1

i wan to run portqry from different forest using below script but i receive path can't be found error. while accessing the file from network share i can access it manually with no issue from remote domain

# Get forest name 

$domain = "spos02600287.test.net"
$contextType = [system.directoryservices.activedirectory.Directorycontexttype]::Domain
$domain ="$domain"
$domainContext = new-object system.directoryservices.ActiveDirectory.DirectoryContext @($contextType,$domain)
#Query  the Forest and PDC Role Emulator 
$Server = [system.DirectoryServices.Activedirectory.Domain]::GetDomain($domaincontext)
$passwords = "newtemp123"
$user =  "$domain\Administrator"
$password = $Passwords | ConvertTo-SecureString -AsPlainText -Force
$creds = New-Object System.Management.Automation.PSCredential -argument $user, $password

$PDC =$server.Name
foreach ( $serv in $PDC){

$Server =  "d.root-servers.net"
$Port = "53"

Invoke-Command -ComputerName $serv -Credential $creds  -ScriptBlock {\\10.28.64.15\EXE\portqry.exe -n $Server -e $Port -p UDP }}
npocmaka
  • 55,367
  • 18
  • 148
  • 187
user3130604
  • 17
  • 5
  • the issue was resolved by just adding -authentication credssp in the invoke command line like below Invoke-Command -ComputerName $serv -Credential $creds -authentication credssp -ScriptBlock { } – user3130604 Oct 20 '14 at 18:17

2 Answers2

0

What you are experiencing looks like the famous PowerShell double hop issues. Basically, when remoting via Invoke-command you can't access a remote location.

Also, You seem to be missing brackets after "-scriptBlock"?

Here is some more information on the issue. And here, from MSDN.

Jake Nelson
  • 1,748
  • 13
  • 22
  • I forgot to paste the brackets . my question is if i do gpupdate instead of acess the network path in script block . it works fine if it was double hop issue it shouldn't work correct ? – user3130604 Oct 17 '14 at 05:06
  • @user3130604 gpupdate would work in place of "\\10.28.64.15\EXE\portqry.exe" because gpupdate is local. It doesn't have to authenticate a second time to access files locally on that PC. If you copy portqry.exe to the PC you are remoting to and access it locally it should work. Or you can resolve the double hop with the information from the links. – Jake Nelson Oct 18 '14 at 02:22
0

The issue was resolved by just adding -authentication credssp in the invoke command line like below 

Invoke-Command -ComputerName $serv -Credential $creds -authentication credssp -ScriptBlock {...}
Matt
  • 45,022
  • 8
  • 78
  • 119
user3130604
  • 17
  • 5