Stuck on elevation prompt for getting powershell settings remotely

Welcome Forums General PowerShell Q&A Stuck on elevation prompt for getting powershell settings remotely

This topic contains 5 replies, has 2 voices, and was last updated by

 
Participant
4 years, 6 months ago.

  • Author
    Posts
  • #18492

    Participant
    Points: 0
    Rank: Member

    I am trying to verify across 20 servers the powershell configuration.

    So locally UAC prompt powershell as admin the below works.

     get-item wsman:\localhost\shell | get-childitem

    Remoting wise I thought this work have worked.

     Start-Process powershell.exe -ArgumentList "icm -computername server1,server2,server3 -scriptblock {get-item wsman:\localhost\shell | get-childitem}" -verb runas
    

    Not sure how to capture the output or at least hold up the pop window that occurs.

  • #18493

    Keymaster
    Points: 1,811
    Helping HandTeam Member
    Rank: Community Hero

    Well... I think the general theory is to try and not run into UAC. I would normally run Invoke-Command from my non-elevated prompt, and provide it with a -Credential parameter, which it would use to make the remote connection. That should remove any UAC pop-up windows, since you're not launching a new instance of PowerShell. That'll also put the output right into your PowerShell console, where you can work with it however you like.

  • #18494

    Participant
    Points: 0
    Rank: Member

    Thanks Don. That where I am at a loss since

    icm -computername server1,server2,server3 -scriptblock {get-item wsman:\localhost\} -Cred usernameinfohere 

    works but soon as I add shell to the end of wsman:\localhost\ I run into what looks like a permissions issue since for example (pre)icm -computername server1,server2,server3 -scriptblock {get-eventlog security -Newest 10} works. I'll keep digging and let you know if I find something fruitfull.

  • #18495

    Keymaster
    Points: 1,811
    Helping HandTeam Member
    Rank: Community Hero

    It's square brackets on the code formatting 😉

    Couple of things. One, keep in mind that you can map other computers' WS-MAN to your own WSMAN: drive. It uses demoting under the hood, so try doing that with 1-2 computers. If you're not able to navigate the hierarchy that way, then yes, there's a problem of some kind. But that'll help eliminate certain possibilities.

    Second, double-check and make sure Remoting is enabled on those computers. I'm guessing it is, since just going to /localhost/ works.

    Third, keep in mind all those settings can also be configured in a GPO, which may be more convenient for you.

  • #18502

    Participant
    Points: 0
    Rank: Member

    Resorted to using a foreach in combination connect-wsman then reused code.

    $file = "wsmansettings.txt"
    
    $servers = "server1","server2","server3","server4","server5"
    
    foreach($server in $servers){
                                    Connect-WSMan $server
                                    Get-Item wsman:\$server\shell | Get-ChildItem | out-file $file -Append
                                    Disconnect-WSMan $server
    
                                }#foreach
    
    invoke-item $file
    $servers = ""
    

    mybad on the pre tags...

  • #18504

    Participant
    Points: 0
    Rank: Member

    Thanks for the advice and assistance.

The topic ‘Stuck on elevation prompt for getting powershell settings remotely’ is closed to new replies.

denizli escort samsun escort muğla escort ataşehir escort kuşadası escort