Sometimes we would like shutdown our end-clients at a specific time due to some circumstances like save saving electric usage, maintenance and so on, right we have many options to performs this, I would like to share one an simple option with you and really hope you may use it.
Using Powershell we have this ability, just export bulk of computers from your Active Directory, filter irrelevant computers, and save the text file on your “C” Drive.
Open Powershell and follow the instructions:
I am going to use in “Stop-Computer” which is simple cmdlet in Powershell, the condition of using on “Stop-computer” demands us to enter credential e.g “pelegit.co.il\Administrator” and then ‘credential’ windows will be showing up and you need to enter a password.
If you want to perform the shutdown just once, you can manage with it, but if you want to shutdown in a permanent way likewise, every Thursday it means that you have to insert a password into your script right?
The last tiny problem is that I don’t want that my password will be shown as clear text, guess you know why – because if someone finds it he goes to make many troubles on my domain, therefore I am going to encrypt my password.
— The ‘$Pass’ value contains my password.
$secureString = Read-Host -AsSecureString -Prompt 'Enter you password.'
$secureString | ConvertFrom-SecureString | Out-File -FilePath C:\Pass1.txt
$Pass =cat C:\Pass1.txt | ConvertTo-SecureString
$Mycreds = New-Object System.Management.Automation.PSCredential -argumentlist "Pelegit.co.il\Administrator", $pass
$s = Get-Content C:\Shutdown\Windows10Clients.txt
Stop-Computer -ComputerName $s -Force -ThrottleLimit 10 -Credential $Mycred
What do we have left? – just create task scheduler with the day and time we want to run it.
Once you generated the password on a certain machine you will not be able to move that script and run it on different machine, while you generated the password from your machine the file signed by local PowerShell certificates which means that only that specific machine is allowed to use this encrypted password, and indeed, according to you execution policy.