Author Posts

January 1, 2012 at 12:00 am

by jhenke at 2013-04-02 11:22:26

I have on a server that I want to copy to another network share.

If I manually RDP to that server I can execute this copy using powershell copy-item.

Taking this a step further, I want to use remote sesssions to loop through many servers and copy this file to the network share.

To accomplish this, I created a script to read a list of servers. From there, I establish a remote session using the same administrative ID I used for the manual test. I confirmed that I am able to loop through the servers and establish a remote session by returning the computer name of each server. So far so good.

However, when I try to execute the copy-item command – the same one I used for the manual test, with the same ID it returns Access is denied (pointing to the destination share – again the same one that works manually from any of these servers.)

In troubleshooting this, I established a remote session interactively, taking my script out of the equation.

$cred=get-credential -credential "we\xxinstsap"
$sSID = "SME"
$sHost = "sapsm-xavw90"
$RS = new-pssession -name $sSID -computername $sHost -credential $cred
enter-pssession $RS
Copy-Item $sourcefile $destdirectory

I have tried literal paths instead of variables, but either way, it returns Access denied. Again, this works if I run it from the server. So, this appears to be an issue with the remote session.

If anyone has any suggestions, I would be be very greatful!

thanks,

Jeff Henke

by DonJ at 2013-04-02 11:29:17

This is a classic "second hop" issue resulting from a default inability to use your delegated credential for further network access. You will typically need to enable CredSSP. See "Secrets of PowerShell Remoting" at PowerShellBooks.com.