I normally use Windows Remote Desktop to connect to a server machine. All connection configs are saved in an .rdp file.
I want to instead use PowerShell to connect to that same server, in a similar fashion as SSH. I researched and found about PowerShell remoting with Enter-PSSession, but I don't know what arguments to give it.
What I know so far:
Client machine OS: Windows 10. Host machine OS: Windows Server 2012 R2.
Client and host machines are in different networks/Active Directories. Simply running Enter-PSSession <HOSTNAME> doesn't work.
Host machine's PSRemoting is enabled. If I'm on a machine in its same AD, it can be connected with Enter-PSSession <HOSTNAME>
My question is, if I have a working .rdp file, can I infer what's needed to PSRemote to a remote server? Or even better, can I pass that .rdp file to a PS command to make the shell connection?
If trust is present, this should work.
Enter-PSSession -Computername <FQDN>
If no trust, you have to pass a PowerShell credential object. This should be a credential that has access on the target machine. The .rdp file cannot help at all.
Enter-PSSession -Computername <FQDN> -Credential $CustomPScredentialObject
You can create a credential object by:
$CustomPScredentialObject = Get-Credential "Domain\UserID" #this will give an interactive prompt for password
Non-interactive Credential Object:
$SecurePassword = "PlaintextPassword" | ConvertTo-SecureString -Force -AsPlainText
$CustomPScredentialObject = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList "Domain\userid", $SecurePassword
Now you can use this credential object for PSSession.
Related
I am trying to remotely deploy wsp file present in server2 by running a powershell script in server1.
I am able to successfully log in to the server2 through server1 using the below command:
$password = ConvertTo-SecureString "password" -AsPlainText -Force
$cred = New-Object System.Management.Automation.PSCredential("username",$password)
but I am not able to deploy the wsp file. This is the code that I tried:
Enter-PSSession -ComputerName server2 -Credential $cred
Add-PSSnapin Microsoft.Sharepoint.Powershell –EA 0
Update-SPSolution -Identity TechSoup.Web.wsp -LiteralPath "C:\Program Files ...Debug\Some.wsp" -GacDeployment
I have also tried to put the above code in a script, save it and run the script remotely.
This is the error that I am getting. I believe it is because I don't have admin privileges, I can say this because when I run the deployment code from server2 as admin, the wsp file is getting deployed. So, how can I get admin privileges remotely. The user has the admin privileges, all I need to do is run it with elevated privileges(like right-click and run as admin, but programatically)
Update-SPSolution : Cannot access the local farm. Verify that the
local farm is properly configured, currently available, and that you
have the appropriate permissions to access the database before trying
again
EDIT
I have tried the below script code in admin mode in powershell:
$password = ConvertTo-SecureString "serverpassword" -AsPlainText -Force
$cred = New-Object System.Management.Automation.PSCredential("userName",$password)
Enable-PSRemoting
Enable-WSmanCredSSP -Role Server
winrm set winrm/config/winrs '#{MaxShellsPerUser="25"}'
winrm set winrm/config/winrs '#{MaxMemoryPerShellMB="600"}'
Enter-PSSession -ComputerName Server2 -Credential $cred -Authentication credssp
However, I keep getting this error:
Enter-PSSession : Connecting to remote server Server2 failed
with the following error message : The WinRM client cannot process
the request. CredSSP authentication is currently disabled in the
client configuration. Change the client configuration and try the
request again. CredSSP authentication must also be enabled in the
server configuration. Also, Group Policy must be edited to allow
credential delegation to the target computer. Use gpedit.msc and look
at the following policy: Computer Configuration -> Administrative
Templates -> System -> Credentials Delegation -> Allow Delegating
Fresh Credentials. Verify that it is enabled and configured with an
SPN appropriate for the target computer. For example, for a target
computer name "myserver.domain.com", the SPN can be one of the
following: WSMAN/myserver.domain.com or WSMAN/*.domain.com For more
information, see the about_Remote_Troubleshooting Help topic
No matter what I try, I get this error. I have tried these techniques:
Allowed Delegating fresh credentials as well as NTLM fresh credentials in GPEdit.
I have tried the script present in This link
I have added user privileges in compmgmt.msc at
Remote Desktop Users
WinRMRemoteWMIUsers__
WSS_ADMIN_WPG
Remote Management Users
Can anyone suggest any thing ??
In order to run SharePoint commands remotely please follow the steps outlined in: Remote PowerShell to Manage SharePoint on-premises
Essentially, after enabling remoting, you have to enable CredSSP access in order for your credentials to be sent to the remote and local computer in order for you to run elevated commands.
On the server:
Enable-PSRemoting
Enable-WSmanCredSSP -Role Server
winrm set winrm/config/winrs '#{MaxShellsPerUser="25"}'
winrm set winrm/config/winrs '#{MaxMemoryPerShellMB="600"}'
And on the client:
Enable-PSRemoting
Enable-WSmanCredSSP -Role Client -DelegateComputer "server2.contoso.com"
Then on the client you can enter the session:
Enter-PSSession -ComputerName server2 -Credential $cred -Authentication Credssp
I am attempting to connect to a server using a remote PSsession and run a JEA configuration. But when I run the command
Enter-PSsession -ComputerName $server -ConfigurationName $config
It throws the following error:
Enter-PSSession : Value cannot be null.
Parameter name: sessionDetails
After examining the PSsession documentation I can't find a parameter named sessionDetails? What is going on?
FURTHER DETAILS:
Enter-PSession $server
Connects to the server without error. And when I'm on the server it's self, the command:
Enter-PSession -ComputerName localhost -ConfigurationName $config
Also enters a PSsession without error. So I'm definitely able to access the server and the configuration definitely works (at least on local host).
Add in your .pssc file a line with TranscriptDirectory = 'xxx'
With xxx the folder where audit trail logging will be stored. This will log on the server where you register the JEA script who connected.
In such logging file you can see a line like:
PSCompatibleVersions: 1.0, 2.0, 3.0, 4.0, 5.0, 5.1.10032.0, 6.2.0
This indicates the powershell versions that are supported for the CLIENT side.
In case you are using a client version that is not listed you get that error.
Enter-PSSession may not be used correctly by you. Try the below syntax.
Command to start an interactive session with Server01, a remote computer. When the session starts, the command prompt changes to include the computer name.
PS C:\> Enter-PSSession -ComputerName Server01
[Server01]: PS C:\>
Command to get the PowerShell process and redirects the output to the Process.txt file. The command is submitted to the remote computer, and the file is saved on the remote computer.
[Server01]: PS C:\> Get-Process Powershell > C:\test\Process.txt
Exit command to end the interactive session and close the connection.
[Server01]: PS C:\> exit
PS C:\>
I have written a PowerShell script which uninstall a program and install a newer version of the program on my servers (Update Programs). Now I want to create another script which run the aforementioned script on the servers. Consider that I have to connect to my servers through using IPs, UserName and password and using domain is not an option.
How is this possible?
PowerShell version is 4
I have tried this code to simply get date:
$User = "administrator"
$PWord = ConvertTo-SecureString -String "Password1234" -AsPlainText -Force
$Credential = New-Object -TypeName "System.Management.Automation.PSCredential" -ArgumentList $User, $PWord
$session = New-PSSession -ComputerName '10.60.60.100' -Credential $Credential
Invoke-Command -Session $session -ScriptBlock {Get-Date}
and I got this error:
New-PSSession : [10.60.60.100] Connecting to remote server 10.60.60.100 failed with the following error message : The WinRM client cannot process the request. If the authentication scheme is different from Kerberos, or if the client computer is not joined to a domain, then HTTPS transport must be used or the destination machine must be added to the TrustedHosts configuration setting. Use winrm.cmd to configure TrustedHosts. Note that computers in the TrustedHosts list might not be authenticated. You can get more information about that by running the following command: winrm help config. For more information, see the about_Remote_Troubleshooting Help topic.
This is because you’re not running your command from a trusted host, or because the remote computers wsman service isn’t configured properly. I’d start by running the following command to configure wsman on the remote machine:
wsman quickconfig
If that doesn’t fix the problem, then you need to add your computer to the remote machines trusted hosts. You can do that by running the following:
winrm s winrm/config/client '#{TrustedHosts="RemoteComputer"}'
I have a problem in communication between two hosts, in details, I have two hosts in LAN.
1) [A] 192.168.1.10: On this host I have Windows Server 2012 R2
2) [B] 192.168.1.12: On this host I have Windows Server 2003 with ADFS installed.
My problem is:
I have to add a new user on ADFS by running powershell script on first host ( 192.168.1.10 ).
I tried this solution:
On host A I Execute current powershell script, for running powershell remote commands:
$pw = convertto-securestring -AsPlainText -Force -String <mypassword>
$cred = new-object -typename System.Management.Automation.PSCredential -argumentlist "DOMAIN\User",$pw
$session = Enter-PSSession -computername 192.168.1.12 -credential $cred
This instantiates a remote connection with host B which has ADFS.
On host B I have a script "CreateADUser.ps1" that add a new record on ADFS. But I don't like this solution.
Can I connect directy ADFS on host B by host A?
What function When I have more request on A host?
Important information:
to need I can't using directly B host, but I have to pass from A host.
What is your solution?
A Proxy server is used for the LAN connectivity in my machine and when i try to create a remote powershell session using the command Enter-PSSession in my machine, powershell console throws the following exception,
First Try: Enter-PSSession -ComputerName server.com -Credential domain\user
Now, I tried along with -UseSSL option. Below is the exception i received this time,
Second Try: Enter-PSSession -ComputerName server.com -Credential domain\user -useSSL
Can anyone please let me know how to create remote powershell session when in proxy LAN connection ?
In order to set proxy settings on connections for PS Remoting, use the New-PSSessionOptions commandlet and save the results as an object. $sessionOptions = New-PSSessionOptions [...] (you may need to research the options to specify there)
Then, use this object as a parameter on the -SessionOptions switch