如何使用远程PC的Get-MPComputerStatus？

Question

我试图远程获取域pc的反病毒状态，使用powershell脚本。以下代码按预期工作，但我不知道如何将-computername参数传递给命令。它将返回运行脚本的本地pc的恶意软件状态，但不返回AD pc的恶意软件状态。其他变量(如位置、设备名称、序列号)将正确返回：

    import-module ActiveDirectory

Get-ADComputer -filter "name -like '*'" |
Select -expandproperty name |

    ForEach {

 
  
   $results =  % { Get-ADComputer -Identity $_ -Properties Description }
   
   $cs = gwmi win32_bios -ComputerName $_ -ErrorAction SilentlyContinue

   $os = Get-Wmiobject -class Win32_operatingsystem  -computername $_  -ErrorAction SilentlyContinue  
         
   $bios = Get-WmiObject Win32_ComputerSystem -ComputerName $_ -ErrorAction SilentlyContinue 

 
      
   $rs =  Get-MpComputerStatus 

 #$rs = Get-WmiObject Win32_ComputerSystem -ComputerName $_ -ErrorAction SilentlyContinue |  Get-MpComputerStatus 

   $Object = New-Object PSObject -Property @{
    
    
       "Device Name" = $results.name 
       "Physical Location" = $results.description
       "Employee" = $bios.UserName        
       "Last Logon Date" = $results.LastLogonDate
       "Category" = $bios.ChassisSKUNumber
       "Vendor" = $bios.Manufacturer
       "Make/Model" = $bios.Model
       "Serial Number" = $cs.SerialNumber        
       'OS' = $os.caption
       'Malware Updated' = $rs.AntivirusSignatureLastUpdated
       'AntiSpyware Status' = $rs.AntispywareEnabled
       'AntiMalware Version' = $rs.AMServiceVersion
     
        }
        

       $Object |
  Select-Object "Physical Location", "Employee", "Device Name", "Malware Updated",'AntiSpyware Status','AntiMalware Version', "Serial Number", "Vendor", "Make/Model", "OS"|
  Export-Csv  -Append -Force  -NoTypeInformation "$($env:USERPROFILE)\documents\WinDef.csv"  #"c:\data\asset_inventory2.csv
 }

Answer 1

您可以使用-CimSession，如MS中所解释的：

在远程会话或远程计算机上运行cmdlet。输入计算机名称或会话对象，例如或cmdlet的输出。默认值是本地计算机上的当前会话。

或者你可以$rs=Invoke-Command RemoteComputer {Get-MpComputerStatus}