Invoke-Command Elevation Issue - powershell

I'm trying to run Invoke-Command with an answer file to the user credentials but I can't seem to get it to finish running. I'm using a local administrator account so nothing on the domain. Here is what I have and the error:
$Username = "$Env:Computername\admin"
$Pass = ConvertTo-SecureString "12345" -AsPlainText -Force
$User = New-Object Management.Automation.PSCredential($UserName, $Pass)
Invoke-Command -ComputerName $Env:Computername -Credential $User -ScriptBlock {
$Path = 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System'
$Name = 'DontDisplayLastUserName'
Set-ItemProperty -path $Path -name $Name -value 0
}
And the error:
[computer] Connecting to remote server failed with the following error message : WinRM cannot process the request. The following error occured while using Kerberos authentication: There are curren
tly no logon servers available to service the logon request.
Any help is greatly appreciated.
Working Solution:
$Username = "$Env:Computername\admin"
$Pass = ConvertTo-SecureString "12345" -AsPlainText -Force
$User = New-Object Management.Automation.PSCredential($UserName, $Pass)
Invoke-Command -ComputerName localhost -Credential $User -ScriptBlock {
$Path = 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System'
$Name = 'DontDisplayLastUserName'
Set-ItemProperty -path $Path -name $Name -value 0
}

I finally figured out the problem, hit me kind of randomly. The following line needed to be changed.
Before:
Invoke-Command -ComputerName $Env:Computername
After:
Invoke-Command -ComputerName localhost
Without localhost it was looking at it like a remote computer and not allowing it access.

Related

Need to execute winrm set winrm/config/client '#{TrustedHosts="192.168.4.231"}' command from PowerShell script from remote

I am firing following script from remote machine to add the executer IP (192.168.4.231) in trusted list. but the below script is getting fired but not I am not getting desired results.
Please let me know is there any wrong way I am executing below script.
$servers = #("192.168.4.236")
foreach($server in $servers) {
$username = 'administrator'
$password = '*******'
$pw = ConvertTo-SecureString $password -AsPlainText -Force
$cred = New-Object Management.Automation.PSCredential ($username, $pw)
$s = New-PSSession -ComputerName $server -Credential $cred
Enter-PSSession $s
Invoke-Command -Session $s -Scriptblock {
Invoke-Expression 'winrm set winrm/config/client '#{TrustedHosts="192.168.4.231"}''
}
Write-Host "Completed"
Remove-PSSession $s
}

Enter PSSession with Variable for ComputerName

I am trying to enter a PSSession using -Computername $Server which was previously defined, but I can't seem to get this to work.
I have tried single, double, and no quotes around the variable at all. What am I doing wrong?
$Servers = Import-Csv "C:\Users\username\Desktop\DNS.csv"
$secpass = ConvertTo-SecureString 'mypassword' -AsPlainText -Force
$myCred = New-Object System.Management.Automation.PSCredential("username", $secpass)
foreach ($Object in $Servers) {
$Server = $Object.Name
Enter-PSSession -ComputerName "$Server" -Credential $myCred
sl HKLM:\SYSTEM\CurrentControlSet\Services\NetBT\Parameters
Invoke-Command -ScriptBlock {Get-Item -Path HKLM:\SYSTEM\CurrentControlSet\Services\NetBT\Parameters}
Exit-PSSession
}
We use enter pssession for creating an interactive session with the remote computer.
In your case, you do not need to have an interaction with the remote system. You just need to fetch the details from the remote systems which are present in the csv file.
So, Instead of this:
foreach($Object in $Servers) {
$Server = $Object.Name
Enter-PSSession -ComputerName "$Server" -Credential $myCred
sl HKLM:\SYSTEM\CurrentControlSet\Services\NetBT\Parameters
Invoke-Command -ScriptBlock {Get-Item -Path HKLM:\SYSTEM\CurrentControlSet\Services\NetBT\Parameters}
Exit-PSSession
}
Do This:
foreach($Object in $Servers)
{
$Server = $Object.Name
Invoke-Command -ComputerName $Server -ScriptBlock {Get-Item -Path HKLM:\SYSTEM\CurrentControlSet\Services\NetBT\Parameters} -Credential $myCred
}
Note: I believe you have enabled PSRemoting and have edited trusted hosts.
The ComputerName param of Invoke-Command will accept an array of servers so you can do away with the foreach loop entirely and simplify your code to:
$Servers = Import-Csv "C:\Users\username\Desktop\DNS.csv" | Select-Object -ExpandProperty Name
$secpass = ConvertTo-SecureString 'mypassword' -AsPlainText -Force
$myCred = New-Object System.Management.Automation.PSCredential("username", $secpass)
Invoke-Command -ComputerName $Servers -ScriptBlock {Get-Item -Path HKLM:\SYSTEM\CurrentControlSet\Services\NetBT\Parameters} -Credential $myCred

Copy-Item over remote network path using WinRS throws UnauthorisedAccessException

$_sourcepath = '\\servername\DriveLetter$\folder\file.zip'
$_destinationPath = 'D:\Temp\file.zip'
Copy-Item -Path $_sourcepath -Destination $_destinationPath;
My PowerShell script is run using WinRS in MSBuilds. It throws UnauthorisedAccessException but works fine when running on the local server.
Now I'm using
$Username = Domain\username";
$Password = ConvertTo-SecureString "password" -AsPlainText -Force
$cred = New-Object System.Management.Automation.PSCredential($Username, $Password)
$session = new-pssession -computername 'serverName' -credential $cred
Invoke-Command -Session $session -ScriptBlock {copy-Item -Path $($args[0]) -destination $($args[1])} -argumentlist $_sourcepath,$_destinationPath ;
and im still getting Unauthorized AccessException.

Execute remote PS command properly

I'm trying to change passwords on more than 1000 hosts running windows server 2008/2012. They assigned to different domains, so I connect to them via their IP, all of them have PowerShell remoting open.
Stuck at my script implementation. For now I just want to connect to single host and change the password of the user or admin whatever.
Here is the code I use
$username = "UserWhose Password I want to change"
$password = ConvertTo-SecureString "users old password" -AsPlainText -Force
$cred = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $username, $password
$serverNameOrIp = "host ip address here"
$s = New-PSSession -ComputerName $serverNameOrIp -Authentication default -Credential $cred
#invoke the scriptblock remotely
$sb = {
"[ADSI]`$Admin=`"WinNT://$env:COMPUTERNAME/$env:USERNAME`""
"`$Admin.SetPassword(`"Users new password`")"
}
Invoke-Command -Session $s -ScriptBlock $sb
Remove-PSSession $s
Now, the console output I get:
PS C:\> ./script
[ADSI]$Admin="WinNT://WIN-TA49U0TR9GT/Administrator"
$Admin.SetPassword("Users new password")
PS C:\>
"WinNT://WIN-TA49U0TR9GT/Administrator" belongs to remote host, my local computername and a username are different.
I'm not getting any error or proper output here. The password isn't changing. If I try to run these commands manually on any host - it works.
Any suggestions? Maybe a working solutions?
You define the commands you want to run on the remote host as strings inside a scriptblock. When you invoke the scriptblock on the remote host it does what PowerShell does with all bare strings: echo them.
Remove the outer quoting and escaping and the code should work as you expect:
$sb = {
[ADSI]$Admin = "WinNT://$env:COMPUTERNAME/$env:USERNAME"
$Admin.SetPassword("Users new password")
}
The scriptblock already prevents variables from being expanded in the current context.
Posting complete working script, that accept console arguments, connect to specified host and change the user password.
ARGS = IP USERNAME OLDPASS NEWPASS
Hope this will help somebody
$serverNameOrIp = $args[0]
$username = $args[1]
$password = ConvertTo-SecureString -String $args[2] -AsPlainText -Force
$newPassword = $args[3]
$cred = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $username, $password
$s = New-PSSession -ComputerName $serverNameOrIp -Authentication default -Credential $cred
$sb = {
param($newPassword)
[ADSI]$Admin = "WinNT://$env:COMPUTERNAME/$env:USERNAME"
$Admin.SetPassword($newPassword)
}
Invoke-Command -Session $s -ScriptBlock $sb -args $newPassword
Remove-PSSession $s

Acess exe from unc path

i wan to run portqry from different forest using below script but i receive path can't be found error. while accessing the file from network share i can access it manually with no issue from remote domain
# Get forest name
$domain = "spos02600287.test.net"
$contextType = [system.directoryservices.activedirectory.Directorycontexttype]::Domain
$domain ="$domain"
$domainContext = new-object system.directoryservices.ActiveDirectory.DirectoryContext #($contextType,$domain)
#Query the Forest and PDC Role Emulator
$Server = [system.DirectoryServices.Activedirectory.Domain]::GetDomain($domaincontext)
$passwords = "newtemp123"
$user = "$domain\Administrator"
$password = $Passwords | ConvertTo-SecureString -AsPlainText -Force
$creds = New-Object System.Management.Automation.PSCredential -argument $user, $password
$PDC =$server.Name
foreach ( $serv in $PDC){
$Server = "d.root-servers.net"
$Port = "53"
Invoke-Command -ComputerName $serv -Credential $creds -ScriptBlock {\\10.28.64.15\EXE\portqry.exe -n $Server -e $Port -p UDP }}
What you are experiencing looks like the famous PowerShell double hop issues.
Basically, when remoting via Invoke-command you can't access a remote location.
Also, You seem to be missing brackets after "-scriptBlock"?
Here is some more information on the issue.
And here, from MSDN.
The issue was resolved by just adding -authentication credssp in the invoke command line like below
Invoke-Command -ComputerName $serv -Credential $creds -authentication credssp -ScriptBlock {...}