start-process newbie question

Welcome Forums General PowerShell Q&A start-process newbie question

This topic contains 3 replies, has 2 voices, and was last updated by

 
Participant
5 years, 3 months ago.

  • Author
    Posts
  • #11304

    Participant
    Points: 0
    Rank: Member

    hello all and thank you for your time. My goal is deploy a java installation via power shell i have the following script, see below. when I run the script, for computers that are online I receive the following error:

    This command cannot be executed due to the error: Access is denied.
    + CategoryInfo : InvalidOperation: (:) [Start-Process], InvalidOperationException
    + FullyQualifiedErrorId : InvalidOperationException,Microsoft.PowerShell.Commands.StartProcessCommand
    + PSComputerName : ARRIS-2

    is this due to using the UNC path ? all users have access to the share so im a bit lost on where to go from here.

    $comp=Get-ADComputer -Filter {(name -like "arris*") -and (name -notlike "*exchange")} | Select-Object -ExpandProperty name |
    ForEach-Object {
    $computer = $_

    $pingme = Test-Connection -ComputerName $computer -Quiet -count 1

    if ($pingme -eq $true)
    {
    Invoke-Command -ComputerName $computer -ScriptBlock { Start-Process -FilePath '\\severname\software deployment\java7_45\jre1.7.0_45.msi' -LoadUserProfile }
    }
    else
    {
    Write-Host "computer '$computer' is offline"
    }
    } | ft

  • #11306

    Member
    Points: 0
    Rank: Member

    You're running into the "second hop" scenario here. By default, when you use PowerShell Remoting, you can only access resources local to the machine you've connected to. In order to access that UNC path, you'll need to use CredSSP as your connection type. This requires some configuration changes both on the computer where you're running this script, and on the computers you're connecting to with Invoke-Command.

    Check out the "Secrets of PowerShell Remoting" free eBook from this site. It has all of the details on how to set this up, including screenshots, starting on page 42.

  • #11363

    Participant
    Points: 0
    Rank: Member

    i am still running into an issue even after reading a couple of articles related to this including the recommended article above. I am receiving this error message (see below) i have set this in group policy and have updated the test computers and restarted several times. this configuration is set and the parameters within it is set to WSMAN/*.domain.com, domain.com being my domain. am I missing something obvious ?

    "A computer policy does not allow the
    delegation of the user credentials to the target computer. Use gpedit.msc and look at the following policy: Computer Configuration -> Administrative Templates -> System ->
    Credentials Delegation -> Allow Delegating Fresh Credentials. Verify that it is enabled and configured with an SPN appropriate for the target computer. For example, for a target
    computer name "myserver.domain.com", the SPN can be one of the following: WSMAN/myserver.domain.com or WSMAN/*.domain.com."

  • #11390

    Participant
    Points: 0
    Rank: Member

    can anyone assist ?

The topic ‘start-process newbie question’ is closed to new replies.

denizli escort samsun escort muğla escort ataşehir escort kuşadası escort