Escolar Documentos
Profissional Documentos
Cultura Documentos
Page 1 of 6
Home About Publications Script center PowerShell PowerPack Presentations Sharepoint SharePoint2010 Deployment Tips & Tricks Virtualization Hyper-V Hyper-V v2 Virtual PC Virtual Server Feedburner Ravikanth Chaganti SharePoint, Virtualization, Automation and much more ...
If you have been following this remoting series and using PS remoting on a test setup or even production, you must have gone through a few initial hiccups. In fact, there could be many such issues if you are working in a mixed environment where you have a few computers in a domain and a few in workgroup. So, in this part of the remoting series I will discuss some of these issues and workarounds to resolve the same. I discussed enabling remoting on workgroup computers in part3 Enable remoting of this series. This post is kind of an extension to that. A more detailed guide is available at about_remote_troubleshooting page on TechNet. I will list only the scenarios I have tested. Remoting to a computer in workgroup from a computer in domain Take an example of two computers, Win7-VM in a domain environment and WinXP-VM in a workgroup. Now, if you want to start a remoting session from Win7-VM using Enter-PSSession using
Enter-PSSession -ComputerName WinXP-VM -Credential WinXP-VM\Administrator
http://www.ravichaganti.com/blog/?p=1181
8/13/2012
PowerShell 2.0 remoting guide: Part 8 remoting scenarios and troubleshooting Ravik... Page 2 of 6
Error We can workaround this by adding the remote computer to local computers trusted hosts list in this case, on Win7-VM. You can use one of the following methods.
Set-Item WSMan:\localhost\Client\TrustedHosts -Value * set-item wsman:\localhost\Client\TrustedHosts -value WinXP-VM
Note: WSMan:\LocalHost\Client will be available only if WinRM service is enabled and running. The first command uses a wildcard to add all computers in the network to the list of trusted hosts and the second command adds only WinXP-VM to that list. You can also supply a comma seperated list. Remoting to a computer in domain from a computer in workgroup Using the same example as above if you want to establish a remoting session from WinXP-VM to Win7-VM, you can change the trusted hosts list on WinXP-VM to add the computers in the domain. Again, it can be done in multiple ways.
Set-Item WSMan:\localhost\Client\TrustedHosts -Value * set-item wsman:\localhost\Client\TrustedHosts -value Win7-VM set-item wsman:\localhost\Client\TrustedHosts -value *.remotinglab.com
The first two commands variations must be familiar by now. The 3rd variation adds all computers in remotinglab.com domain to the trusted hosts on WinXP-VM computer. Remoting to a domain computer as a non-administrator from another domain computer To start a remoting a session with a remote computer, the user initiating the remoting session must 1. Be a member of the administrators group on the remote computer or 2. Be able to authenticate to the remote computer as an administrator using the Credential parameter Alternatively on the remote computer, you can give non-administrator users execute permission to default session configuration. This can be done by running the following command at a elevated PowerShell prompt
Set-PSSessionConfiguration Microsoft.Powershell -ShowSecurityDescriptorUI #In addition to the above, on a x64 computer Set-PSSessionConfiguration Microsoft.Powershell32 -ShowSecurityDescriptorUI
http://www.ravichaganti.com/blog/?p=1181
8/13/2012
PowerShell 2.0 remoting guide: Part 8 remoting scenarios and troubleshooting Ravik... Page 3 of 6
When you use the above cmdlet, you will see a dialog box as shown here.
Session Permission Here, you need to click add and then select the non-administrator user account. Once added, give the user Execute permission. After you click OK on the main dialog and return to PowerShell, you will be prompted to restart WinRM service. That is it. I recommend this method than the first two. This way a non-administrator user should be able to remote in to a domain computer without providing administrator credentials or adding the user to local administrators group. A few things I discussed here today are really meant for an advanced remoting post. However, for the sake of getting started in a mixed environment, I thought this post is must. Feel free to write any questions you may have in an email or tweet to me.
Ravikanth
A technology enthu and a Windows PowerShell MVP working on SharePoint solutions at Dell Inc. Has deep interests in Windows Server OS & Virtualization. More Posts - Website - Twitter - Facebook
Share this:
Facebook Network
http://www.ravichaganti.com/blog/?p=1181
8/13/2012
PowerShell 2.0 remoting guide: Part 8 remoting scenarios and troubleshooting Ravik... Page 4 of 6
You are using an older browser. In order to comment, please upgrade to either Flash 10 or Internet Explorer 8.
Like
Login
Image
Post as
Showing 0 comments
M Subscribe by email S RSS
Trackback URL http://www.ravichaganti.com/blog/wp Previous post: PowerShell 2.0 remoting guide: Part 7 saving remote session to disk Next post: Download PowerScripting podcast episodes using PowerShell and BITS
eBooks
Laymans Guide to PowerShell 2.0 remoting WMI query language (WQL) via PowerShell
Archives
Select Month
http://www.ravichaganti.com/blog/?p=1181
8/13/2012
PowerShell 2.0 remoting guide: Part 8 remoting scenarios and troubleshooting Ravik... Page 5 of 6
Follow Me
Search
Search
http://www.ravichaganti.com/blog/?p=1181
8/13/2012
PowerShell 2.0 remoting guide: Part 8 remoting scenarios and troubleshooting Ravik... Page 6 of 6
Subscribe
Subscribe
Categories
Select Category
Get smart with the Thesis WordPress Theme from DIYthemes. WordPress Admin
http://www.ravichaganti.com/blog/?p=1181
8/13/2012