Cyber Security

Active Directory: Send Messages to all currently logged on Users (msg.exe)

Do you remember the net send command? And do you remember the security concerns? Last week I played with msg.exe. Msg is the “new” net send. I tried to send a message to all users and computers in my domain. Why? I wanted to instruct all users to close all open programs. And now I want to keep and share this knowledge in form of this blog post.

Introduction (msg.exe)

Msg sends a message to a user. This user must be logged in as a domain user (Domain Profile). Which means that the following only works in a domain environment. For network technicans: msg uses Port 445 (SMB/CIFS). If you send a message to a user you have to provide a computername and a username. Or you can try sending a message to yourself:

msg * "Hallo, this is a test!"


* means, that the message is send to all logged on users. Keep in mind that Windows is a multi-user operating system. Don’t forget the others! 😉


The headline is somewhat misleading. Yes, we are going to send messages to all users, but actually to all computers. Suppose all your client computers are stored in specific Organizational Unit called Workstations. You want to inform all users logged on to this computers. I am going to use Invoke-Command. Make sure, your client computers accepts Remote PowerShell commands. You can run Enable-PSRemoting on each of them. Or you could configure WinRM by using Group Policies:

Group Policies: Enabling WinRM for Windows Client Operating Systems (Windows 10, Windows 8, Windows 7)


  • All Computers must reside in the same domain
  • WinRM has to be enabled on the client computers by running Enable-PSRemoting or by configuring via Group Policies, as described in the link above. Note that on Windows Server 2012/2016 operating systems WinRM is enabled by default, but not on Windows Client systems.

Sending Messages to all Users: PowerShell and Msg.exe in Action

The following One-Liner gets all the computernames of the OU Workstations in the domain Afterwards msg is executed for each computer in the OU Workstations. The message is send to all users which are currently logged on.

(Get-ADComputer -SearchBase "OU=Workstations,DC=sid-500,DC=com" -Filter *).Name | Foreach-Object {Invoke-Command -ComputerName $_ {msg * "Please close all open files. The Server will be shut down in 5 Minutes"}}


Client01 is a member of the OU Workstation. Client01 receives the message.


Have fun playing with msg!

See also

For more remote actions see also:

PowerShell: Enable Remote Desktop on multiple Servers remotely (Bulk)

PowerShell: Using Restart-Computer to restart your Computer and Remote Computers

33 replies »

  1. Hello,

    I have tried from a PS with admin rights in one machine from domain, but I receive the following message:

    Get-ADComputer : The term ‘Get-ADComputer’ is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again.

    Read several cases about this but still I didnt figure out, how to solve it. Do you know how can be resolved?

    Thanks in advance!


  2. i have tested it in my test environment and it is working very well, the issue is on my production environment which has a lot of computer accounts, how to i make the script run faster because it takes a very long time for the script to get executed.


  3. The Script Worked perfectly in my Test Environment, but in the Production Environment it takes too Long to get executed. is there anything to help to quicken it?


  4. Hello
    If the computer is turned on we receive error messages
    [PC1] Connecting to remote server PC1 failed with the following error message: WinRM service can not
    finish the operation. Check whether the computer name provided is correct and whether the computer is available on the network and whether the exception is
    firewall for the WinRM service is enabled and allows access from this computer. By default, the firewall exception for the WinRM service in
    If there are public profiles, restricts access to remote computers that are on the same local subnet. For more
    information, see the about_Remote_Troubleshooting Help topic.
    + CategoryInfo: OpenError: (PC1: String) [], PSRemotingTransportException
    + FullyQualifiedErrorId: WinRMOperationTimeout, PSSessionStateBroken
    How to send on computers only on-line?


      • Yes everything is set correctly. If the PC is an online message appears. If the PC is offline it receives an error in the script as I wrote. It is very slow to run as there is 100 PC in the network


  5. not working.
    I run this command in power shell:

    (Get-ADComputer -SearchBase “OU=HR,DC=mydomaint,DC=com” -Filter *).Name | Foreach-Object {Invoke-Command -ComputerName $_ {msg * “This is Test Message”}}

    got this error

    Invoke-Command : Cannot validate argument on parameter ‘ScriptBlock’. The argument is null. Provide a valid value for the argument, and then try running the command again.
    At line:1 char:118
    + … er *).Name | Foreach-Object {Invoke-Command –ComputerName $_ {msg * …
    + ~~
    + CategoryInfo : InvalidData: (:) [Invoke-Command], ParameterBindingValidationException
    + FullyQualifiedErrorId : ParameterArgumentValidationError,Microsoft.PowerShell.Commands.InvokeCommandCommand

    please help!


      • Hi, Now i got this error

        Invoke-Command : Cannot validate argument on parameter ‘ComputerName’. The argument is null or empty. Provide an
        argument that is not null or empty, and then try the command again.
        At line:1 char:117
        + … ter *).Name | Foreach-Object {Invoke-Command -ComputerName $_ {msg * …
        + ~~
        + CategoryInfo : InvalidData: (:) [Invoke-Command], ParameterBindingValidationException
        + FullyQualifiedErrorId : ParameterArgumentValidationError,Microsoft.PowerShell.Commands.InvokeCommandCommand

        Any idea?


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.