堆栈内存溢出
  简体   繁体   English

Winrm 无法使用 dnscmd - Windows 服务器 2012 R2 标准服务器

[英]Winrm not able to use dnscmd - Windows server 2012 R2 Standard server

 原文  2019-11-11 13:16:21       windows/ windows-server-2012-r2/ winrm

问题描述

I am trying to manage a Windows server 2012 R2 Standard server over winrm.我正在尝试通过 winrm 管理 Windows 服务器 2012 R2 标准服务器。 On the server I would like to run dnscmd from the rsat package.在服务器上,我想从 rsat package 运行 dnscmd。 You can see below if I just run the dnscmd in the power shell prompt it is successful.可以看到下面如果我只是在power shell 中运行dnscmd 提示就成功了。 However when I invoke it remotely over winrm the command fails with ERROR_ACCESS_DENIED.但是,当我通过 winrm 远程调用它时,命令失败并显示 ERROR_ACCESS_DENIED。


PS C:\Windows\system32> dnscmd adServer /RecordDelete mycompany.com newTestRecord A /f
Deleted A record(s) at mycompany.com 
Command completed successfully.


PS C:\Windows\system32> Test-WsMan localhost
wsmid           : http://schemas.dmtf.org/wbem/wsman/identity/1/wsmanidentity.xsd
ProtocolVersion : http://schemas.dmtf.org/wbem/wsman/1/wsman.xsd
ProductVendor   : Microsoft Corporation
ProductVersion  : OS: 0.0.0 SP: 0.0 Stack: 3.0


PS C:\Windows\system32> Invoke-Command -ComputerName localhost -ScriptBlock {
>> dnscmd adServer /RecordDelete mycompany.com newTestRecord A /f
>> } 
Command failed:  ERROR_ACCESS_DENIED     5    0x5


PS C:\Windows\system32> Invoke-Command -ComputerName localhost -ScriptBlock {
>> hostname
>> }
myServerHostname

1 个解决方案

解决方案1
 0  2019-11-19 21:58:48

The issue was double-hop/multi-hop.问题是双跳/多跳。 When you login over winRM it doesn't want to allow you to use the same credential token to reach to a different machine.当您通过 winRM 登录时,它不想让您使用相同的凭证令牌访问不同的计算机。 I got around this issue by connecting over winrm then opening up a nested Powershell session.我通过通过 winrm 连接然后打开嵌套的 Powershell session 解决了这个问题。 It's essentially refreshes the tokens allowing the user to connect to the active directory server.它本质上是刷新允许用户连接到活动目录服务器的令牌。

Please see the following for more information请参阅以下内容以获取更多信息

Make sure to install Remote Server Administration Tools (RSAT) for dnscmd.确保为 dnscmd 安装远程服务器管理工具 (RSAT)。

$password = '{pass}' | ConvertTo-SecureString -AsPlainText -Force
$username = '{user}'
$cred = New-Object System.Management.Automation.PSCredential -ArgumentList $username,$password
Invoke-Command -ComputerName localhost -Credential $cred -ConfigurationName svc_dns_middleMan -ScriptBlock {
  '{dnscmd_commands}'
}

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Katalon Studio 是否适用于 Windows Server 2012 R2 标准? - Does Katalon Studio works on Windows Server 2012 R2 standard? Windows 2012 Server R2标准应用程序上的控制台应用程序错误 - Console Application Error on Windows 2012 server R2 standard application Windows 2012 R2服务器下的imagepng - imagepng under a Windows 2012 R2 Server Windows Server 2012 R2中的Virtualbox错误 - Windows Server 2012 R2 in Virtualbox error Windows Server 2012 R2上的MSSQL Server远程登录问题 - MSSQL Server Remote Login Issue on Windows Server 2012 R2 Windows Server 2012 R2智能卡限制 - Windows Server 2012 R2 Smart card limit Windows Server 2012 R2启动时Red5 1.05失败 - Red5 1.05 on Windows Server 2012 R2 startup fails 在 Windows Server 2012 R2 上安装 Websense 软件时出错 - Error Installing Websense Software on Windows Server 2012 R2 PostgreSQL数据库可在Windows Server 2012 R2上运行吗 - Does PostgreSQL Database work on Windows Server 2012 R2 Windows Server 2012 R2上的py2exe可执行文件有问题 - Issue with py2exe executable on Windows Server 2012 R2
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM