Even though Windows 10 has made taking screenshots so much easier, using PowerShell for the same task still gives a lot of good use. But PowerShell doesn’t have the capability of taking screenshots out of the box. You will need to leverage .NET for a few things.
Here is a good example of taking a full window screenshot using PowerShell.
$File = 'fullpath\filename.png' Add-Type -AssemblyName System.Windows.Forms Add-type -AssemblyName System.Drawing # Gather Screen resolution information $Screen = [System.Windows.Forms.SystemInformation]::VirtualScreen $Width = $Screen.Width $Height = $Screen.Height $Left = $Screen.Left $Top = $Screen.Top # Create bitmap using the top-left and bottom-right bounds $bitmap = New-Object System.Drawing.Bitmap $Width, $Height # Create Graphics object $graphic = [System.Drawing.Graphics]::FromImage($bitmap) # Capture screen $graphic.CopyFromScreen($Left, $Top, 0, 0, $bitmap.Size) # Save to file $bitmap.Save($File, [System.Drawing.Imaging.ImageFormat]::Png) Write-Output "Screenshot saved to:" Write-Output $File
Running the script saves the current desktop in PNG format automatically at the location of your choice.
Guess what would be more useful? Taking the screenshot of a remote computer.
And that’s where the challenge comes in.
Since you will need to run the script as a currently logged-on user so it could take the screenshot on an active session, you can’t use Invoke-Command anymore.
The easy workaround is to use SysInternal’s popular PsExec command line to execute the script from a remote computer using the currently logged-in user’s session. Use the command line QUser to find the session ID if needed.
psexec -s -i $sessionID \$computer Powershell.exe -executionpolicy bypass -file "fullpath\script.ps1"
However, where I work, PsExec is blocked by the Anti-malware system because of its widespread popularity among hackers.
If you are using a paid version of PDQ Deploy, it’s relatively easy to set up a new package that runs the PowerShell script as a logged-on user.