Remote Commands for Windows

Remote Commands is a powerful feature that allows IT administrators to execute commands remotely on Windows devices within their environment. Although commands can be run via command prompt or PowerShell, however there can be chances of human error. This eliminates the need for manual intervention and reduces the risk of human error.

As a result, Remote Commands are a way to interact with the devices remotely, like configuring Windows Firewall, Fetch OS License details, Join domain, and more.

With Scalefusion MDM, admins can create remote commands via Scalefusion Dashboard, which can then be launched on managed devices to perform a set of actions remotely. This documentation will guide you through the process of creating and executing remote commands to effectively manage your Windows devices.

Pre-requisites

1. Scalefusion MDM Agent’s latest version (v15.4.2) should be installed on devices.

2. Supported OS and Device Configurations: Windows (10 or above) Pro, Enterprise, Business, Education, Home

3. Users should be subscribed to Scalefusion's Enterprise Plan

Creating Remote command(s) for Windows

1. On the Scalefusion dashboard, navigate to Remote Support and click on Remote Commands.

2. Click on Create button and in the new window that opens select Windows tab.
   
   

3. Here you will see a list of remote commands available for Windows.
   

A. Configure Windows Firewall

This will help you send a command to enable or disable Windows Firewall.

1. Click on Configure Windows Firewall to open the command creation wizard.
   

   1. Provide a Name to this command.

   2. Domain Profile: choose to Enable or Disable it or keep it Default by clicking on the down arrow button next to the field.

   3. Private Profile: choose to Enable or Disable it or keep it Default by clicking on the down arrow button next to the field.

   4. Public Profile: choose to Enable or Disable it or keep it Default by clicking on the down arrow button next to the field.
      

2. Once you have set the above fields, click on Save.

3. The Remote command will start showing up in the list of commands.
   

4. From here you can push the command to devices instantly by clicking on the 3-dots under Actions > clicking on Run Now.
   

B. Fetch OS License Details

This will help you send a command to get OS license details from the Windows devices.

1. Click on Fetch OS License Details to open the command creation wizard.

2. Provide a Name to this command and click on Save.
   

3. The Remote command will start showing up in the list of commands.
   

4. From here you can push the command to devices instantly by clicking on the 3-dots under Actions > clicking on Run Now.
   

C. Manage Windows Service

This will help you send a command to Start/Stop/Restart Windows service.

1. Click on Manage Windows Service to open the command creation wizard.
   

2. Provide a Name to this command.

   1. Service Name: Enter the name of the service that you want to start/stop/restart. Please make sure the name is correct or as it shows in the Services app. For example,
      

   2. Select Action: choose the action that you want to perform- Start or Stop or Restart.
      

3. Once you have set the above fields, click on Save.

4. The Remote command will start showing up in the list of commands.
   

5. From here you can push the command to devices instantly by clicking on the 3-dots under Actions > clicking on Run Now.
   

Note

Services for which user doesn’t have access to Start or Stop or restart, for that, the remote command will not Start/Stop/restart the service - e.g. Windows defender firewall.

D. Auto Lock Screen Time

This will help you configure the automatic lock screen timeout based in inactivity and send it as a command to Windows devices.

1. Click on Auto Lock Screen Time to open the command creation wizard.
   

2. Provide a Name to this command.

   1. Enter the timeout value in seconds. It should be between 0 to 599940 seconds.

   2. Force Restart Device: This will force restart the device after 5 minutes to apply the settings.
      

3. Once you have set the above fields, click on Save.

4. The Remote command will start showing up in the list of commands.
   

5. From here you can push the command to devices instantly by clicking on the 3-dots under Actions > clicking on Run Now.
   

E. Join/Unjoin Domain

This will help you send a command to add or remove a device from the local Active Directory domain.

1. Click on Join/Unjoin Domain to open the command creation wizard.
   

2. Provide a Name to this command.

   1. Select Action: Choose to Join or Unjoin the domain.

   2. Domain Name: Enter the local Active Directory domain name.

   3. AD Admin username: Enter an Admin username who is part of local Active Directory Administrator’s group.

   4. AD Admin password: Enter the password of the admin that is added above.

   5. Force Restart Device: This will force restart the device, after 5 minutes, to apply the settings.
      

3. Once you have set the above fields, click on Save.

4. The Remote command will start showing up in the list of commands.
   

5. From here you can push the command to devices instantly by clicking on the 3-dots under Actions > clicking on Run Now.
   

F. Set Windows Display Scaling (%)

With this command you can customize Windows display scaling. It can be set to between 100% to 500%.

1. Click on Set Windows Display Scaling to open the command creation wizard.
   

2. Provide a Name to this command.

   1. Enter Scaling Percentage: Enter a custom scaling size between 100% to 500%. Higher values than this are not recommended.

   2. Force Logoff: This will force log off the user to apply settings.

   3. Execution Level: Choose as User.

   4. Execution Context: Choose on to which users this command will be applied. You can choose:

      1. All Users

      2. Enrolled User

      3. Administrators

      4. Standard Users

      5. Specific User

   5. User name: When you select Specific User in the Execution Context then this field will become active, and you can specify the username here on which this command will be applied. Please note that you can only specify a single username here.
      

3. Once you have set the above fields, click on Save.

4. The Remote command will start showing up in the list of commands.
   

5. From here you can push the command to devices instantly by clicking on the 3-dots under Actions > clicking on Run Now.
   

G. Set Device Volume level (%)

This will help you send a command to device(s) and set the volume on them to a specific level. It can be set to between 0% to 100%.

1. Click on Set Device Volume level to open the command creation wizard.
   

2. Provide a Name to this command.

   1. Enter Level (0-100): Enter the value here. It should be between 0-100.
      

3. Once you have set the above fields, click on Save.

4. The Remote command will start showing up in the list of commands.
   

5. From here you can push the command to devices instantly by clicking on the 3-dots under Actions > clicking on Run Now.
   

H. Defrag Hard Drive

This will help you send a command to perform defragmentation on specified drives(s).

1. Click on Defrag Hard Drive to open the command creation wizard.
   

2. Provide a Name to this command.

   1. Comma Separated Drive List: Enter a single drive name (D:) or comma separated drive names (eg. D:, E:).
      

3. Once you have set the above fields, click on Save.

4. The Remote command will start showing up in the list of commands.
   

5. From here you can push the command to devices instantly by clicking on the 3-dots under Actions > clicking on Run Now.
   

I. Disk Cleanup

This will help you send a command to perform disk cleanup on specified drives.

1. Click on Disk Cleanup to open the command creation wizard.
   

2. Provide a Name to this command.

   1. Comma Separated Drive List: Enter a single drive name (D:) or comma separated drive names (eg. D:, E:).
      

3. Once you have set the above fields, click on Save.

4. The Remote command will start showing up in the list of commands.
   

5. From here you can push the command to devices instantly by clicking on the 3-dots under Actions > clicking on Run Now.
   

J. Uninstall Application

This will help you send a command to uninstall application on Windows devices.

Note:

If an application requires interactive uninstallation process, in that case this command will not be able to uninstall that application.

1. Click on Uninstall Application to open the command creation wizard.
   

2. Provide a Name to this command.

   1. Application Name: Provide package name of an application which is available in the add remove program in the device and for UWP apps through appx package.
      

      Note:

      To find out the UWP app’s appx package name, please run the below command in Window PowerShell.

      get-appxpackage -name "*app-name*"

      For example:

      get-appxpackage -name "*Skype*"

   2. Execution Level: You can choose Device or User level.

   3. Execution Context: Choose on to which users this command will be applied. You can choose:

      1. All Users

      2. Enrolled User

      3. Administrators

      4. Standard Users

      5. Specific User

   4. User name: When you select Specific User in the Execution Context then this field will become active, and you can specify the username here on which this command will be applied. Please note that you can only specify a single username here.
      

3. Once you have set the above fields, click on Save.

4. The Remote command will start showing up in the list of commands.
   

5. From here you can push the command to devices instantly by clicking on the 3-dots under Actions > clicking on Run Now.
   

K. Delete Files/Folders

This will help you send a command to delete File(s) or Folders on the Windows devices.

1. Click on Delete Files/Folders to open the command creation wizard.
   

2. Provide a Name to this command.

   1. Folder Location: Enter the full path of the Folder.
      E.g.: C:\Users\JohnDoe\Documents\Projects

   2. File Name/Pattern: Enter the filename or pipe separated filenames or use pipe separated patterns like *.*.
      E.g.: C:\Users\JohnDoe\Documents\Projects\Report.docx

      1. Recursive File Search: This will search through directories and their subdirectories to find files that match specific criteria, such as file names, extensions.

      2. Delete Folders (and Subfolders): When you have specified a Folder path, and this check box is selected then this will delete all the folders and subfolders within it.

   3. Execution Level: You can choose Device or User level.

   4. Execution Context: Choose on to which users this command will be applied. You can choose:

      1. All Users

      2. Enrolled User

      3. Administrators

      4. Standard Users

      5. Specific User

   5. User Name: When you select Specific User in the Execution Context then this field will become active, and you can specify the username here on which this command will be applied. Please note that you can only specify a single username here.
      

3. Once you have set the above fields, click on Save.

4. The Remote command will start showing up in the list of commands.
   

5. From here you can push the command to devices instantly by clicking on the 3-dots under Actions > clicking on Run Now.
   

L. Format Fixed/non-OS Drive

This will help you send a command to device(s) to format fixed drives where OS is not installed.

1. Click on Format Fixed/non-OS Drive to open the command creation wizard.
   

2. Provide a Name to this command.

   1. Comma Separated Drive List: Enter a single drive name (D:) or comma separated drive names (eg. D:, E:).
      

3. Once you have set the above fields, click on Save.

4. The Remote command will start showing up in the list of commands.
   

5. From here you can push the command to devices instantly by clicking on the 3-dots under Actions > clicking on Run Now.
   
   

Note:

If the drive is encrypted and it is formatted using this remote command, then the BitLocker will get removed (drive will get decrypted automatically).

Other Actions on Remote Commands

These actions can be accessed by clicking on the three vertical dots under the Actions heading on the right.

1. Edit: With this, you can edit the command details.

2. Last Run Report: Gives a summarized report of the status of the commands installed on the device.

3. Run Now: Will push the commands on the device(s) instantly.

4. Clone: Creates a copy of the existing command.

5. Delete: Deletes the Remote Command. A command, once deleted, cannot be recovered. To confirm the deletion of the command, you need to enter your Scalefusion Dashboard login password.

Profile based Settings for Remote Commands

In addition to executing the Remote Commands manually, IT admins can configure additional triggers to execute them whenever that event occurs (run at every login, schedule at a specific time etc.).

1. On Scalefusion Dashboard, navigate to Device Profiles & Policies > Device Profiles.

2. Edit an existing Windows Device Profile.

3. Click on Run Commands on the left panel. The Remote commands that you have created from the Remote Commands section will be displayed here with the following information:
   

   1. Name: Name of Remote Command which you entered at the time of creating it.

   2. Type: This will be PowerShell.

4. Following are the triggers you can configure:

   1. Run once on Publish: The command will get executed once as soon as the Profile is updated.

   2. Run at every login: The command will run every time the user logs in on the device.
      

   3. Run on Schedule: The command is executed on the given days and given time if the device is powered on. For scheduling, you can choose the following:

      1. Select Day: Displays the days of the week. You can select one or more days.

      2. Select Time: Select the time at which the command should be executed. You can set one time or more than one by clicking on the plus sign next to the time drop-down.