Cannot move file using invoke command to UNC path

This topic contains 5 replies, has 2 voices, and was last updated by  David Zemdegs 2 years, 5 months ago.

  • Author
  • #34407

    David Zemdegs

    I have the following code:

    Invoke-Command -ComputerName (Get-ADDomainController -filter * | select -ExpandProperty name) -ScriptBlock {
    move-item 'E:\Maintenance\*.evt' "\\LogServer\SecurityLogs$\$env:computername" -force

    When it runs it fails with:
    'The system detected a possible attempt to compromise security. Please ensure that you can contact the server that authenticated you'
    What can I do to make this work please?
    David Z

  • #34409

    Don Jones

    Well, couple things you might need to try.

    First, you're likely running into the "second hop" problem by attempting to have the remote machines contact \\LogServer. See "Secrets of PowerShell Remoting" for a description of the double-hop stuff.

    Second, you can test that by trying to run:

    Invoke-Command -ComputerName (Get-ADDomainController -filter * | select -ExpandProperty name) -ScriptBlock { Write-Output $env:COMPUTERNAME }

    Just to test that it's not the first hop causing a problem.

  • #34410

    David Zemdegs

    Thanks – I ran your script and it works fine – the computer names are displayed. I thought it might be a CredSSP issue but this script worked before xmas and now doesn't work. The only thing that has changed is that the DCs have been restarted. The DCs are all w2k3 with POSH V2 btw (don't ask!).
    Is there any other way to test if it is indeed a double hop issue?

  • #34411

    Don Jones

    It almost certainly is. Try moving the files to some other local path. If that works, it's the double-hop.

  • #34412

    David Zemdegs

    Well I could put a script on all the domain controllers but that's yuck as I'm trying to replace vbscripts on all DCs that are currently doing the job. Just when I thought WinRM is my friend I see that she has some life issues 🙂

  • #34413

    David Zemdegs

    btw – Your chapter "Accessing Remote Computers' has a section called "The Second hop'. In the first paragraph it refers to Figure 2.25. Is this supposed to be 2.34?

You must be logged in to reply to this topic.