启用PSRemoting后无法创建远程PowerShell会话

时间:2013-04-17 13:55:08

标签: powershell remoting

我无法远程进入任何机器来拯救我的生命!我已经尝试了所有可以找到的东西。如果有人可以排除故障或指导我,我会很感激,因为这将是一个添加到我的域名的好工具。

SETUP:

  1. 域内的客户端计算机
  2. 服务器机器内部或外部域 - 虚拟化并用于WSUS Computername:wsustest
  3. CLIENT SERVER MACHINE physical-computername:epizzi-pc

    4. 步骤进行:

    enable-pssremoting done! on all machines
trustedhosts configured with * or client machine added
Firewalls with public profile off just in case

    Enter-PSSession -ComputerName wsustest -Credential wsustest\administrator
Enter-PSSession -ComputerName epizzi-pc -Credential epizzi-pc\administrador
Enter-PSSession : Connecting to remote server epizzi-pc failed with the following error message : WinRM cannot process the request. The following error with errorcode 0x80090311 
occurred while using Kerberos authentication: There are currently no logon servers available to service the logon request.  
 Possible causes are:
  -The user name or password specified are invalid.
  -Kerberos is used when no authentication method and no user name are specified.
  -Kerberos accepts domain user names, but not local user names.
  -The Service Principal Name (SPN) for the remote computer name and port does not exist.
  -The client and remote computers are in different domains and there is no trust between the two domains.
 After checking for the above issues, try the following:
  -Check the Event Viewer for events related to authentication.
  -Change the authentication method; add the destination computer to the WinRM TrustedHosts configuration setting or use HTTPS transport.
 Note that computers in the TrustedHosts list might not be authenticated.
   -For more information about WinRM configuration, run the following command: winrm help config. For more information, see the about_Remote_Troubleshooting Help topic.
At line:1 char:1
+ Enter-PSSession -ComputerName epizzi-pc -Credential epizzi-pc\administrador
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidArgument: (epizzi-pc:String) [Enter-PSSession], PSRemotingTransportException
    + FullyQualifiedErrorId : CreateRemoteRunspaceFailed

    Enter-PSSession -ComputerName wsustest -UseSSL -Credential wsustest\administrator

*Enter-PSSession : Connecting to remote server wsustest failed with the following error message : WinRM cannot complete the operation. Verify that the specified computer name is 
valid, that the computer is accessible over the network, and that a firewall exception for the WinRM service is enabled and allows access from this computer. By default, the WinRM 
firewall exception for public profiles limits access to remote computers within the same local subnet. For more information, see the about_Remote_Troubleshooting Help topic.
At line:1 char:1
+ Enter-PSSession -ComputerName wsustest -UseSSL -Credential wsustest\administrato ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidArgument: (wsustest:String) [Enter-PSSession], PSRemotingTransportException
    + FullyQualifiedErrorId : CreateRemoteRunspaceFailed*
ERRORs:

7 个答案:

答案 0 :(得分:10)

我在远程连接到服务器时遇到了同样的问题,发现这篇博文很有帮助 - http://jeffgraves.me/2013/10/14/powershell-remoting/

就我的具体情况而言,我做了以下事情:

在本地计算机上

  1. winrm quickconfig(虽然已配置)
  2. winrm s winrm / config / client' @ {TrustedHosts =" myservername.domain"}'

    3. 在远程计算机上

    1. enable-psremoting -force
    2. Set-PSSessionConfiguration -ShowSecurityDescriptorUI -Name Microsoft.PowerShell -Force

答案 1 :(得分:3)

我就是这样做的。我在我的脚本上使用它。

# This is only done once
Read-Host -AsSecureString | ConvertFrom-SecureString | Out-File
c:\Windows\temp\securepass.txt

# Setup credentials
$SecureString = Get-Content c:\Windows\temp\securepass.txt | ConvertTo-SecureString
$mycredentials = New-Object -TypeName System.Management.Automation.PSCredential
    -ArgumentList "yourDomain\userID",$SecureString

# Open remote session:
$MyRSession = New-PSSession -ComputerName Computer1 -Credential $mycredentials
    -Authentication default

# Use remote session:
Enter-PSSession $MyRSession

答案 2 :(得分:1)

如果客户端和服务器计算机之间没有信任,则必须在服务器端启用基本身份验证。通过切换服务器上的WSMAN:驱动器上的正确属性来执行此操作。你显然必须在控制台上或通过远程桌面以交互方式进行此操作,因为鸡和鸡蛋问题:)此外,这也可能发挥作用:

http://www.nivot.org/blog/post/2009/10/30/PowerShell20EnablingRemotingWithVirtualXPModeOnWindows7

答案 3 :(得分:0)

摆脱-UseSSL。我启用了PSRemoting并且在使用它时遇到了问题。我想我以后可以看一下,但现在没关系。

答案 4 :(得分:0)

我已经使用Enter-pssession命令实现了远程会话,必须遵循这些确切的参数

$creds =  get-credential (the -credential parameter in enter-pssession does not work properly, thus u must         previously enter the object at another variable)
Enter-pssession -computername wsustest -authentication Default -credentials $creds

我还必须在可信主机wsman:space

中设置客户端和远程服务器

另一种肯定会起作用的解决方案,但我没有尝试过,可能会设置https:这很难做到。

总而言之,您的意见肯定导致了解决方案!

答案 5 :(得分:0)

我通过使用完全限定的登录解决了这个问题。我使用fqdn \ accountname而不是“netbiosdomain \ accountname”,如在get-credential提示符中的Microsoft.com \ myaccount中那样。可能不适合所有人,但值得一试。

答案 6 :(得分:0)

我遇到了同样的错误currently no logon servers available。 通过使用UPN或Domain\Username用户而不是Username@Domain作为凭据来解决了该问题。

相关问题
最新问题