May 1, 2015 at 3:38 am #24888
I am in need of getting the RDP certhash of a remote machine. I found a way to get the same using wmic and it works absolutely fine. I am trying the same with powershell on the same console but I am receiving Access Denied error. Am I doing something wrong?
PS C:\> wmic /node:Testserver /namespace:\\root\CIMV2\TerminalServices PATH Win32_TSGeneralSetting get SSLCertificateSHA1Hash SSLCertificateSHA1Hash 1F463C2D9742AA3CE038A0C216FF179418C790EA PS C:\> PS C:\> gwmi Win32_TSGeneralSetting -Namespace "root\cimv2\terminalservices" -ComputerName Testserver | select -ExpandProperty SSLCertificateSHA1Hash gwmi : Access denied At line:1 char:1 + gwmi Win32_TSGeneralSetting -Namespace "root\cimv2\terminalservices" -ComputerN ... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : InvalidOperation: (:) [Get-WmiObject], ManagementException + FullyQualifiedErrorId : GetWMIManagementException,Microsoft.PowerShell.Commands.GetWmiObjectCommand
May 1, 2015 at 3:51 am #24889
I just tried this
Get-WmiObject -Namespace root\cimv2\TerminalServices -Class Win32_TSgeneralSetting -ComputerName W12R2SUS
against a remote Windows 2012 R2 machine and it worked.
Access denied is usually a permissions problem. Can you access a standard class on the remote machine using Get-WmiObject?
You may need to create a credential object and use that with Get-WmiObject.
Alternatively try Get-CimInstance. It runs over WSMAN and doesn't trip over so many issues as Get-WmiObject
Get-CimInstance -Namespace root\cimv2\TerminalServices -ClassName Win32_TSgeneralSetting -ComputerName W12R2SUS
May 1, 2015 at 7:41 am #24892
Thanks Richard. I have admin rights on the remote machine and I am able to access the remote server's standard class wmi using gwmi such as win32_bios. I have also tried supplying the credential (domain as well the local built in admin) as suggested – but still no luck.
My environment is not setup with PS remoting yet but I still enabled it only on this remote machine to check this issue with get-ciminstance. But I was getting "A DMTF resource URI was used to access a non-DMTF class. Try again using a non-DMTF resource URI.". Then I saw your article and got to know the problem is due to wsman3 and 2 connection conflicts. I was running these commands from windows 2012 (PS3) to the remote Windows 2008R2 machine. Finally I managed to get it working with mix and match WSMAN and DCOM based CIM sessions and I could get the RDP certhash.
I tried using the same gwmi command from windows 2012(PS V3) to remote windows 2008/2012/R2 machines and still have the same problem. But when i use it from windows 2012 R2 to remote machines with any os 2008/12/R2 everything works fine. So looks like it is fixed in PS V4. .
May 2, 2015 at 5:18 am #24904
When ever you see Access denied (raised by: Get-WmiObject) simply add -Authentication PacketPrivacy to the gwmi cmdlet.
gwmi Win32_TSGeneralSetting -Namespace "root\cimv2\terminalservices" -Computername blah -Authentication PacketPrivacy
May 3, 2015 at 10:56 am #24914
@albvar01 – Awesome. Thank you. It works with -Authentication PacketPrivacy on PS v3.
You must be logged in to reply to this topic.