by jhenke at 2013-04-02 11:22:26
I have on a server that I want to copy to another network share.
If I manually RDP to that server I can execute this copy using powershell copy-item.
Taking this a step further, I want to use remote sesssions to loop through many servers and copy this file to the network share.
To accomplish this, I created a script to read a list of servers. From there, I establish a remote session using the same administrative ID I used for the manual test. I confirmed that I am able to loop through the servers and establish a remote session by returning the computer name of each server. So far so good.
However, when I try to execute the copy-item command – the same one I used for the manual test, with the same ID it returns Access is denied (pointing to the destination share – again the same one that works manually from any of these servers.)
In troubleshooting this, I established a remote session interactively, taking my script out of the equation.
$cred=get-credential -credential "we\xxinstsap"
$sSID = "SME"
$sHost = "sapsm-xavw90"
$RS = new-pssession -name $sSID -computername $sHost -credential $cred
Copy-Item $sourcefile $destdirectory
I have tried literal paths instead of variables, but either way, it returns Access denied. Again, this works if I run it from the server. So, this appears to be an issue with the remote session.
If anyone has any suggestions, I would be be very greatful!
by DonJ at 2013-04-02 11:29:17
This is a classic "second hop" issue resulting from a default inability to use your delegated credential for further network access. You will typically need to enable CredSSP. See "Secrets of PowerShell Remoting" at PowerShellBooks.com.