在RemoteServer之后从我的PC enter-pssesion在ClientPC上运行了以下查询。 (我需要使用Windows集成安全性)
Enter-PSSesion RemoteServer # from ClientPC
Invoke-Sqlcmd -ServerInstance sqlserver 'select 1 a' # in the ps session of RemoteServer
并显示错误
Invoke-Sqlcmd:用户'NT AUTHORITY \ ANONYMOUS LOGON'登录失败。
然后我执行了以下步骤。
在RemoteServer上,
Enable-WSManCredSSP -Role server
它返回
CredSSP Authentication Configuration for WS-Management CredSSP authentication allows the server to accept user credentials from a remote computer. If you enable CredSSP authentication on the server, the server will have access to the user name and password of the client computer if the client computer sends them. For more information, see the Enable-WSManCredSSP Help topic. Do you want to enable CredSSP authentication? [Y] Yes [N] No [S] Suspend [?] Help (default is "Y"): cfg : http://schemas.microsoft.com/wbem/wsman/1/config/service/auth lang : en-US Basic : false Kerberos : true Negotiate : true Certificate : false CredSSP : true CbtHardeningLevel : Relaxed
在我的计算机ClientPC上。
PS C:\> Enable-WSManCredSSP -Role client -DelegateComputer * CredSSP Authentication Configuration for WS-Management CredSSP authentication allows the user credentials on this computer to be sent to a remote computer. If you use CredSSP authentication for a connection to a malicious or compromised computer, that computer will have access to your user name and password. For more information, see the Enable-WSManCredSSP Help topic. Do you want to enable CredSSP authentication? [Y] Yes [N] No [S] Suspend [?] Help (default is "Y"): cfg : http://schemas.microsoft.com/wbem/wsman/1/config/client/auth lang : en-US Basic : true Digest : true Kerberos : true Negotiate : true Certificate : true CredSSP : true
但是我仍然收到错误消息?
答案 0 :(得分:2)
如果在客户端和服务器上都启用了CredSSP(此双跳身份验证是必需的),则您只需将身份验证明确指定为CredSSP,因为默认情况下它不会与其连接。
Enter-PSSession RemoteServer -Authentication Credssp -Credential (Get-Credential)