How to remote into a password protected server using PowerShell - powershell

I'm trying to remote into a password protected server using powershell, but it keeps throwing errors.
My code:
winrm set winrm/config/client #{TrustedHosts="XX.X.XXX.XX"}
$cred = Get-Credential
New-PSSession XX.X.XXX.XX -Credential $cred
and the output:
PS C:\Users\user.name> winrm set winrm/config/client #{TrustedHosts="XX.X.XXX.XX"}
$cred = Get-Credential
New-PSSession XX.X.XXX.XX -Credential $cred
winrm : Error: Invalid use of command line. Type "winrm -?" for help.
At line:1 char:1
+ winrm set winrm/config/client #{TrustedHosts="XX.X.XXX.XX"}
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (Error: Invalid ...m -?" for help.:String) [], RemoteException
+ FullyQualifiedErrorId : NativeCommandError
cmdlet Get-Credential at command pipeline position 1
Supply values for the following parameters:
New-PSSession : [XX.X.XXX.XX] Connecting to remote server XX.X.XXX.XX failed with the following error message : The WinRM client cannot process the request. Default authentication may be
used with an IP address under the following conditions: the transport is HTTPS or the destination is in the TrustedHosts list, and explicit credentials are provided. Use winrm.cmd to
configure TrustedHosts. Note that computers in the TrustedHosts list might not be authenticated. For more information on how to set TrustedHosts run the following command: winrm help
config. For more information, see the about_Remote_Troubleshooting Help topic.
At line:3 char:1
+ New-PSSession XX.X.XXX.XX-Credential $cred
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : OpenError: (System.Manageme....RemoteRunspace:RemoteRunspace) [New-PSSession], PSRemotingTransportException
+ FullyQualifiedErrorId : CannotUseIPAddress,PSSessionOpenFailed
My IP address is in the format XX.X.XXX.XX, but I censored it because I have no idea how secure/insecure it is to put that on the internet.

Related

PowerShell 5.1 What is wrong with my New-PSSession syntax

Environment:
PowerShell 5.1
Windows 2016 Standard
Windows 10 Pro
Just asking here if syntax is fundamentally correct...
$hostSession = New-PSSession -ComputerName $hostName -Credential $cred
$versionFolder = "c:\temp"
$sspLatestVer = Invoke-Command -Session $hostSession -ScriptBlock { param($path) (Get-ChildItem $path | Sort-Object LastWriteTime -Descending | Select-Object -First 1).Name } -ArgumentList $versionFolder
Update:
The following works on one machine but not on another:
$versionFolder = "\\COMPUTER01\c$\temp"
$sspLatestVer = (Get-ChildItem $versionFolder | Sort-Object LastWriteTime -Descending | Select-Object -First 1).Name
Error Message for machine that doesn't work
Get-ChildItem : Cannot find path '\\COMPUTER01\c$\temp' because it does not exist.
At C:\temp\candidate2.ps1:24 char:18
+ $sspLatestVer = (Get-ChildItem $versionFolder | Sort-Object LastWrite ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (\\COMPUTER01\c$\temp:String) [Get-ChildItem], ItemNotFoundException
+ FullyQualifiedErrorId : PathNotFound,Microsoft.PowerShell.Commands.GetChildItemCommand
OP Error Message:
New-PSSession : [COMPUTER01] Connecting to remote server COMPUTER01 failed with the following error message : WinRM cannot process the request. The following error with errorcode 0x80090311 occurred while using
Kerberos authentication: We can't sign you in with this credential because your domain isn't available. Make sure your device is connected to your organization's network and try again. If you previously signed in on
this device with another credential, you can sign in with that credential.
Possible causes are:
-The user name or password specified are invalid.
-Kerberos is used when no authentication method and no user name are specified.
-Kerberos accepts domain user names, but not local user names.
-The Service Principal Name (SPN) for the remote computer name and port does not exist.
-The client and remote computers are in different domains and there is no trust between the two domains.
After checking for the above issues, try the following:
-Check the Event Viewer for events related to authentication.
-Change the authentication method; add the destination computer to the WinRM TrustedHosts configuration setting or use HTTPS transport.
Note that computers in the TrustedHosts list might not be authenticated.
-For more information about WinRM configuration, run the following command: winrm help config. For more information, see the about_Remote_Troubleshooting Help topic.
At C:\Users\RSTEST\Documents\candidate2.ps1:17 char:16
+ ... hostSession = New-PSSession -ComputerName $hostName -Credential $cred
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : OpenError: (System.Manageme....RemoteRunspace:RemoteRunspace) [New-PSSession], PSRemotingTransportException
+ FullyQualifiedErrorId : AuthenticationFailed,PSSessionOpenFailed
Invoke-Command : Cannot validate argument on parameter 'Session'. The argument is null or empty. Provide an argument that is not null or empty, and then try the command again.
At C:\Users\RSTEST\Documents\candidate2.ps1:19 char:41
+ $sspLatestVer = Invoke-Command -Session $hostSession -ScriptBlock { p ...
+ ~~~~~~~~~~~~
+ CategoryInfo : InvalidData: (:) [Invoke-Command], ParameterBindingValidationException
+ FullyQualifiedErrorId : ParameterArgumentValidationError,Microsoft.PowerShell.Commands.InvokeCommandCommand
Remove-PSSession : Cannot validate argument on parameter 'Name'. The argument is null or empty. Provide an argument that is not null or empty, and then try the command again.
At C:\Users\RSTEST\Documents\candidate2.ps1:20 char:24
+ Remove-PSSession -Name $hostSession
+ ~~~~~~~~~~~~
+ CategoryInfo : InvalidData: (:) [Remove-PSSession], ParameterBindingValidationException
+ FullyQualifiedErrorId : ParameterArgumentValidationError,Microsoft.PowerShell.Commands.RemovePSSessionCommand
Two issues here:
First, see WinRM cannot process the request. Error 0x80090311
If the remote system is in the same domain, and you are already logged in with a domain account that is an administrator on that system, then there would be no need to specify a credential for New-PSSession
If the systems are in different forests that have a trust with each other, note that there is a need to use the fully qualified domain name (FQDN) of the remote host for Kerberos authentication to function correctly.
Second, regarding:
$versionFolder = "\\COMPUTER01\c$\temp"
Note that remote sessions normally do not have access to network shares, even when presumably running under the credentials of an administrative user.
This is known as the "second hop problem". There have been various posts about it:
https://learn.microsoft.com/en-us/powershell/scripting/learn/remoting/ps-remoting-second-hop?view=powershell-5.1
https://devblogs.microsoft.com/scripting/enable-powershell-second-hop-functionality-with-credssp/
This may work from COMPUTER01 itself, since it could be aliased to local drive access.

Remote server login error

Hi I want to login into my remote server using power shell . I wrote code for this but I am getting error .
CODE
$cred = get-credential - Prompts for username and password
Enter-PSSession -ComputerName servername -Credential $cred
ERROR
Get-Credential : A positional parameter cannot be found that accepts
argument 'Prompts'.At C:\documents\Untitled8.ps1:1 char:9
+ $cred = get-credential - Prompts for username and password
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (:) [Get-Credential], ParameterBindingException
+ FullyQualifiedErrorId : PositionalParameterNotFound,Microsoft.PowerShell.Commands.GetCredentialCommand
Enter-PSSession : Connecting to remote server XXXXX failed with the
following error message : Access is denied. For more information, see
the about_Remote_Troubleshooting Help topic.At
C:\documents\Untitled8.ps1:5 char:1
+ Enter-PSSession -ComputerName servername -Credential $cred
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (servername:String) [Enter-PSSession], PSRemotingTransportException
+ FullyQualifiedErrorId : CreateRemoteRunspaceFailed
Any clue regarding this will help....
Get-Credential : A positional parameter cannot be found that accepts argument 'Prompts'
Anybody have any clue how to login into remote server in power shell using servername..any clue any link regarding this will be helpful
The problem is that there it can´t find a positional parameter, where "Prompts" is accepted. If you look at the help file for Get-credential you will see that the -Credential paramenter is positional, meaning you dont need to type it.
Try with this
$cred = get-credential -Message "Prompts for username and password"
Enter-PSSession -ComputerName servername -Credential $cred
Some reading about positional parameters
https://itknowledgeexchange.techtarget.com/powershell/positional-parameters/

Enter-PSSession not working, Firewall port 5985 is open

Error:
Enter-PSSession : Connecting to remote server sadcm0000081 failed with the following error message : WinRM cannot
complete the operation. Verify that the specified computer name is valid, that the computer is accessible over the
network, and that a firewall exception for the WinRM service is enabled and allows access from this computer. By
default, the WinRM firewall exception for public profiles limits access to remote computers within the same local
subnet. For more information, see the about_Remote_Troubleshooting Help topic.
At line:1 char:1
+ Enter-PSSession -ComputerName sadcm0000081
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (sadcm0000081:String) [Enter-PSSession], PSRemotingTransportException
+ FullyQualifiedErrorId : CreateRemoteRunspaceFailed
Test-WSN Output:
Test-Wsman : <f:WSManFault xmlns:f="http://schemas.microsoft.com/wbem/wsman/1/wsmanfault" Code="2150859046" Machine="SADCM0000078.adc
.corpintra.net"><f:Message>WinRM cannot complete the operation. Verify that the specified computer name is valid, that the computer i
s accessible over the network, and that a firewall exception for the WinRM service is enabled and allows access from this computer. B
y default, the WinRM firewall exception for public profiles limits access to remote computers within the same local subnet. </f:Messa
ge></f:WSManFault>
At line:1 char:1
+ Test-Wsman -ComputerName sadcm0000081
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (sadcm0000081:String) [Test-WSMan], InvalidOperationException
+ FullyQualifiedErrorId : WsManError,Microsoft.WSMan.Management.TestWSManCommand
Try first to running powershell Enable-PSRemoting with an administrator console.
After that look after the Windows Firewall rules of remote administration.

Remote command failure even after unencrypted traffic is true

I am trying to open remote PSSession from one PC to another. Both PCs are in the LAN and reachable, but whenever I try to enter PSSession the following error occurs:
Enter-PSSession : Connecting to remote server pc2 failed with the
following error message : The WinRM client cannot process the request.
Unencrypted traffic is currently disabled in the client configuration.
Change the client configuration and try the request again. For more
information, see the about_Remote_Troubleshooting Help topic. At
line:1 char:1
+ Enter-PSSession -ComputerName pc2 -Authentication Basic -Credential admin
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (pc2:String) [Enter-PSSession], PSRemotingTransportException
+ FullyQualifiedErrorId : CreateRemoteRunspaceFailed
I have set AllowUnencrypted to true in both
WSMan::localhost\Client
and
WSMan::localhost\Service
location on the remote PC, but still getting the same error. Are there other settings I need to update?

connecting from powershell 2.0 to local exchange 2007

I'm trying to connect from my PowerShell to Exchange 2007 (both are on the same computer).
What am I missing?
My code:
Set-ExecutionPolicy RemoteSigned
$cred = Get-Credential
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri
https://localhost/powershell/ -Credential $cred -Authentication Basic –AllowRedirection
Import-PSSession $Session
The error I get:
[localhost] Connecting to remote server failed with the following error message : The server certificate on the destination computer (localhost:443) has the following errors:
The SSL certificate is expired. For more information, see the about_Remote_Troubleshooting Help topic.
+ CategoryInfo : OpenError: (System.Manageme....RemoteRunspace:RemoteRunspace) [], PSRemotingTransportException
+ FullyQualifiedErrorId : PSSessionOpenFailed
Import-PSSession : Cannot validate argument on parameter 'Session'. The argument is null. Supply a non-null argument and try the command again.
At line:3 char:17
+ Import-PSSession <<<< $Session
+ CategoryInfo : InvalidData: (:) [Import-PSSession], ParameterBindingValidationException
+ FullyQualifiedErrorId : ParameterArgumentValidationError,Microsoft.PowerShell.Commands.ImportPSSessionCommand
Remoting does not work with Exchange 2007. Never has.