1
今天我有同樣的問題,我找不到解決方案,在WEB中搜索讀噸文章,但沒有成功。 我在遠程計算機上運行PowerShell腳本的問題。 如果我在本地運行此腳本 - 它是有效的,但遠程不是。遠程PowerShell ps1執行問題
這是我的全部故事。
Server: Windows 2008 R2 with SP1 + latest updates FW – Off UAC – ON : - User Account Control: Use Admin Approval Mode for the built-in Administrator account – Disable - User Account Control: Allow UIAccess applications to prompt for elevation without using the secure desktop. – Disable - User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode – Elevate without prompting - User Account Control: Detect application installations and prompt for elevation – Disable Domain: hardening.com Hostname: qwerty12345 Version of PowerShell is Installed: PS C:\Windows\system32> $PSVersionTable Name Value ---- ----- CLRVersion 2.0.50727.5420 BuildVersion 6.1.7601.17514 PSVersion 2.0 WSManStackVersion 2.0 PSCompatibleVersions {1.0, 2.0} SerializationVersion 1.1.0.1 PSRemotingProtocolVersion 2.1 Client: Windows 2008 R2 + latest updates FW – Off UAC – ON : - User Account Control: Use Admin Approval Mode for the built-in Administrator account – Disable - User Account Control: Allow UIAccess applications to prompt for elevation without using the secure desktop. – Disable - User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode – Elevate without prompting - User Account Control: Detect application installations and prompt for elevation – Disable Domain: systemqa.com Version of PowerShell is Installed: PS C:\> $PSVersionTable Name Value ---- ----- CLRVersion 2.0.50727.4952 BuildVersion 6.1.7600.16385 PSVersion 2.0 WSManStackVersion 2.0 PSCompatibleVersions {1.0, 2.0} SerializationVersion 1.1.0.1 PSRemotingProtocolVersion 2.1 • On Client installed also PowerCLI 1. On Server , I have file "C:\Windows\Temp\ ConfigurationWinRM.ps1」 with following content: winrm set winrm/config/client `@`{TrustedHosts=`"`*`"`} winrm set winrm/config/winrs '@{MaxShellsPerUser="100"}' 2. My mission run those script on remote 「Server」 machine. 3. I run following script from 「Client」 machine but get always same errors: Message = Access is denied. Error number: -2147024891 0x80070005 a. Example 1: $domainCrd = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList "[email protected]$domainNameFQDN",$domainPASS $ComputerName = "qwerty12345.hardening.com" invoke-command -ComputerName $ComputerName -Credential $domainCrd -ScriptBlock { $FileName = "ConfigurationWinRM.ps1" $ItemLocation = "C:\Windows\Temp\" powershell -NoProfile -Command ". $ItemLocation$FileName" } b. Example 2: $ComputerName = "qwerty12345.hardening.com" $securePassword = ConvertTo-SecureString "**********" -AsPlainText -force $credential = New-Object System.Management.Automation.PsCredential("$domainName\$domainUser",$securePassword) Invoke-Command -ComputerName $ComputerName -ScriptBlock { $FileName = "ConfigurationWinRM.ps1" $ItemLocation = "C:\Windows\Temp\" powershell -Command ". $ItemLocation$FileName" } -Credential $credential c. Example 3: [ScriptBlock] $global:runFile = { $FileName = "ConfigurationWinRM.ps1" ### $ItemLocation = "C:\Windows\Temp\" $ItemLocation = "$env:windir\Temp\" & "$ItemLocation$FileName" } RemotePowerShellConnect domain $runFile WSManFault + CategoryInfo : NotSpecified: (WSManFault:String) [], RemoteException + FullyQualifiedErrorId : NativeCommandError Message = Access is denied. Error number: -2147024891 0x80070005 Access is denied. WSManFault Message = Access is denied. Error number: -2147024891 0x80070005 Access is denied. [vSphere PowerCLI] C:\> $error[0] | Format-List * -Force PSMessageDetails : OriginInfo : qwerty12345.hardening.com Exception : System.Management.Automation.RemoteException: Error number: -2147024891 0x80070005 Access is denied. TargetObject : CategoryInfo : NotSpecified: (:) [], RemoteException FullyQualifiedErrorId : NativeCommandErrorMessage ErrorDetails : InvocationInfo : PipelineIterationInfo : {} d. Example 4: [vSphere PowerCLI] C:\> [ScriptBlock] $global:www = { $FileName = "ConfigurationWinRM.ps1" $ItemLocation = "C:\Windows\Temp\" function Invoke-Admin() { param ([string]$program = $(throw "Please specify a program"), [string]$argumentString = "", [switch]$waitForExit) $psi = new-object "Diagnostics.ProcessStartInfo" $psi.FileName = $program $psi.Arguments = $argumentString $psi.Verb = "runas" $proc = [Diagnostics.Process]::Start($psi) if ($waitForExit) { $proc.WaitForExit(); } } Write-Host -ForegroundColor Green "Invoke-Admin powershell $ItemLocation$FileName" Invoke-Admin powershell $ItemLocation$FileName } [vSphere PowerCLI] C:\> RemotePowerShellConnect domain $www Session state: Opened Session availability: Available Running Service is running ... You connect to VM Remote PowerShell ... Invoke-Admin powershell C:\Windows\Temp\ConfigurationWinRM.ps1 [vSphere PowerCLI] C:\> [vSphere PowerCLI] C:\> Nothing heppend !!!!! No updates on remote 「Server」 machine !!! e. Example 5: .\tmp\psexec -d \\$hostNAME -u $domainName\$domainUser -p $myPASS cmd /C START /WAIT powershell %windir%\Temp\ConfigurationWinRM.ps1 PsExec v1.98 - Execute processes remotely Copyright (C) 2001-2010 Mark Russinovich Sysinternals - www.sysinternals.com cmd started on qwerty12345 with process ID 3860. [vSphere PowerCLI] C:\> Nothing heppend !!!!! No updates on remote 「Server」 machine !!!
有關於它的全部源代碼,任何解決 的.ps1文件中沒有引用? – Kiquenet 2012-05-30 07:27:34