PSWA access denied errror

Welcome Forums General PowerShell Q&A PSWA access denied errror

This topic contains 4 replies, has 3 voices, and was last updated by

 
Keymaster
3 years, 7 months ago.

  • Author
    Posts
  • #26097

    Participant
    Points: 0
    Rank: Member

    Hi

    I am trying to use remove-dnsserverresourcerecord cmdlet but I get permissiondenied.
    here is the cmdlet and error.
    remove-dnsserverresourcerecord -ComputerName "DOMAIN CONTROLLER" -ZoneName "ZONE".com -RRType A -Name "SERVER TO REMOVE"
    Failed to get the zone information for "ZONE" on server "DOMAIN CONTROLLER".
    + CategoryInfo : PermissionDenied: ("SERVER TO REMOVE":root/Microsoft/...rResourceRecord) [Remove-DnsServerResourceRecord], CimException
    + FullyQualifiedErrorId : WIN32 5,Remove-DnsServerResourceRecord

    I was wondering why? If I log onto the server that is running pswa I can run the cmdlet fine.

  • #26098

    Keymaster
    Points: 40
    Team Member
    Rank: Member

    Hey there LiveUser. It's a double-hop problem. When you're logged into PSWA, you're actually in a remote PS session. So you're remoted and running a command to a remote DNS server, and it'll fail. Local Session > PSWA > DNSServer

    When you log into the PSWA server directly via RDP, you're eliminating a hop.
    PSWA>DNSServer

    You can actually read up about the double hop problem, and possible solutions, here. https://www.penflip.com/powershellorg/secrets-of-powershell-remoting

  • #26100

    Participant
    Points: 0
    Rank: Member

    Thank you for the quick response. This was very helpful.

  • #26103

    Keymaster
    Points: 40
    Team Member
    Rank: Member

    Any time! Mind if I mark this as resolved? 🙂

  • #26114

    Keymaster
    Points: 1,785
    Helping HandTeam Member
    Rank: Community Hero

The topic ‘PSWA access denied errror’ is closed to new replies.