[英]Unable to Run Admin PowerShell Commands Remotely with C#
I am trying to run a remote PowerShell script to query and kill the tasks running in a specific session: 我正在尝试运行远程PowerShell脚本以查询并杀死在特定会话中运行的任务:
string hostname = "XADCG.mydomain.co.uk";
string script = "$pw = convertto-securestring -AsPlainText -Force -String password123 " + Environment.NewLine +
"$cred = new-object -typename System.Management.Automation.PSCredential -argumentlist \"DOMAIN1\\zzkillcitrix\",$pw" + Environment.NewLine +
"$sessions = New-PSSession -ComputerName " + hostname + " -credential $cred" + Environment.NewLine +
"Invoke-Command -session $sessions -ScriptBlock {taskkill /s xa7-11.mydomain.co.uk /PID 26208 /F}" + Environment.NewLine +
"Remove-PSSession -Session $sessions" + Environment.NewLine +
"exit";
// Create and open runspace
Runspace runspace = RunspaceFactory.CreateRunspace();
runspace.Open();
// Create piepeline and feed it the script text
Pipeline pipeline = runspace.CreatePipeline();
pipeline.Commands.AddScript(script);
Collection<PSObject> results = new Collection<PSObject>();
try
{
results = pipeline.Invoke();
var error = pipeline.Error.Read();
}
catch (Exception ex)
{
results.Add(new PSObject((object)ex.Message));
}
runspace.Close();
If I call tasklist
, I get the normal, expected result in the results
variable (the list of processes running on the server XADCG) 如果我调用tasklist
, results
在results
变量(服务器XADCG上运行的进程的列表)中获得正常的预期结果。
However, if I try running a query against another session (for example query session user.name /server:xa11.mydomain.co.uk
), my results variable returns empty 但是,如果我尝试针对另一个会话运行查询(例如query session user.name /server:xa11.mydomain.co.uk
),我的结果变量将返回空
After checking which errors are output, I have found the following: 检查输出了哪些错误后,我发现了以下内容:
taskkill /s xa11.mydomain.co.uk /pid 5876 /F
{ERROR: Logon failure: unknown user name or bad password.}
query session user.name /server:xa11.mydomain.co.uk
{Error 5 getting sessionnames}
tasklist /s xa7-11.mydomain.co.uk /fi \"SESSION EQ 4\"
{ERROR: Logon failure: unknown user name or bad password.}
Which obviously makes it seem that I am using the wrong username / password, but I am 100% sure that these are set correctly in the $cred variable 显然,这似乎使我似乎使用了错误的用户名/密码,但是我100%确保在$ cred变量中正确设置了这些用户名/密码。
I can also confirm that the account zzkillcitrix
does have permission to run these queries remotely (I am able to execute all of these commands by calling Process.Start
with a runas
for this user) 我还可以确认该帐户zzkillcitrix
确实有远程运行这些查询的权限(我可以通过调用执行所有这些命令Process.Start
与runas
为这个用户)
Is there somewhere else I need to set these credentials, or am I missing something else from my script? 我是否还需要设置这些凭据,还是我的脚本中缺少其他内容?
Appreciate any help with this 感谢任何帮助
I was able to resolve this with the following script: 我可以使用以下脚本解决此问题:
string hostname = "SERVER.Domain.co.uk";
string script = "$pw = convertto-securestring -AsPlainText -Force -String \"PASSWORD\"" + Environment.NewLine +
"$cred = new-object -typename System.Management.Automation.PSCredential -argumentlist \"Domain1\\zzkillcitrix\",$pw" + Environment.NewLine +
"$sessions = New-PSSession -ComputerName " + hostname + " -credential $cred" + Environment.NewLine +
"Invoke-Command -session $sessions -ScriptBlock {taskkill /s xa7-11.Domain1.co.uk /pid 23736 /U Domain1\\zzkillcitrix /P PASSWORD /F }" + Environment.NewLine +
"Remove-PSSession -Session $sessions" + Environment.NewLine +
"exit";
Runspace runspace = RunspaceFactory.CreateRunspace();
runspace.Open();
Pipeline pipeline = runspace.CreatePipeline();
pipeline.Commands.AddScript(script);
Collection<PSObject> results = new Collection<PSObject>();
try
{
results = pipeline.Invoke();
var errors = pipeline.Error.Read(pipeline.Error.Count);
foreach (var error in errors)
{
var y = error;
}
}
catch (Exception ex)
{
results.Add(new PSObject((object)ex.Message));
}
runspace.Close();
So I needed to authenticate when creating New-PSSession
with my $sessions
variable, and then authenticate again when calling the actual command: 因此,在使用$sessions
变量创建New-PSSession
时,需要进行身份验证,然后在调用实际命令时再次进行身份验证:
"Invoke-Command -session $sessions -ScriptBlock {taskkill /s xa7-11.Domain1.co.uk /pid 23736 /U Domain1\\zzkillcitrix /P PASSWORD /F }" + Environment.NewLine +
I still don't understand why I am able to run that command manually from PowerShell from that same server without providing credentials, but it makes sense in that I am remoting onto the server with $sessions
and then remoting back out, into the session in question when including the authentication details in the ScriptBlock. 我仍然不明白为什么我可以在不提供凭据的情况下从同一服务器从PowerShell手动运行该命令,但是这样做很有意义,因为我将使用$sessions
远程迁移到服务器上,然后将其远程迁移回在ScriptBlock中包括身份验证详细信息时出现问题。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.