Access Servers across untrusted Domains.

Welcome Forums General PowerShell Q&A Access Servers across untrusted Domains.

Viewing 1 reply thread
  • Author
    Posts
    • #183810
      Participant
      Topics: 1
      Replies: 0
      Points: 12
      Rank: Member

      Hey Guys, first time posting here. I have several PS scripts that used to work accessing SQL servers on an untrusted domain. Several weeks ago they started failing with error below. I know the user ID and password are correct because they work if I'm on the server in the untrusted domain. I'm using a try/catch block and the error is contained in $_.Exception.ItemName. Are there any other ways to get to the real reason this isn't working or some event log on the server in the untrusted domain I could search? Code listed below. Error is happening on SMOserver.readerrorlog() . Any help is greatly appreciated!

      Thanks,

      Lynn

      $mySrvConn = new-object Microsoft.SqlServer.Management.Common.ServerConnection
      $mySrvConn.ServerInstance=$AServer
      $mySrvConn.LoginSecure = $false
      $mySrvConn.Login = "sqllogin"
      $mySrvConn.Password = $pwd
      $mySrvConn.AutoDisconnectMode = 1
      $SMOserver = new-object Microsoft.SqlServer.Management.SMO.Server($mySrvConn)

      $logdate = (get-date).AddDays(-1)
      $results = $SMOserver.readerrorlog() | where-object{$_.logdate -gt $logdate -and $_.processinfo -eq 'Logon' -and $_.text -eq (select-string -pattern 'Login Failed' -InputObject $_.text)}

      Exception calling "ReadErrorLog" with "0" argument(s): "Failed to connect to server Data Source=Win-Servername-001.domain.hosting.int;User ID=sqllogin;Password=xxxxxxxx;MultipleActiveResultSets=False;Encrypt=False;TrustServerCertificate=False."

    • #184092
      Participant
      Topics: 2
      Replies: 127
      Points: 662
      Helping Hand
      Rank: Major Contributor

      Hi there,

      Ensure PS Remoting is enabled and also check the TrustedHosts value...

      Get-Item WSMan:\localhost\Client\TrustedHosts
      it should be either the IPs, ServerName or '*' (* is not suggestable for PROD cases.)
Viewing 1 reply thread
  • You must be logged in to reply to this topic.