This is just crazy, I am starting on PowerShell. And of course I need to do Admin work remotely.
A simple
dir \\server\share\folder
Just refuses to work, I get this error
Get-ChildItem : Cannot find path '\\server\share\folder' because it does not exist.
+ CategoryInfo : ObjectNotFound: (\\server\share\folder:String) [Get-ChildItem], ItemNotFoundException
+ FullyQualifiedErrorId : PathNotFound,Microsoft.PowerShell.Commands.GetChildItemCommand
To me it is pretty obvious it is an access rights issue. And we do have a domain here at the company. I am logged in to the server, with the exact same user account, on VNC and I can see the UNC path. But whenever I try to just copy a file from my desktop with the remote connection. It just won't work!!!!
I can do many other things so I am positive I am connected.
To get this to work, you must configure both your local and remote computers.
On the remote server, run the following command:
Enable-WSManCredSSP -Role server
You'll know things are confgured correctly if you run the Get-WSManCredSSP cmdlet and get the following output:
The machine is not configured to allow delegating fresh credentials.
This computer is configured to receive credentials from a remote client computer.
On your local computer, from an Administrative PowerShell prompt, you need to allow credential delegation in PowerShell. Run the following command:
Enable-WSManCredSSP -Role Client -DelegateComputer <REMOTE_COMPUTER_NAME>
You can enable all servers by using * for REMOTE_COMPUTER_NAME.
You'll know this is configured correctly when you run Get-WSManCredSSP and get the following output:
The machine is configured to allow delegating fresh credentials to the following target(s): wsman/REMOTE_SERVER_NAME
This computer is not configured to receive credentials from a remote client computer.
On your local machine, update Group Policy to allow your credentials to be delegated to the remote server.
- Open gpedit.msc and browse to Computer Configuration > Administrative Templates > System > Credentials Delegation.
- Double-click "Allow delegating fresh credentials with NTLM-only Server Authentication".
- Enable the setting and add the build server to the server list as WSMAN/BuildServerName. (You can enable all servers by entering WSMAN/*.)
Then, when you need to run your command on the remote server, you can't use any of the *-PSSession commands because CredSSP can't use cached credentials. You have to start the session using Invoke-Command, and use CredSSP as the value to the Authentication parameter, like so:
Invoke-Command -ScriptBlock { # remote commands here } `
-ComputerName <REMOTE_COMPUTER_NAME> `
-Authentication CredSSP `
-Credential <USERNAME>
Powershell also uses Internet Explorer security settings on running remote scripts.
I have found that, for whatever machine you are trying to have run a remote script, if I add the unc path of the remote machine to my trusted intrAnet sites, I can run scripts then (assuming my execution policy in posh is set to remotesigned...."set-executionpolicy remotesigned").
I do a ton of administration for multiple servers with and without SQL, and I've never done anything with Enable-WSManCredSSP.
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://img.manongdao.com/sparkler-677774__340.jpg', '推荐 贼婆χ 的文章《What security setting is preventing Remote PowerSh》','https://www.manongdao.com/article-91542.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}