I encounter a weird issue with my Python code which uses pywinrm module. Let me explain a bit. I have a Linux server where I launch the following python script:
import winrm
"""Create security group"""
s = winrm.Session('https://servername:5986/wsman',
auth=(None, None), transport='kerberos',
server_cert_validation='ignore')
name = "test"
path = "OU=Security Groups,DC=test,DC=org"
ps_command = 'New-ADGroup -Name "{0}"
-GroupScope Universal
-GroupCategory Security
-Path "{1}" -Server ldap.test.org'.format(name, path)
r = s.run_ps(ps_command)
if r.status_code == 0 :
print(r.std_out.decode('UTF-8'))
else:
print(r.std_err('UTF-8'))
This one will connect on the HTTPS listener of a Windows server (not a DC) which then will launch the command of the group creation.
When I launch the AD cmdlet directly on the Windows server, it works perfectly and the security group is created within the AD. But via the script, I have the following response:
$ python3 test_winrm.py
New-ADGroup : Unable to contact the server. This may be because this server does not exist, it is currently down,
or it does not have the Active Directory Web Services running.
At line:1 char:1
+ New-ADGroup -Name "test" -GroupScope Universal -GroupCategory Security
-Path "O ...
+
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~
+ CategoryInfo : ResourceUnavailable: (:) [New-ADGroup], ADServer
DownException
+ FullyQualifiedErrorId : ActiveDirectoryServer:0,Microsoft.ActiveDirector
y.Management.Commands.NewADGroup
I want also to notice that if I replace the current PowerShell command by a basic one (for instance, creation of a folder on the Windows server), it works.
So it works on the Windows server locally but not with AD cmdlets even if RSAT is installed... Have you previous experience on this topic?
Thanks for the help.
