We are trying to setup a machine for PSRemoting using the following command
Set-PSSessionConfiguration -Name Microsoft.PowerShell -showSecurityDescriptorUI
for some reason this only works when we open the powershell in the context of a domain user who is a local administrator.
PS C:\Windows\system32> Set-PSSessionConfiguration -Name Microsoft.PowerShell -showSecurityDescriptorUI
Confirm
Are you sure you want to perform this action?
Performing operation "Set-PSSessionConfiguration" on Target "Name:
Microsoft.PowerShell".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help
(default is "Y"):A
Access is denied.
At line:15 char:26
+ if ((!$pluginName) -or <<<< !(test-path "$pluginDir"))
+ CategoryInfo : InvalidOperation: (:) [], InvalidOperationExcept
ion
+ FullyQualifiedErrorId : WsManError
Join-Path : Access is denied.
At line:22 char:35
+ $pluginFileNamePath = Join-Path <<<< "$pluginDir" 'FileName'
+ CategoryInfo : NotSpecified: (:) [Join-Path], InvalidOperationE
xception
+ FullyQualifiedErrorId : System.InvalidOperationException,Microsoft.Power
Shell.Commands.JoinPathCommand
Test-Path : Cannot bind argument to parameter 'Path' because it is an empty str
ing.
At line:23 char:19
+ if (!(test-path <<<< "$pluginFileNamePath"))
+ CategoryInfo : InvalidData: (:) [Test-Path], ParameterBindingVa
lidationException
+ FullyQualifiedErrorId : ParameterArgumentValidationErrorEmptyStringNotAl
lowed,Microsoft.PowerShell.Commands.TestPathCommand
Get-Item : Cannot bind argument to parameter 'LiteralPath' because it is an emp
ty string.
At line:29 char:43
+ $pluginFileName = get-item -literalpath <<<< "$pluginFileNamePath"
+ CategoryInfo : InvalidData: (:) [Get-Item], ParameterBindingVal
idationException
+ FullyQualifiedErrorId : ParameterArgumentValidationErrorEmptyStringNotAl
lowed,Microsoft.PowerShell.Commands.GetItemCommand
Set-PSSessionConfiguration : Session Configuration "Microsoft.PowerShell" is no
t a PowerShell based shell.
At line:89 char:27
+ Set-PSSessionConfiguration <<<< $args[0] $args[1] $args[2] $args[3] $args[4]
$args[5] $args[6] $args[7] $args[8]
+ CategoryInfo : NotSpecified: (:) [Write-Error], WriteErrorExcep
tion
+ FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorExceptio
n,Set-PSSessionConfiguration
PS C:\Windows\system32>
it looks to me that there is something that is preventing access to the wsman:\localhost\plugin but can't understand how that can be fixed. This only happens in our test bed, but in our development environment we have no such issues.
Does any one have any clue as to what additional user access is for this command to work that an local administrator user may not have?
Here is an article that explains how to resolve this problem... basically to fix this you set LocalAccountTokenFilterPolicy to True in the registry.
http://www.shirmanov.com/2011/04/winrm-access-is-denied-on-local.html
Related
I'm trying to create an access policy so that I can create meetings using Microsoft Graph API on the user's behalf. To do this I need to do a script that is similar to this:
Connect-MicrosoftTeams
New-CsApplicationAccessPolicy -Identity Random -AppIds "applicationid" -Description "Users"
Grant-CsApplicationAccessPolicy -PolicyName Random -Identity "userId"
But when I try to run the second line I get this error:
At C:\Program Files\WindowsPowerShell\Modules\MicrosoftTeams\2.3.1\net472\SfBORemotePowershellModule.psm1:63 char:22
+ $remoteSession = & (Get-CsOnlineSessionCommand)
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [Get-CsOnlineSession], UnauthorizedAccessException
+ FullyQualifiedErrorId : UnauthorizedAccessException,Microsoft.Teams.ConfigApi.Cmdlets.GetCsOnlineSession
Invoke-Command : Cannot validate argument on parameter 'Session'. The argument is null or empty. Provide an argument that is
not null or empty, and then try the command again.
At C:\Program Files\WindowsPowerShell\Modules\MicrosoftTeams\2.3.1\net472\SfBORemotePowershellModule.psm1:22959 char:38
+ ... -Session (Get-PSImplicitRemotingSession -CommandName 'New-CsApplic ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidData: (:) [Invoke-Command], ParentContainsErrorRecordException
+ FullyQualifiedErrorId : ParameterArgumentValidationError,Microsoft.PowerShell.Commands.InvokeCommandCommand
I'm guessing it has something to do with the first command that it's not remembering my login, but I can't find anywhere on how to do this. Does anyone know what I'm doing wrong and what the correct way is?.
Edit:
I finished the first problem. I needed to create an account on the active directory itself because Microsoft accounts weren't allowed. But my second error is still here:
Invoke-Command : Cannot validate argument on parameter 'Session'. The argument is null or empty. Provide an argument that is
not null or empty, and then try the command again.
At C:\Program Files\WindowsPowerShell\Modules\MicrosoftTeams\2.3.1\net472\SfBORemotePowershellModule.psm1:22959 char:38
+ ... -Session (Get-PSImplicitRemotingSession -CommandName 'New-CsApplic ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidData: (:) [Invoke-Command], ParentContainsErrorRecordException
+ FullyQualifiedErrorId : ParameterArgumentValidationError,Microsoft.PowerShell.Commands.InvokeCommandCommand
Is there a way to set the session via a parameter or is this something you need to do outside this method?
I want to check if VMHost is configured with Syslog forwarding
I have written the following cmdlets but it is not giving "Syslog forwarding" status.
$esxcli = Get-EsxCli -VMHost abc.com
$esxcli.system.syslog | Select-Object *
$esxcli.system.syslog | gm is returning an error
gm : You must specify an object for the Get-Member cmdlet.
At line:1 char:25
+ $esxcli.system.syslog | gm
+ ~~
+ CategoryInfo : CloseError: (:) [Get-Member], InvalidOperationException
+ FullyQualifiedErrorId : NoObjectInGetMember,Microsoft.PowerShell.Commands.GetMemberCommand
$esxcli.system.syslog.config.get() is returning an error:
You cannot call a method on a null-valued expression.
At line:1 char:1
+ $esxcli.system.syslog.config.get()
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (:) [], RuntimeException
+ FullyQualifiedErrorId : InvokeMethodOnNull
PowerCLI includes the Get-VMHostSysLogServer cmdlet. In the context of your question, this command would return the Syslog Server for the VMHost abc.com:
Get-VMHostSysLogServer -VMHost abc.com
Whenever I open the package manager console in new VS 2017 session, it shows the below two error messages, and the for all intents and purposes operates normally. At least for vanilla commands like Install-Package.
Join-Path : Cannot convert 'System.Object[]' to the type 'System.String' required by parameter 'ChildPath'. Specified method is not supported.
At C:\Dev\.NET\Projects\AcmeSoft\Code\packages\Microsoft.CodeDom.Providers.DotNetCompilerPlatform.1.0.0\tools\init.ps1:13 char:57
+ ... rPackageDirectory = Join-Path $packageDirectory $compilerPackage.Name
+ ~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (:) [Join-Path], ParameterBindingException
+ FullyQualifiedErrorId : CannotConvertArgument,Microsoft.PowerShell.Commands.JoinPathCommand
and
Join-Path : Cannot bind argument to parameter 'Path' because it is null.
At C:\Dev\.NET\Projects\AcmeSoft\Code\packages\Microsoft.CodeDom.Providers.DotNetCompilerPlatform.1.0.0\tools\init.ps1:14 char:44
+ ... erPackageToolsDirectory = Join-Path $compilerPackageDirectory 'tools'
+ ~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidData: (:) [Join-Path], ParameterBindingValidationException
+ FullyQualifiedErrorId : ParameterArgumentValidationErrorNullNotAllowed,Microsoft.PowerShell.Commands.JoinPathCommand
The offending line for the first is:
$compilerPackageDirectory = Join-Path $packageDirectory $compilerPackage.Name
with the error at $compilerPackage.Name (i.e. "char:57")
The offending line for the second is:
$compilerPackageToolsDirectory = Join-Path $compilerPackageDirectory 'tools'
with the error at $compilerPackageDirectory 'tools'.
Can anyone with more Nuget and or PowerShell skills than me explain why this is happening, and how I can fix it, please?
Trying PS command:
Set-FsrmFileGroup -Name "Anti-Ransomware File Groups" -IncludePattern #((Invoke-WebRequest -Uri "https://fsrm.experiant.ca/api/v1/combined" -UseBasicParsing).Content | ConvertFrom-Json | % {$_.filters})
Getting error:
New-FsrmFileGroup : Invalid namespace
At line:1 char:1
+ New-FsrmFileGroup -Name "Anti-Ransomware File Groups" -IncludePattern #((Invoke- ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : MetadataError: (MSFT_FSRMFileGroup:Root/Microsoft/...T_FSRMFileGroup) [New-FsrmFileGroup], CimException
+ FullyQualifiedErrorId : HRESULT 0x8004100e,New-FsrmFileGroup
I also notice some errors in FSRM:
Firewall is off and I am domain admin running this as admin. SFC and a WMI repair came back as good. I am going based off a guide (https://fsrm.experiant.ca/). This has worked across a ton of other servers so I don't believe the commands to be improperly formatted.
Output of Get-WmiObject -Namespace 'Root/Microsoft/Windows/Fsrm' -List:
Get-WmiObject : Could not get objects from namespace Root/Microsoft/Windows/Fsrm.
Invalid namespace
At line:1 char:1
+ Get-WmiObject -Namespace 'Root/Microsoft/Windows/Fsrm' -List
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (:) [Get-WmiObject], ManagementException
+ FullyQualifiedErrorId : INVALID_NAMESPACE_IDENTIFIER,Microsoft.PowerShell.Commands.GetWmiObjectCommand
I am new to PowerShell, so I may have missed something simple. I am trying to run a file checksum for Start-PsFCIV, outlined here.
My attempt is below, where I have also tried excluding the -Path parameter, as well as using relative/absolute paths.
PS C:\Users\Lucas\Downloads> Start-PsFCIV -Path C:\Users\Lucas\Downloads\DXSDK_Jun10.exe -HashAlgorithm SHA1
Set-Location : Cannot find path 'C:\Users\Lucas\Downloads\DXSDK_Jun10.exe' because it does not exist.
At C:\Scripts\PsFCIV_2.5.ps1:227 char:3
+ Set-Location -LiteralPath $path
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (C:\Users\Lucas\Downloads\DXSDK_Jun10.exe:String) [Set-Location], ItemNotFoundException
+ FullyQualifiedErrorId : PathNotFound,Microsoft.PowerShell.Commands.SetLocationCommand
Test-Path : Cannot bind argument to parameter 'LiteralPath' because it is an empty string.
At C:\Scripts\PsFCIV_2.5.ps1:280 char:32
+ if (!(Test-Path -LiteralPath $XML)) {return New-Object PsFCIV.FCIV}
+ ~~~~
+ CategoryInfo : InvalidData: (:) [Test-Path], ParameterBindingValidationException
+ FullyQualifiedErrorId : ParameterArgumentValidationErrorEmptyStringNotAllowed,Microsoft.PowerShell.Commands.TestPathCommand
__fromxml : Input XML file is not valid FCIV XML file.
At C:\Scripts\PsFCIV_2.5.ps1:511 char:9
+ $sum = __fromxml $xml
+ ~~~~~~~~~~~~~~
+ CategoryInfo : InvalidData: (:) [Write-Error], WriteErrorException
+ FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,__fromxml
Exception setting "VerboseForegroundColor": "Cannot convert value "-1" to type "System.Windows.Media.Color". Error: "Invalid cast from 'System.ConsoleColor' to 'System.Windows.Media.Color'.""
At C:\Scripts\PsFCIV_2.5.ps1:607 char:4
+ $host.PrivateData.VerboseForegroundColor = $Host.UI.RawUI.ForegroundColor
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [], SetValueInvocationException
+ FullyQualifiedErrorId : ExceptionWhenSetting
You cannot call a method on a null-valued expression.
At C:\Scripts\PsFCIV_2.5.ps1:612 char:4
+ $sum.FILE_ENTRY.Add($entry)
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (:) [], RuntimeException
+ FullyQualifiedErrorId : InvokeMethodOnNull
Exception setting "VerboseForegroundColor": "Cannot convert value "-1" to type "System.Windows.Media.Color". Error: "Invalid cast from 'System.ConsoleColor' to 'System.Windows.Media.Color'.""
At C:\Scripts\PsFCIV_2.5.ps1:607 char:4
+ $host.PrivateData.VerboseForegroundColor = $Host.UI.RawUI.ForegroundColor
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [], SetValueInvocationException
+ FullyQualifiedErrorId : ExceptionWhenSetting
How can I get this command to work? I could not find any solutions or similar problems after ~15 min search.
The first exception you get is thrown by Set-Location cmdlet that for some reason is used in the Start-PsFCIV script. Set-Location expects a folder as its -LiteralPath argument but you pass it a file instead.
As per "Useful Examples" on the PsFCIV webpage the solution is to use -Include argument. Example:
Start-PsFCIV -Path C:\tmp -Include InstallPackage.msi -XML DB.XML -HashAlgorithm SHA512
# Checks only InstallPackage.msi file in C:\tmp folder by using SHA512 hash algorithm.