Enter-PSSession not working, Firewall port 5985 is open - powershell

Error:
Enter-PSSession : Connecting to remote server sadcm0000081 failed with the following error message : WinRM cannot
complete the operation. Verify that the specified computer name is valid, that the computer is accessible over the
network, and that a firewall exception for the WinRM service is enabled and allows access from this computer. By
default, the WinRM firewall exception for public profiles limits access to remote computers within the same local
subnet. For more information, see the about_Remote_Troubleshooting Help topic.
At line:1 char:1
+ Enter-PSSession -ComputerName sadcm0000081
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (sadcm0000081:String) [Enter-PSSession], PSRemotingTransportException
+ FullyQualifiedErrorId : CreateRemoteRunspaceFailed
Test-WSN Output:
Test-Wsman : <f:WSManFault xmlns:f="http://schemas.microsoft.com/wbem/wsman/1/wsmanfault" Code="2150859046" Machine="SADCM0000078.adc
.corpintra.net"><f:Message>WinRM cannot complete the operation. Verify that the specified computer name is valid, that the computer i
s accessible over the network, and that a firewall exception for the WinRM service is enabled and allows access from this computer. B
y default, the WinRM firewall exception for public profiles limits access to remote computers within the same local subnet. </f:Messa
ge></f:WSManFault>
At line:1 char:1
+ Test-Wsman -ComputerName sadcm0000081
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (sadcm0000081:String) [Test-WSMan], InvalidOperationException
+ FullyQualifiedErrorId : WsManError,Microsoft.WSMan.Management.TestWSManCommand

Try first to running powershell Enable-PSRemoting with an administrator console.
After that look after the Windows Firewall rules of remote administration.

Related

powershell restart remote computer ip address with port

i am trying to restart a server with an ip but it fails with the messege:
Restart-Computer :
Failed to restart the computer *.*.*.* with the following error message: The RPC server is unavailable.
At line:1 char:1
+ Restart-Computer -ComputerName *.*.*.* -Credential $Creds -Fo ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : OperationStopped: (*.*.*.*:String) [Restart-Computer], InvalidOperationException
+ FullyQualifiedErrorId : RestartcomputerFailed,Microsoft.PowerShell.Commands.RestartComputerCommand
i have changed that computer's RDP port, how do i specify the port in this command? i can't find it in the documentations or the examples over the internet.
any help will be appreciated...

How to remote into a password protected server using PowerShell

I'm trying to remote into a password protected server using powershell, but it keeps throwing errors.
My code:
winrm set winrm/config/client #{TrustedHosts="XX.X.XXX.XX"}
$cred = Get-Credential
New-PSSession XX.X.XXX.XX -Credential $cred
and the output:
PS C:\Users\user.name> winrm set winrm/config/client #{TrustedHosts="XX.X.XXX.XX"}
$cred = Get-Credential
New-PSSession XX.X.XXX.XX -Credential $cred
winrm : Error: Invalid use of command line. Type "winrm -?" for help.
At line:1 char:1
+ winrm set winrm/config/client #{TrustedHosts="XX.X.XXX.XX"}
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (Error: Invalid ...m -?" for help.:String) [], RemoteException
+ FullyQualifiedErrorId : NativeCommandError
cmdlet Get-Credential at command pipeline position 1
Supply values for the following parameters:
New-PSSession : [XX.X.XXX.XX] Connecting to remote server XX.X.XXX.XX failed with the following error message : The WinRM client cannot process the request. Default authentication may be
used with an IP address under the following conditions: the transport is HTTPS or the destination is in the TrustedHosts list, and explicit credentials are provided. Use winrm.cmd to
configure TrustedHosts. Note that computers in the TrustedHosts list might not be authenticated. For more information on how to set TrustedHosts run the following command: winrm help
config. For more information, see the about_Remote_Troubleshooting Help topic.
At line:3 char:1
+ New-PSSession XX.X.XXX.XX-Credential $cred
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : OpenError: (System.Manageme....RemoteRunspace:RemoteRunspace) [New-PSSession], PSRemotingTransportException
+ FullyQualifiedErrorId : CannotUseIPAddress,PSSessionOpenFailed
My IP address is in the format XX.X.XXX.XX, but I censored it because I have no idea how secure/insecure it is to put that on the internet.

unable to execute winrm quickconfig

I am unable to get around the following Powershell remoting error in my Windows 10 Machine.
Firstly I am attempting to execute the following.
PS: >Start-DscConfiguration -Wait -Verbose -Force -Path $outPath
VERBOSE: Perform operation 'Invoke CimMethod' with following parameters, ''methodName' = SendConfigurationApply,'className' = MSFT_DSCLocalConf
igurationManager,'namespaceName' = root/Microsoft/Windows/DesiredStateConfiguration'.
The client cannot connect to the destination specified in the request. Verify that the service on the destination is running and is accepting
requests. Consult the logs and documentation for the WS-Management service running on the destination, most commonly IIS or WinRM. If the
destination is the WinRM service, run the following command on the destination to analyze and configure the WinRM service: "winrm
quickconfig".
+ CategoryInfo : ConnectionError: (root/Microsoft/...gurationManager:String) [], CimException
+ FullyQualifiedErrorId : HRESULT 0x80338012
+ PSComputerName : localhost
so I do what it suggests by executing this.
PS: >winrm quickconfig
WinRM service is already running on this machine.
winrm : WSManFault
At line:1 char:1
+ winrm quickconfig
+ ~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (WSManFault:String) [], RemoteException
+ FullyQualifiedErrorId : NativeCommandError
Message
ProviderFault
WSManFault
Message = More data is available.
Error number: -2147024662 0x800700EA
More data is available.
Thanks for the help

PowerShell Double Hop Issue

I’m trying to run a PowerShell script on SYSTEM1, which executes robocopy on SYSTEM2, copying files to SYSTEM3,4,5,etc.
SYSTEM1 and SYSTEM2 are on the same domain, but SYSTEM2 is not behind a firewall (hence the need to run robocopy from SYSTEM2 and not SYSTEM1).
SYSTEM3,4,5 are on different domains than SYSTEM2, as well as different domains than each other.
I set the script up like this (it uses the net use command to prompt the user for credentials for the different domains):
Foreach($server in $servers) {
$command = {
param($cred, $server);
$error.clear();
# Stored credentials in local variables
$user = $cred.GetNetworkCredential().username
$pass = $cred.GetNetworkCredential().password
#establish connection from SYSTEM2-> $server
net use \\$server\c$\Deployments /delete
net use \\$server\c$\Deployments /USER:$user $pass
# Check to see if C:\Deployments exists on server, and if not create it.
if ((Test-Path \\$server\c$\Deployments) -eq $FALSE) {
$c = {
New-Item \\$server\c$\Deployments -type directory
}
$ws = Invoke-Command -ComputerName $server -Credential $cred -ScriptBlock $c
}
# Copy over the deployment packages
$dest = "\\$server\Deployments\$DeploymentDate\$CurrentDirectoryName"
robocopy $CurrentDirectoryPath $dest /W:20 /R:15 /e /XF CopyPackage.ps1
# Delete connection from SYSTEM2 -> $server
net use \\$server\c$\Deployments /delete
However, the net use command returns an error after the credentials are entered:
The network connection could not be found.
+ CategoryInfo : NotSpecified: (The network con...d not be found.:String) [], RemoteException
+ FullyQualifiedErrorId : NativeCommandError
+ PSComputerName : SYSTEM2
More help is available by typing NET HELPMSG 2250.
System error 55 has occurred.
+ CategoryInfo : NotSpecified: (System error 55 has occurred.:String) [], RemoteException
+ FullyQualifiedErrorId : NativeCommandError
+ PSComputerName : SYSTEM2
The specified network resource or device is no longer available.
[SYSTEM3] Connecting to remote server failed with the following error message : WinRM cannot process the request. The
following error occured while using Kerberos authentication: There are currently no logon servers available to service
the logon request.
Possible causes are:
-The user name or password specified are invalid.
-Kerberos is used when no authentication method and no user name are specified.
-Kerberos accepts domain user names, but not local user names.
-The Service Principal Name (SPN) for the remote computer name and port does not exist.
-The client and remote computers are in different domains and there is no trust between the two domains.
After checking for the above issues, try the following:
-Check the Event Viewer for events related to authentication.
-Change the authentication method; add the destination computer to the WinRM TrustedHosts configuration setting or
use HTTPS transport.
Note that computers in the TrustedHosts list might not be authenticated.
-For more information about WinRM configuration, run the following command: winrm help config. For more
information, see the about_Remote_Troubleshooting Help topic.
+ CategoryInfo : OpenError: (:) [], PSRemotingTransportException
+ FullyQualifiedErrorId : PSSessionStateBroken
+ PSComputerName : SYSTEM2
The network connection could not be found.
+ CategoryInfo : NotSpecified: (The network con...d not be found.:String) [], RemoteException
+ FullyQualifiedErrorId : NativeCommandError
+ PSComputerName : SYSTEM2
More help is available by typing NET HELPMSG 2250.
I’ve read this could be a “double-hop” issue (as detailed here), but I’m not sure how to edit the script to use CredSSP instead of Kerberos (or if this is even the problem).
Any ideas?
Posting this solution in case someone is still having an issue with a simple resolution to DoubleHop without using CredSSP.
Try this out:
https://www.powershellgallery.com/packages/Invoke-PSSession
It Invokes a PSSession, then Registers a PSSessionConfiguration with the Credentials that you provided. Basically providing the credentials for that DoubleHop
Then use Invoke-Command with that new PSSession. It should have the required privileges to do what you need.

Remote command failure even after unencrypted traffic is true

I am trying to open remote PSSession from one PC to another. Both PCs are in the LAN and reachable, but whenever I try to enter PSSession the following error occurs:
Enter-PSSession : Connecting to remote server pc2 failed with the
following error message : The WinRM client cannot process the request.
Unencrypted traffic is currently disabled in the client configuration.
Change the client configuration and try the request again. For more
information, see the about_Remote_Troubleshooting Help topic. At
line:1 char:1
+ Enter-PSSession -ComputerName pc2 -Authentication Basic -Credential admin
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (pc2:String) [Enter-PSSession], PSRemotingTransportException
+ FullyQualifiedErrorId : CreateRemoteRunspaceFailed
I have set AllowUnencrypted to true in both
WSMan::localhost\Client
and
WSMan::localhost\Service
location on the remote PC, but still getting the same error. Are there other settings I need to update?