[英]Unable to run PowerShell script across domains
我正在尝试编写一个脚本来检索跨域的任何过期的IIS证书。 我可以在与服务器列表相同的域上运行脚本而没有任何错误,但即使我使用的用户具有跨所有域的管理员访问权限,我也无法跨域。
我尝试使用New-PSSesiion并将其传递给Invoke-Command,我收到错误:WindRM无法处理请求。
cd C:\Deploy\Certs
Enable-PSRemoting –force
#set up path and user variables
$AESKeyFilePath = “aeskey.txt” # location of the AESKey
$SecurePwdFilePath = “credpassword.txt” # location of the file that hosts the encrypted password
$user = "DOMAIN\Username" # User account login
#use key and password to create local secure password
$AESKey = Get-Content -Path $AESKeyFilePath
$pwdTxt = Get-Content -Path $SecurePwdFilePath
$securePass = $pwdTxt | ConvertTo-SecureString -Key $AESKey
#crete a new psCredential object with required username and password
$adminCreds = New-Object System.Management.Automation.PSCredential($user, $securePass)
$ServerList=Get-Content .\components\hosts.txt
foreach ( $Server in $ServerList ) {
Write-Host "Checking $Server is up"
if ( ( Test-Connection $Server -Quiet ) -eq $True ) {
# Open remote session:
#$session = New-PSSession -ComputerName $Server -Credential $adminCreds -ThrottleLimit 16
Invoke-Command -ComputerName $Server -ScriptBlock {
Import-Module -Name WebAdministration
Get-ChildItem -Path IIS:SSLBindings | ForEach-Object -Process `
{
if ($_.Sites)
{
$certificate = Get-ChildItem -Path CERT:LocalMachine/My |
Where-Object -Property Thumbprint -EQ -Value $_.Thumbprint
[PsCustomObject]@{
HostName = $Env:COMPUTERNAME
Sites = $_.Sites.Value
CertificateFriendlyName = $certificate.FriendlyName
CertificateDnsNameList = $certificate.DnsNameList
CertificateExpiration = $certificate.NotAfter
CertificateIssuer = $certificate.Issuer
}
}
}
}| Out-File .\expired_Certs.txt -append #-NoTypeInformation
}
}
错误信息:
WinRM无法处理请求。 使用Kerberos身份验证时出现以下错误,错误代码为0x80090311:我们无法使用此凭据登录您,因为您的域名不可用。 确保您的设备已连接到组织的网络,然后重试。 如果您之前使用其他凭据登录此设备,则可以使用该凭据登录。
解决了! 我阅读了故障排除帮助并运行以下命令将服务器添加到可信主机:
Set-Item wsman:localhost\client\trustedhosts *.domain.name
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.