Permission trouble using Invoke-Command with Test-Path and Copy-Item

This topic contains 2 replies, has 1 voice, and was last updated by Profile photo of junkwerks junkwerks 1 year, 7 months ago.

  • Author
    Posts
  • #25918
    Profile photo of junkwerks
    junkwerks
    Participant

    Hi folks,

    I have 2 scripts that work in my testing environment just fine but do not work in production. Script 1 reads a csv file to create AD accounts, then uses Invoke-Command with Script 2 to create user folders on the file server. All servers are 2008 and running PS v.3.

    Script 2 runs New-Psdrive to connect back to Server 1, Test-Path to check for a csv file, then Copy-Item to copy the csv on to Server 2, then Remove-Psdrive.

    Problem: I get "PermissionDenied" "UnauthorizedAccessException" on the Test-Path and Copy_Item commands only when using Invoke-Command on Server 1. I can run script 2 locally on server 2 and the commands succeed. Likewise, I can run both commands from server 1 using a PSsession and they execute as expected. I don't get an error with the New-Psdrive, and other commands seem to run on Server 2 like log creation and email.

    I use the same user in all cases and shares/permissions are set to full for the user.

    Any ideas?

    -Shawn

  • #25920
    Profile photo of junkwerks
    junkwerks
    Participant

    Change that:

    It appears that I can not use Test-Path/Copy-Item when I am doing so from Server 1 using PSsession or Invoke-Command. But if I am on Server 2 I can map the drive (New-PSdrive) and use Test-Path/Copy-Item.

    -Shawn

  • #25949
    Profile photo of junkwerks
    junkwerks
    Participant

    Solved:

    It appears that this was a double-hop issue that is normally restricted. Rather than running Enable-WsManCredSSP, I chose to have Server 1 push the csv file to Server 2 rather than Server 2 doing a pull.

    Why my test environment allowed this to happen is beyond me as WsManCredSSP is disabled by default.

    -Shawn

You must be logged in to reply to this topic.