Author Posts

June 8, 2015 at 7:55 am

Hi

I am trying to use remove-dnsserverresourcerecord cmdlet but I get permissiondenied.
here is the cmdlet and error.
remove-dnsserverresourcerecord -ComputerName "DOMAIN CONTROLLER" -ZoneName "ZONE".com -RRType A -Name "SERVER TO REMOVE"
Failed to get the zone information for "ZONE" on server "DOMAIN CONTROLLER".
+ CategoryInfo : PermissionDenied: ("SERVER TO REMOVE":root/Microsoft/...rResourceRecord) [Remove-DnsServerResourceRecord], CimException
+ FullyQualifiedErrorId : WIN32 5,Remove-DnsServerResourceRecord

I was wondering why? If I log onto the server that is running pswa I can run the cmdlet fine.

June 8, 2015 at 8:02 am

Hey there LiveUser. It's a double-hop problem. When you're logged into PSWA, you're actually in a remote PS session. So you're remoted and running a command to a remote DNS server, and it'll fail. Local Session > PSWA > DNSServer

When you log into the PSWA server directly via RDP, you're eliminating a hop.
PSWA>DNSServer

You can actually read up about the double hop problem, and possible solutions, here. https://www.penflip.com/powershellorg/secrets-of-powershell-remoting

June 8, 2015 at 8:27 am

Thank you for the quick response. This was very helpful.

June 8, 2015 at 9:04 am

Any time! Mind if I mark this as resolved? 🙂