Powershell. I believe it will pay off for you in the future. Here are some good starting points if you need: Beginner Sites and Tutorials

To run your dumpsec.exe and to have a little more control over it you could use Start-Process