Run a script on a VM

Run scripts to assist with automation and admin tasks

You can use a VM powershell script to perform various action or gather data. 

Some examples of what you might use this for:

  • Create or modify AD users and groups
  • Configure or install various apps such as RMM tools
  • Set windows settings or registry entries
  • Perform automated tasks such as reboots
  • Email system information and statuses to admins
  • Run a script to gather support / help desk data
  • Standardise images pre or post deployment

The sky is the limit as you can automate almost anything with powershell. 

Note: This feature is in beta and is currently being upgraded to allow scripts to be run on a schedule and to one or more VM's.

To use this feature navigate to Manage > Virtual Machines > Open > Run script

Paste your powershell script into the textbox.

Add any parameters and their values that you wish to the script. Parameters can be used to tell the script to behave in different ways as well as not needing to hard code variables in the script. Parameters also will not show up in the script itself so can be used for sensitive information such as temporary passwords. Note that all parameters are string and may need to be converted to other types if required by the script. 

Click run. 

Caution: Scripts should be tested before using in production to confirm they perform as intended and meet security policies. Scripts can be dangerous if not implemented correctly.

Below is an example script, showing parameter usage, logging and creating an AD user:

# Example powershell script for use with MyCloudIT scripting feature
# v1.00
param($jsonParameters)

# Load Parameters from MCIT UI
$logFile = "C:\MCIT-TestLogFile.log"
$jsonObject = $jsonParameters | ConvertFrom-Json

$mode = [int]$jsonObject.mode
$username = $jsonObject.username
$tempPass = $jsonObject.tempPass
$group = $jsonObject.group

if( Test-Path -path $logFile ){ Remove-Item $logFile -Force; Start-Sleep -Seconds 2 } # Delete the log file if it exists

$dte = (Get-Date -Format G)
Add-content $logFile -value "-- Log file start at: $dte --"

if( $mode -eq 1 ){
    Add-content $logFile -value "The mode is set to: $mode so we will new-aduser"
    Add-content $logFile -value "Attempting to create AD user named: $username"
    Import-Module activedirectory
    New-ADUser -Name $username -AccountPassword (ConvertTo-SecureString -String $tempPass -AsPlainText -Force) -Enabled $true -ChangePasswordAtLogon $false
    $theUser = Get-ADUser -Filter "Name -eq '$username'"
    Add-content $logFile -value "The new users SID is: $($theUser.SID.value)"
    Add-ADGroupMember -Identity $group -Members $theUser
}
elseif( $mode -ne 1 ){
    $dte = (Get-Date -Format G)
    Add-content $logFile -value "The mode is set to: $mode , so will will not do any operations."
}

Add-content $logFile -value "-- End log File --"

We can then see on the Domain Controller we ran this on has this in MCIT-TestLogFile.log:

-- Log file start at: 1/1/2022 4:00:00 PM --
The mode is set to: 1 so we will new-aduser
Attempting to create AD user named: Belinda
The new users SID is: S-1-5-21-1041452880-653220260-2180131924-11612
-- End log File --