using powershell across domains

This topic contains 2 replies, has 3 voices, and was last updated by Profile photo of tommymaynard tommymaynard 1 year, 11 months ago.

  • Author
    Posts
  • #21524
    Profile photo of D Cohen
    D Cohen
    Participant

    Newbie here....

    I have a computer in one domain that I am authenticating to (because we were acquired recently and pc changed), but our primary network is our old domain, and I want to run powershell commands against our "old domain" How can I authenticate, login, or run commands on the "old domain" from my "new" computer with a different domain.

    For example... my computer is domain x, and logging in with an account from domain x.
    but I want to access powershell commands all on domain y , with a different AD account that belongs to domain y.

    Thanks so much!!

    Here's an output of the error:
    Get-Service : Cannot open Service Control Manager on computer 'xyz'. This operation might require other privileges
    At line:1 char:1
    + Get-Service -ComputerName xyz
    + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo : NotSpecified: (:) [Get-Service], InvalidOperationException
    + FullyQualifiedErrorId : System.InvalidOperationException,Microsoft.PowerShell.Commands.GetServiceCommand

  • #21525
    Profile photo of Will Anderson
    Will Anderson
    Keymaster

    A lot of PowerShell cmdlets support the use of the -Credential parameter, allowing you to use alternate credentials. There's also the Invoke-Command cmdlet that you can use with -Credential, and then pass a cmdlet through that if the original cmdlet doesn't support -Credential. For instance:

    Invoke-Command -ComputerName %Server% -Credential domain\user {Get-Service}

  • #21526
    Profile photo of tommymaynard
    tommymaynard
    Member

    Going along with Will's suggestion, you can determine what cmdlets accept the -Credential parameter by using the Get-Command cmdlet: Get-Command -ParameterName Credential | Sort-Object Name. I have a function in my profile that will prompt me for a password that I can then use to connect to a different domain. I also have a Set-Alias in my profile that helps me avoid typing the whole function name.

    Function New-OtherDomainCred {
        $Global:odcred = Get-Credential -UserName 'otherdomain\username' -Message 'Create OtherDomain Credential Object'
    }
    

    After running this function, my credential object would be stored in $odcred, so I can use it as the value for the -Credential parameter.

You must be logged in to reply to this topic.