Using PoshPAIG without using PSEXEC

May 25, 2014 at 12:12 AM
Hi,

Is there a way using PoshPAIG without using PSEXEC? Since PSEXEC have security disadvantage because it transmit username/password in clear text across network.
Coordinator
Jun 3, 2014 at 1:38 PM
Unfortunately, there is not way to install patches without using PSExec at this time. I have been working on a variety of workarounds but none have worked so far. I have not been allowing passwords to be used in PoshPAIG as that was a known issue with PSExec. There is a newer version of PSExec that has been released that apparently encrypts the password that I am looking at using to allow non-domain installations.
Sep 16, 2014 at 8:49 PM
Shouldn't it be possible to use PowerShell Remoting?
Dec 12, 2014 at 7:50 PM
Edited Dec 12, 2014 at 7:50 PM
Shouldn't it be possible to use PowerShell Remoting?
Not nearly as easily. You can't access the Update over PS remoting. The CreateUpdateDownloader() and CreateUpdateInstaller() methods can't be called from a remote computer. You get E_ACCESSDENIED.

Some other Powershell modules handle this by using Powershell create a scheduled task on the remote system. A scheduled task isn't great though, because it makes it difficult to get notified when it completed, and the results of the tasks.
Apr 20, 2015 at 1:53 PM
Use the latest version of PsExec, which currently is v2.11:
https://msdn.microsoft.com/en-us/library/bb897553.aspx
From that page:
"Note that the password and command are encrypted in transit to the remote system."

So, as long as the latest version of psexec is used (maybe make a note in the release notes?), then this isn't an issue, which means that specifying creds would be secure.