开发者

Confusing Powershell behavior

Am a bit confused w/ remote executing a powershell command. I have a test server (Win 2k8-R2-SP1) called ServerA, which has powershell remoting enabled correctly. From my dev machine (Win 2k8-R2-SP1), am able to remote execure powershell commands correctly. But, when I try to execute the same command from a different server called ServerB (Win 2k8-R2), I get the following error

[ServerA] Connecting to remote server failed with the following error message : The client cannot connect to the destination specified in the request. Verify that the service on the destination is run开发者_运维问答ning and is accepting requests. Consult the logs and documentation for the WS-Management service running on the destination, most commonly IIS or WinRM. If the destination is the WinRM service, run the following command on the destination to analyze and configure the WinRM service: "winrm quickconfig". For more information, see the about_Remote_Troubleshooting Help topic. + CategoryInfo : OpenError: (:) [], PSRemotingTransportException + FullyQualifiedErrorId : PSSessionStateBroken

All three machines are in the same domain. My confusion is that from my dev machine, I am perfectly able to connect to ServerA and execute the command.

Will the fact that ServerB does not have SP1, make a difference? Please advise. I am using the same domain account which has admin rights on all 3 servers.

And the command that I am trying is Invoke-Command -ComputerName ServerA -ScriptBlock {Get-UICulture}.

Please help.

Thanks


Run winrm quickconfig or Enable-PSRemoting -force from ServerB.

Verify service is running with get-service winrm

http://technet.microsoft.com/en-us/magazine/ff700227.aspx

Also, run this from your local dev box:

Set-Item WSMan:\localhost\Client\TrustedHosts -Value "*" -Force


I've had this same problem as well, on a machine that was working for remote powershell in the past. In my case the solution was to clear the Security Log. It was full, and I believe this was preventing powershell from making a proper secure connection.


The following fixed my problem:

You either have to empty your iplisten list which can be checked using the following CMD command:

netsh http show iplist

or to add the loop back address to it if there is any other addresses:

netsh http add iplisten 127.0.0.1


I was having this same issue and resolved in the following way. Running

winrm quickconfig

returned the below error.

winrm : WSManFault
At line:1 char:1
+ winrm quickconfig
+ ~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (WSManFault:String) [], RemoteException
    + FullyQualifiedErrorId : NativeCommandError

    Message
        ProviderFault
            WSManFault
                Message = WinRM firewall exception will not work since one of the network connection types on this machine is set to Public. Change the network connection type to either Domain or Private and try again. 
Error number:  -2144108183 0x80338169
WinRM firewall exception will not work since one of the network connection types on this machine is set to Public. Change the network connection type to either Domain or Private and try again. 

In my case, this was a virtual NIC for a hypervisor service I was running on my machine. Once I changed this to Private, winrm quickconfig ran without error. I still had issues connecting to some machines and getting the same failure as described in this thread. To resolve, I checked for and started the winrm service where it was stopped.

get-service -ComputerName computer -Name winrm

Status   Name               DisplayName                           
------   ----               -----------                           
Stopped  winrm              Windows Remote Management (WS-Manag...



get-service -ComputerName computer -Name winrm | Start-Service


To save having to enable WinRM on every single server you manage, you can run this batch script:

Requirements:

  • A text file with all the servers you wish to enable WinRM on
  • PSExec in your Windows\System32 directory, downloaded from: https://technet.microsoft.com/en-us/sysinternals/pstools.aspx?f=255&MSPPError=-2147217396
  • Powershell on the server you're connecting to

Usage: EnablePSRemoting.bat PCs.txt

@echo off
for /f %%f in (%1) do (
  psexec.exe \\%%f -accepteula -h -d -s powershell.exe "enable-psremoting -force"
  echo Enabled on %%f
)


I have been looking for the answer for days and I found the issue;

It seems that the IIS 7 .NET Extensibility component was not installed causing this issue. We have a 2012 R2 Exchange 2010 server;

https://technet.microsoft.com/en-us/library/dd421841(v=exchg.80).aspx

I installed it by entering this in powershell;

See here the prerequisites for Exchange 2010.

https://technet.microsoft.com/en-us/library/bb691354(v=exchg.141)

This Exchange server of ours has only the mailbox role, the other is still CAS and HUB transport;

So we need this command;

Add-WindowsFeature NET-Framework-Features,RSAT-Clustering,Web-Mgmt-Console,WAS-Process-Model,Web-Basic-Auth,Web-Lgcy-Mgmt-Console,Web-Metabase,Web-Net-Ext,Web-Server,Web-Windows-Auth -Restart

The part of Web-Net-Ext installed the IIS 7.NET Extensibility component. No need to restart.

Just my 2 cents, maybe this helps someone else :-)


In my case, WinRM was not configured correctly. This is what I used to enable it remotely:

$x=Get-WmiObject -ComputerName "<computer name>" -Namespace "root\cimv2" -Class "Win32_Process" -List
$x.Create('C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -Command "& C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -Command {Enable-PSRemoting}"',$null,$null)
0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜