stackoom
  简体   繁体   中英

Winrm not able to use dnscmd - Windows server 2012 R2 Standard server

 原文  2019-11-11 13:16:21       windows/ windows-server-2012-r2/ winrm

Question

I am trying to manage a Windows server 2012 R2 Standard server over winrm. On the server I would like to run dnscmd from the rsat package. You can see below if I just run the dnscmd in the power shell prompt it is successful. However when I invoke it remotely over winrm the command fails with ERROR_ACCESS_DENIED.


PS C:\Windows\system32> dnscmd adServer /RecordDelete mycompany.com newTestRecord A /f
Deleted A record(s) at mycompany.com 
Command completed successfully.


PS C:\Windows\system32> Test-WsMan localhost
wsmid           : http://schemas.dmtf.org/wbem/wsman/identity/1/wsmanidentity.xsd
ProtocolVersion : http://schemas.dmtf.org/wbem/wsman/1/wsman.xsd
ProductVendor   : Microsoft Corporation
ProductVersion  : OS: 0.0.0 SP: 0.0 Stack: 3.0


PS C:\Windows\system32> Invoke-Command -ComputerName localhost -ScriptBlock {
>> dnscmd adServer /RecordDelete mycompany.com newTestRecord A /f
>> } 
Command failed:  ERROR_ACCESS_DENIED     5    0x5


PS C:\Windows\system32> Invoke-Command -ComputerName localhost -ScriptBlock {
>> hostname
>> }
myServerHostname

1 answers

solution1
 0  2019-11-19 21:58:48

The issue was double-hop/multi-hop. When you login over winRM it doesn't want to allow you to use the same credential token to reach to a different machine. I got around this issue by connecting over winrm then opening up a nested Powershell session. It's essentially refreshes the tokens allowing the user to connect to the active directory server.

Please see the following for more information

Make sure to install Remote Server Administration Tools (RSAT) for dnscmd.

$password = '{pass}' | ConvertTo-SecureString -AsPlainText -Force
$username = '{user}'
$cred = New-Object System.Management.Automation.PSCredential -ArgumentList $username,$password
Invoke-Command -ComputerName localhost -Credential $cred -ConfigurationName svc_dns_middleMan -ScriptBlock {
  '{dnscmd_commands}'
}

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Does Katalon Studio works on Windows Server 2012 R2 standard? Console Application Error on Windows 2012 server R2 standard application imagepng under a Windows 2012 R2 Server Windows Server 2012 R2 in Virtualbox error MSSQL Server Remote Login Issue on Windows Server 2012 R2 Windows Server 2012 R2 Smart card limit Red5 1.05 on Windows Server 2012 R2 startup fails Error Installing Websense Software on Windows Server 2012 R2 Does PostgreSQL Database work on Windows Server 2012 R2 Issue with py2exe executable on Windows Server 2012 R2
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM