Invoke Script...Access Denied

Welcome Forums General PowerShell Q&A Invoke Script...Access Denied

This topic contains 2 replies, has 3 voices, and was last updated by

1 year, 7 months ago.

  • Author
  • #75202

    Points: 55
    Rank: Member

    I composed a simple script that will export Printer shares (settings and drives) to a remote repository. This script works when I run it locally, however ideally I would like to invoke this script from a central server. My central server is logged in with domain admin credentials. The script runs with domain admin privileges and both servers (central server and print servers) are in the same domain.

    Here is the script that runs without issue on each server.

    #Export Printer migration files
    set-location C:\Windows\System32\spool\tools
    $TimeStamp = (Get-Date).tostring("yyyyMMdd")
    $PrintServer = '\\' + $env:COMPUTERNAME
    $Repository = '\\cfs02\utility$\updates\PrinterMigrationFiles\' + $env:COMPUTERNAME + '\'
    $FilePath = $Repository + $TimeStamp + '_' + $env:COMPUTERNAME + '.printerExport'
    #Launch Export Copmmand
    .\PrintBrm.exe -b -s $PrintServer -f $FilePath
    [array]$sortedRepo = Get-ChildItem $Repository | Sort-Object -Descending LastAccessTime
    #Clean up Repository to keep the last two latest files
    if ($sortedRepo.Length -gt 3){
            for($i=2; $i -lt $sortedRepo.Length; $i++){    
            Remove-Item $sortedRepo[$i].FullName 

    I place the above script on the central server and run this command

    $session = New-PSSession -ComputerName P5
    Invoke-Command -Session $session   -FilePath .\Export-TP_printers.ps1 

    I receive this output. The last entry indicates a failed access violation. I removed a portion of the printer queues for brevity. The last entry is a lie since I am running this as a domain admin.

    Operation mode: backup
    Target server: \\P5
    Target file path: \\cfs02\utility$\updates\PrinterMigrationFiles\P5\20170718_P5.printerExport.
    Queue publish mode: none
    Overwrite mode: keep existing settings
    .., TCP, TCP, TCP, TCP, TCP
    The following error occurred: 0x80070005.
    Access is denied.
    Check if you are an administrator or member of the administrators group.
    Check if you executed the tool with elevated permission.
    Check the eventlog for detailed information about the error which occurred.
  • #75205

    Points: 527
    Helping Hand
    Rank: Major Contributor

    Take a look at Secrets of Powershell Remoting in the eBooks section. The issue you are seeing is most likely a double-hop issue when you are trying to write to the remote share. If you just save the data to a local file (on server that is called), does the Invoke work?

  • #75209

    Points: 0
    Rank: Member

    You need to allow delegation of credentials from server A to server B using the Enable-WSManCredSSP cmdlet with the right parameters for your environment.
    Then when creating a new PSSession, use -Authentication Credssp.

    Double-hop issue as Rob mentioned.

The topic ‘Invoke Script...Access Denied’ is closed to new replies.

denizli escort samsun escort muğla escort ataşehir escort kuşadası escort