4

I want to start a New-PSSession without having to pass credentials in a script. I know you can get the password from a file or have it hardcoded in the script and then convert it to a secure string to start the session. However, I want to start the session using the current user's credentials.

The machine I am trying to remote to is in the same domain.

I tried:

Enter-PSSession -ComputerName machineInDomain

Enter-PSSession : Connecting to remote server failed with the following error message : WinRM cannot process the request. The following error occured while using Kerberos authentication: The network path was not found. Possible causes are:
-The user name or password specified are invalid.
-Kerberos is used when no authentication method and no user name are specified.
-Kerberos accepts domain user names, but not local user names.
-The Service Principal Name (SPN) for the remote computer name and port does not exist. -The client and remote computers are in different domains and there is no trust between the two domains. After checking for the above issues, try the following:
-Check the Event Viewer for events related to authentication.
-Change the authentication method; add the destination computer to the WinRM TrustedHosts configuration setting or us e HTTPS transport. Note that computers in the TrustedHosts list might not be authenticated.
-For more information about WinRM configuration, run the following command: winrm help config. For more information, see the about_Remote_Troubleshooting Help topic.

At line:1 char:16 + Enter-PSSession <<<< -ComputerName machineInDomain + CategoryInfo : InvalidArgument: (machineInDomain:String) [Enter-PSSession], PSRemotingTransportException + FullyQualifiedErrorId : CreateRemoteRunspaceFailed

Kerberos should pass the current user's credentials with trust if in the same domain.

Enter-PSSession -ComputerName $RemoteHost -Authentication Kerberos

Enter-PSSession : Connecting to remote server failed with the following error message : WinRM cannot process the request. The following error occurred while using Kerberos authentication: The computer $RemoteHost is unknown to Kerberos. Verify that the computer exists on the network, that the name provided is spelled correctly, and that the Kerberos configuration for accessing the computer is correct. The most common Kerberos configuration issue is that an SPN with the format HTTP/$RemoteHost is not configured for the target. If Kerberos is not required, specify the Negotiate authentication mechanism and resubmit the operation. For more information, see the about_Remote_Troubleshooting Help topic.

At line:1 char:1
+ Enter-PSSession -ComputerName $RemoteHost -Authentication Ke ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  + CategoryInfo          : InvalidArgument: ($RemoteHost) [Enter-PSSession], PSRemotingTransportException
  + FullyQualifiedErrorId : CreateRemoteRunspaceFailed

It seems to be a domain problem.

Clijsters
  • 4,031
  • 1
  • 27
  • 37
CodeEmpower
  • 635
  • 1
  • 11
  • 29
  • 1
    New-PSSession uses the current user's credentials by default. I don't think I understand your question. – EBGreen Oct 16 '13 at 21:29
  • Are these domain joined PCs? If they are domain joined then as @EBGreen says, the current creds are used by default. Or are you trying this from a workgroup? – Keith Hill Oct 16 '13 at 22:33
  • 1
    I am in a domain, current credentials are not used even if in domain! – CodeEmpower Oct 17 '13 at 21:40
  • i dont know if this http://technet.microsoft.com/en-us/library/cc782312(v=ws.10).aspx is outdated – CodeEmpower Oct 17 '13 at 22:19

0 Answers0