[英]Access Denied running Remote PowerShell but only when ran from dev server, works fine localy
I am trying to run a remote PowerShell command against our exchange server but am getting an Access Is Denied
error when that command is ran from our development server. 我正在尝试对我们的交换服务器运行远程PowerShell命令,但是当从我们的开发服务器运行该命令时,出现“
Access Is Denied
错误。 The code works fine when I run it on my local machine, I can even remote to the development server and run a PowerShell command and make the connection perfectly fine. 当我在本地计算机上运行该代码时,它可以正常工作,甚至可以远程到开发服务器并运行PowerShell命令,并使连接完全正常。 I need help in figuring out why we are getting the
Access Is Denied
error when only running the code from the development server. 我需要帮助弄清楚为什么仅从开发服务器运行代码时为什么会出现“
Access Is Denied
错误。
public static void CreateEmailBox(string samAccountName)
{
var securedPassword = new SecureString();
foreach (char character in ConfigurationManager.AppSettings["ServiceAccountPassword"]) { securedPassword.AppendChar(character); }
var loginInfo = new PSCredential(ConfigurationManager.AppSettings["ServiceAccountUser"], securedPassword);
var connection = new WSManConnectionInfo(new Uri("http://exch-svr.domain.local/powershell"), "http://schemas.microsoft.com/powershell/Microsoft.Exchange", loginInfo);
connection.AuthenticationMechanism = AuthenticationMechanism.Kerberos;
using (var runspace = RunspaceFactory.CreateRunspace(connection))
{
using (var powershell = PowerShell.Create())
{
powershell.AddCommand("enable-mailbox");
powershell.AddParameter("Identity", samAccountName);
powershell.AddParameter("Database", "Mailbox Database 4");
runspace.Open();
powershell.Runspace = runspace;
powershell.Invoke();
runspace.Close();
}
}
}
The issue would be with the password, and how it is being stored as the Secure String. 问题出在密码,以及密码如何作为安全字符串存储。
Secure Strings are different between computers because the encryption key used to encrypt/decrypt the password is different on every computer. 安全字符串在计算机之间是不同的,因为用于加密/解密密码的加密密钥在每台计算机上都不同。
You either need to use a shared key, or store a separate Secure String for each computer that you are going to run this from. 您要么需要使用共享密钥,要么为要从中运行共享密钥的每台计算机存储一个单独的安全字符串。
For more information, on how to pass Secure Strings between computers see my more detailed Answer on: ConvertTo-SecureString gives different experience on different servers 有关如何在计算机之间传递安全字符串的更多信息,请参见我的更详细的答案: ConvertTo-SecureString在不同的服务器上提供不同的体验
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.