Author Posts

January 20, 2016 at 12:53 pm

Not only WMF 5.0 come with no documentation available whatsover for JEA ConstrainedEndpoint (try get-help New-PSSessionConfigurationFile -Parameter RunAsVirtualAccount)
But also none of those settings work!
Example below check endpoint called "jea" and it's property RunAsVirtualAccount. Then reads config file and checks what actually config file is set to which shows those parameters are not being processed at all. WMF 5.0 RTM is total disaster, half of the stuff does not work (in addition for being pulled for other reasons). I raised bugs in UserVoice but there is no move on those either.

[ADMIN]: PS > $a = Get-PSSessionConfiguration -name jea | Select ConfigFilePath, RunAsVirtualAccount
[ADMIN]: PS > $a

ConfigFilePath                                                                                         RunAsVirtualAcco
                                                                                                       unt
————–                                                                                         —————-
C:\Windows\System32\WindowsPowerShell\v1.0\SessionConfig\jea_ebf878f7-4829-4f95-8e60-e6999adbbb8a.pssc True


[ADMIN]: PS > Get-content $a.ConfigFilePath | select-String "RunAsVirtualAccount"

 RunAsVirtualAccount = $false

January 21, 2016 at 1:07 am

Hey GS,

Interesting verbage.. 😉

I've not had any problems with it. Can you try this? My results are below as well.

New-PSSessionConfigurationFile -VisibleCmdlets Get-* -Path .\GetSessions.pssc -RunAsVirtualAccount -Force
Register-PSSessionConfiguration -Name GetOnly -Path .\GetSessions.pssc -Force
$a = Get-PSSessionConfiguration -Name GetOnly | select ConfigFilePath,RunAsVirtualAccount
get-content $a.ConfigFilePath | Select-String "RunAsVirtualAccount"
PS C:\> $a

ConfigFilePath RunAsVirtualAccount
————– ——————-
C:\Windows\System32\WindowsPowerShell\v1.0\SessionConfig\GetOnly_d2a817d7-00aa-412e-a70d-cc583a6b25f6.pssc True

C:\> get-content $a.ConfigFilePath | Select-String "RunAsVirtualAccount"

RunAsVirtualAccount = $true
# RunAsVirtualAccountGroups = 'Remote Desktop Users', 'Remote Management Users'

January 21, 2016 at 5:05 am

Thanks,

This works on Windows 2012 R2 machine but no on Windows 8.1 machine. Both computers are having PS 5.0 RTM on them.
Also would you mind testing if file created is valid? Shows as invalid for me

PS C:\Windows\system32> Test-PSSessionConfigurationFile .\a.pssc -Verbose
VERBOSE: The member 'RunAsVirtualAccount' is not a valid key. Please change the member to a valid key in the file
C:\Windows\system32\a.pssc.
False

.

January 21, 2016 at 7:21 am

What edition of Windows 8.1 are you running? Virtual accounts may be one of those features only available in Enterprise / Professional / Whatever. Need to track down those details.

January 21, 2016 at 7:24 am

I run Win 8.1 Enterprise edition. Also as you can see above Test-PSSessionConfigurationFile even considers RunAsVirtualAccount parameter not valid in configuration file even on Windows 2012.

January 21, 2016 at 7:34 am

Hmm, weird. You may get the standard "the X is for Experimental" response for why xJea isn't quite there yet, but I'll send a mail to the MVP list with a link to this thread.

January 21, 2016 at 7:38 am

This is RTM version of Powershell, I don't think any of the parts of it are considered to be still Experimental. I deployed it in production and found half of the stuff is not working with Remoting in addition to missing helpfiles etc.

January 21, 2016 at 8:05 am

@dave Get the same with this using Win 10 (11099.rs1_release.160109-1156)

I had a look, at the problem is because there is a validation process done in Test-PSConfigurationFile which is not working as it should.

Test-PSSessionConfiguration file calls a method VerifyConfigTable, which as part of its validation routine checks against a set of constants contained in a collection, ConfigTypeEntry. RunAsVirtualAccount isn't in this list.

I'll see if i can get any more information on this.

January 21, 2016 at 8:08 am

System.Management.Automation.Remoting.ConfigFileConstants.ConfigFileKeys is the full qualified name

January 21, 2016 at 8:30 am

I opened a bug about it here sometime back as well https://windowsserver.uservoice.com/forums/301869-powershell/suggestions/11234487-new-pssessionconfigurationfile-does-not-create-wel
I also can not seem to be able change RunAsVirtualAccount value on Windows 2012 either after modifiying PSSC file and restarting WinRM changes to that switch are not reflected in session. Can you confirm?