我有两台远程机器:1 我们称之为驱动程序,2 我们称之为客户端。它们在同一个域中,我们称它们为“TECH.com”。
在驱动程序机器上,我有一个 PowerShell 脚本来控制客户端机器: 1、在客户端上还原检查点。2、停止客户端。3、启动客户端。等等。我想做的事情是让客户端机器执行另一个 PowerShell 脚本(它可以驻留在客户端或/和驱动程序中。如有必要,我可以将文件从驱动程序复制到客户端)客户端机器。
于是我做了一些研究,发现了两种方法: 1、WS管理。2、WMI 我在两台机器上都启用了-psremoting。我已经在两台机器上测试了 WsMan,他们发现工作正常我已经能够在这两台机器之间传输文件但是,当我尝试运行 Invoke-command 时,它给了我错误:
Connecting to remote server XXXXXXtech.com failed with the following error message : WinRM cannot process the request. The following
error with errorcode 0x80090311 occurred while using Kerberos authentication: There are currently no logon servers available to service the logon request.
Possible causes are:
-The user name or password specified are invalid.
-Kerberos is used when no authentication method and no user name are specified.
-Kerberos accepts domain user names, but not local user names.
-The Service Principal Name (SPN) for the remote computer name and port does not exist.
-The client and remote computers are in different domains and there is no trust between the two domains.
After checking for the above issues, try the following:
-Check the Event Viewer for events related to authentication.
-Change the authentication method; add the destination computer to the WinRM TrustedHosts configuration setting or use HTTPS transport.
Note that computers in the TrustedHosts list might not be authenticated.
-For more information about WinRM configuration, run the following command: winrm help config. For more information, see the about_Remote_Troubleshooting Help topic.
+ CategoryInfo : OpenError: (XXXXXX.XXXXtech.com:String) [], PSRemotingTransportException
+ FullyQualifiedErrorId : AuthenticationFailed,PSSessionStateBroken
几个选项:
在本地机器上,允许无需身份验证即可连接到远程机器:
Set-Item WSMan:\localhost\Client\TrustedHosts -Value $remoteMachine -Force
如果您在同一个域中并且您在远程计算机上拥有管理员权限,请继续尝试使用您的用户名进入远程会话。
否则,您可能需要/想要设置凭证对象并使用它来启动Invoke-Command.
$script = { Write-Host "Hello, World!" }
$computerName = "Server Name Or Ip Address"
$username = "domain\user"
$pw = "worstpasswordever"
# Create Credentials
$securepw = ConvertTo-SecureString $pw -asplaintext -force
$cred = new-object -typename System.Management.Automation.PSCredential -argument $username, $securepw
# Create and use session
$session = New-PSSession -credential $cred -ComputerName $computerName
Invoke-Command -Session $session -ScriptBlock $script
Remove-PSSession $session
| 归档时间: |
|
| 查看次数: |
24680 次 |
| 最近记录: |