Help with setting up PSRemoting

This topic contains 4 replies, has 3 voices, and was last updated by Profile photo of jason parrish jason parrish 2 years, 4 months ago.

  • Author
    Posts
  • #17762
    Profile photo of jason parrish
    jason parrish
    Participant

    Help!

    From my client (Windows 7) PC, running in domain A, I can successfully connect to several Windows 2008R2 servers sitting in domain B; however, only one of the servers returns any values to any cmdlet e.g,, "Invoke-Command -ComputerName hostname -ScriptBlock { Get-childItem c:\ } -credential administrator". The weird thing is that the cmdlet appears to execute, but returns nothing, not even an error.

    Here's what I've tried so far...

    1. I can successfully connect to all W2008R2 servers using "Test-WsMan hostname from my client PC"

    2. I can successfully connect to all W2008R2 servers using "enter-pssession -computername hostname -credential administrator" With the exception of one server (Server A), no values are output from any cmdlet that I run whilst connected e.g. get-childitem with the exception of one of the servers

    Any suggestions?

  • #17764
    Profile photo of Don Jones
    Don Jones
    Keymaster

    Try providing DOMAIN\Administrator instead of just the username. Does that make any difference?

  • #17765
    Profile photo of Adnan Rashid
    Adnan Rashid
    Participant

    I was bit confused about what your asking, so for computers sitting in domain B, only a single server responds to cmdlets, is that right?

    However in point 2 you mentioned you can connect to all 2008 R2 servers, except one server?

    If you just did something like [b]get-process -computername hostname[/b] instead of invoke-command does that return anything for you?

  • #17784
    Profile photo of jason parrish
    jason parrish
    Participant

    @Don – Thanks for the suggestion. I only have local admin access to each of the remote servers, all sitting in domain B. There's no trust relationship setup between domain A (where my client sits) and domain B. Below are the commands and output from establishing a connection. Now the interesting thing here is that although the cmdlet "get-childtem" doesn't produce any results, just for the heck of it I tried running "get-process", and to my surprise it does.

    PS C:\Windows\system32> $cred = get-credential administrator (I enter the password to the GUI prompt)

    enter-PSSession -computername dev-xx45-01 -credential $cred

    [dev-xx45-01]: PS C:\Users\Administrator\Documents> dir

    [dev-xx45-01]: PS C:\Users\Administrator\Documents> get-childitem

    [dev-xx45-01]: PS C:\Users\Administrator\Documents> get-process

    Handles NPM(K) PM(K) WS(K) VM(M) CPU(s) Id ProcessName
    ——- —— —– —– —– —— — ———–
    608 11 1936 2120 47 57.92 368 csrss
    112 8 1668 2036 44 26.77 3996 csrss
    72 9 1480 600 42 9.17 4532 csrss
    189 15 4084 5128 55 20.97 1444 dllhost
    67 7 1416 2780 53 0.02 1464 dwm
    479 31 9976 13436 150 1.17 1584 explorer
    0 0 0 24 0 0 Idle
    1668 85 1484456 1385880 -1772 8,372.28 3916 java
    156 23 9228 1804 86 0.28 3312 LogonUI
    1509 31 9900 15672 51 880.89 524 lsass
    .
    .
    .
    .

    [dev-xx45-01]: PS C:\Users\Administrator\Documents>

    @Adna – Sorry about the confusion. What I meant to say is that only 1 of the 5 servers that I can connect to ever produces results to any cmdlet (or any native command, like DIR) I run, when connected on a persistent remoting connection. Which is weird, I must be connected though, because the PS prompt changes to the session (remote server) that I'm connected to (see above copy and paste from my a established connection).

    Note: All the servers are in a development environment. I watched a video on youtube entitled "21 PowerShell Remoting Basics"; I think it was the same Don who responded to this thread, so I know the way to go is SSL certs, but for now I'd just be happy to get up to speed with some powershell basics before battling it out with the internal security and audit folks to make production changes (they're a conservative bunch of folks – for good reason).

    As for your suggestion, I need to provide local admin credentials (local to the servers that is), so unless the cmdlet allows me to provide them, I can't run them. However, I'm trying to get around this by establishing a persistent connection for now.

  • #17785
    Profile photo of jason parrish
    jason parrish
    Participant

    Egg on face. The directory that I connected to doesn't have any files within it, so it's hardly surprising that get-childitem didn't return any results. To err is human.

You must be logged in to reply to this topic.