某些PowerShell Cmdlet具有ComputerName参数,我可以使用它们从远程计算机获取信息。与Get-Process,Get-Service等一样。但是,它们没有Credential参数,这反过来会使命令在某些情况下失败。如下例所示。
PS C:\Users\x\AppData\Roaming> Get-Service *sql* -ComputerName mylab.testing.com
Get-Service : Cannot open Service Control Manager on computer 'mylab.testing.com'. This operation might require other privileges.
At line:1 char:1
+ Get-Service *sql* -ComputerName mylab.testing.com
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [Get-Service], InvalidOperationException
+ FullyQualifiedErrorId : System.InvalidOperationException,Microsoft.PowerShell.Commands.GetServiceCommand
PS C:\Users\x\AppData\Roaming> Get-Error
******************************
Errors: 104
******************************
System.ComponentModel.Win32Exception (0x80004005): Access is denied
----------------------------------------------
System.Management.Automation.RuntimeException: ScriptHalted
----------------------------------------------
System.InvalidOperationException: Collection was modified; enumeration operation may not execute.
at System.Collections.ArrayList.ArrayListEnumeratorSimple.MoveNext()
at System.Management.Automation.Interpreter.FuncCallInstruction`2.Run(InterpretedFrame frame)
at System.Management.Automation.Interpreter.EnterTryCatchFinallyInstruction.Run(InterpretedFrame frame)
at System.Management.Automation.Interpreter.EnterTryCatchFinallyInstruction.Run(InterpretedFrame frame)
----------------------------------------------
System.Management.Automation.RuntimeException: You cannot call a method on a null-valued expression.
at CallSite.Target(Closure , CallSite , Object )
at System.Dynamic.UpdateDelegates.UpdateAndExecute1[T0,TRet](CallSite site, T0 arg0)
at System.Management.Automation.Interpreter.DynamicInstruction`2.Run(InterpretedFrame frame)
at System.Management.Automation.Interpreter.EnterTryCatchFinallyInstruction.Run(InterpretedFrame frame)
----------------------------------------------
You cannot call a method on a null-valued expression.
At line:18 char:21
+ write-host $err.Exception.ToString()
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (:) [], RuntimeException
+ FullyQualifiedErrorId : InvokeMethodOnNull
----------------------------------------------
Collection was modified; enumeration operation may not execute.
At line:9 char:17
+ foreach($err in $Error)
+ ~~~~
+ CategoryInfo : OperationStopped: (:) [], InvalidOperationException
+ FullyQualifiedErrorId : System.InvalidOperationException
ScriptHalted
At line:22 char:9
+ throw
+ ~~~~~
+ CategoryInfo : OperationStopped: (:) [], RuntimeException
+ FullyQualifiedErrorId : ScriptHalted
PS C:\Users\x\AppData\Roaming> help Get-Service -full
注意我使用了自定义函数Get-Error,其代码如下所示。
function Get-Error
{
$errorsReported = $False
if($Error.Count -ne 0)
{
write-host "******************************"
write-host "Errors:", $Error.Count
write-host "******************************"
foreach($err in $Error)
{
$errorsReported = $True
if( $err.Exception.InnerException -ne $null)
{
write-host $err.Exception.InnerException.ToString()
}
else
{
write-host $err.Exception.ToString()
}
write-host "----------------------------------------------"
}
throw
}
}
我想知道我的理解是否正确?这是否意味着在使用这些命令时无法对远程服务器进行身份验证?
感谢。
答案 0 :(得分:1)
正如capsch所说,您必须使用在远程计算机上具有管理员权限的帐户运行PowerShell会话。如果远程计算机启用了远程处理,则可以使用Invoke-Command和remoting运行Get-Service命令,该命令支持备用凭据。另一种方法是使用WMI和查询服务,这种方式也支持备用凭证。
答案 1 :(得分:0)
除了UAC之外,默认情况下,您必须是远程管理的成员管理员
无法在计算机上打开服务控制管理器