PoshCode Logo PowerShell Code Repository

Stop-ProcessRemote by 1099107410721072 3 weeks ago (modification of post by Brian Wahoff view diff)
diff | embed code: <script type="text/javascript" src="http://PoshCode.org/embed/6659"></script>download | new post

In an interesting design choice, Get-Process lets you work with processes on remote machines, but Stop-Process does not. This cmdlet uses WMI to stop a process on a remote machine.

The cmdlet uses your current credentials, I would like to expand it to run under alternate credentials if necessary.

  1. Function Stop-ProcessRemote()
  2. {
  3. <#
  4. .SYNOPSIS
  5.         Stops a process on a remote computer
  6. .DESCRIPTION
  7.         Uses WMI to connect to a remote computer and terminate a process.
  8.         Assumes the user has administrative priviledges on the remote
  9.         computer.
  10. .NOTES
  11.         Author      : Brian Wahoff
  12.         Requires    : Powershell V2
  13. .PARAMETER ComputerName
  14.         The remote computer to which you want to connect
  15. .PARAMETER Id
  16.         The PID of the process to stop (See Get-Process)
  17. .PARAMETER ProcessName
  18.         The name of the process to stop. Will stop all processes with the same name
  19. #>
  20.         param(
  21.                 [Parameter(Position=0, Mandatory=$TRUE)]
  22.                 [string]$ComputerName,
  23.                
  24.                 [Parameter(ParameterSetName="p1",Position=1,ValueFromPipeline=$TRUE)]
  25.                 [int]$Id,
  26.                
  27.                 [Parameter(ParameterSetName="p2",Position=1, ValueFromPipeline=$TRUE)]
  28.                 [string]$ProcessName)
  29.                        
  30.         if ($Id) {
  31.                 $query = "select * from Win32_Process Where ProcessID = {0}" -f $Id
  32.         } else {
  33.                 if ($ProcessName) {
  34.                         $query = "select * from Win32_Process Where Name = '{0}'" -f $ProcessName
  35.                 } else {
  36.                         throw 'Either $Id or $ProcessName is required'
  37.                 }
  38.         }
  39.        
  40.         $process = Get-WMIObject -computer $ComputerName -query $query
  41.         if ($process) {
  42.                 if ($process.count -gt 1) {
  43.                         foreach ($p in $process) {
  44.                                 Stop-WMIProcess($p)
  45.                         }
  46.                 } else {
  47.                         Stop-WMIProcess($process)
  48.                 }
  49.         } else {
  50.                 if ($ProcessName)
  51.                 {
  52.                         "Process '{0}' was not running on \\{1}" -f $ProcessName, $ComputerName
  53.                 } else {
  54.                         "Process '{0}' was not running on \\{1}" -f $Id, $ComputerName
  55.                 }
  56.         }
  57. }
  58.  
  59. Function Stop-WMIProcess($WmiProcess) {
  60. <#
  61. .SYNOPSIS
  62.         Stop a WmiProcess
  63. .DESCRIPTION
  64.         Wrapper function around WmiProcess.Terminate. Displays message
  65.         based on all documented return values. Not intended to be called
  66.         directly.
  67. .NOTES
  68.         Author          : Brian Wahoff
  69.         Requires        : Powershell V2
  70. .PARAMETER WmiProcess
  71.         The WMI Process object to terminate
  72. #>
  73.         $ret = $WmiProcess.Terminate()
  74.        
  75.         switch ($ret.ReturnValue)
  76.         {
  77.                 0 {
  78.                         "Process {0}:{1} terminated" -f $WmiProcess.Name, $WmiProcess.ProcessID
  79.                 }
  80.                 2 {
  81.                         "Access was denied terminating {0}" -f $WmiProcess.Name
  82.                 }
  83.                 3 {
  84.                         "Insufficient Privilege terminating {0}" -f $WmiProcess.Name
  85.                 }
  86.                 8 {
  87.                         "Unknown failure terminating {0}" -f $WmiProcess.Name
  88.                 }
  89.                 9
  90.                 {
  91.                         "Path Not Found"
  92.                 }
  93.                 21
  94.                 {
  95.                         "WMI Parameter Invalid"
  96.                 }
  97.         }
  98. }

Submit a correction or amendment below (
click here to make a fresh posting)
After submitting an amendment, you'll be able to view the differences between the old and new posts easily.

Syntax highlighting:


Remember me