Cyber Security

Restart all Domain Computers by using PowerShell

In this article I show how to force restart of all domain computers by using the command Restart-Computer.


List all Computer Names by Oranizational Unit

First, I need a list of all domain computers. In a cleaned up environment all domain computers are stored in a separate organizational unit. If this is the case then the list of all computers can be retrieved there.

(Get-ADComputer -Filter * -SearchBase "OU=Workstations,DC=pagr,DC=inet").Name | Out-File c:\Temp\computers.txt

The computer names are stored in a file. You can also use a variable.


List all Computer Names by Attribute

As already mentioned, tidy environments are rare. The domain computers may be somewhere around, there is a tohuwabohu (a hot tip: Container Computers). Then you can search them by using  the operating system attribute to catch all of them. All client computers, but no servers.

(Get-ADComputer -Filter 'operatingsystem -notlike "*server*"').Name | Out-File C:\Temp\computers.txt

The Firewall: WMI Incoming

The WMI inbound firewall rule must be enabled on all domain computers. This can be done manually  or by a Group Policies.


Restart in Action

I recommend all readers to stop now and ask yourself: “Do you really want to restart all those computers?” 😉 Control the list of computers carefully. Now all computers are restarted. Open files are not saved and the user is logged off. This could be unpleasant if you catch the “wrong”.

Restart-Computer -ComputerName (Get-Content C:\Temp\computers.txt) -Force -ErrorAction SilentlyContinue -ErrorVariable NoRestart

The -Force parameter forces a restart even when users are logged on. The -ErrorAction parameter does not display any errors (computers in the database can be offline). The -ErrorVariable parameter stores errors in the variable NoRestart.


After completing, you can see that my machine client01 is not accessible. This information is stored in the variable NoRestart.


The list of computers that have not restarted will be saved by computer name. For checking run the following command to retrieve all “No Restart” computers by computername and to save them in a file.

$NoRestart.targetobject | Out-File C:\Temp\NoRestart.txt


This approach is not a replacement for an Enterprise Solution like SCCM. But for those who cannot use an Enterprise Solution this article can be helpful to restart all Computer by a One-Liner in PowerShell.

For forcing a gpupdate on all domain computers see my article: PowerShell: Force gpupdate on all Domain Computers

For documenting your environment see: PowerShell: Documenting your environment by running systeminfo on all Domain-Computers

6 replies »

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.