无法使用C#远程运行Admin PowerShell命令

时间:2016-03-04 15:51:56

标签: c# powershell remote-server

我正在尝试运行远程PowerShell脚本来查询和终止在特定会话中运行的任务:

string hostname = "XADCG.mydomain.co.uk";
string script = "$pw = convertto-securestring -AsPlainText -Force -String password123 " + Environment.NewLine +
                "$cred = new-object -typename System.Management.Automation.PSCredential -argumentlist \"DOMAIN1\\zzkillcitrix\",$pw" + Environment.NewLine +
                "$sessions = New-PSSession -ComputerName " + hostname + " -credential $cred" + Environment.NewLine +
                "Invoke-Command -session $sessions -ScriptBlock {taskkill /s xa7-11.mydomain.co.uk /PID 26208 /F}" + Environment.NewLine +
                "Remove-PSSession -Session $sessions" + Environment.NewLine +
                "exit";

// Create and open runspace  
Runspace runspace = RunspaceFactory.CreateRunspace();
runspace.Open();

// Create piepeline and feed it the script text
Pipeline pipeline = runspace.CreatePipeline();
pipeline.Commands.AddScript(script);

Collection<PSObject> results = new Collection<PSObject>();
try
{
    results = pipeline.Invoke();
    var error = pipeline.Error.Read();
}
catch (Exception ex)
{
    results.Add(new PSObject((object)ex.Message));
}

runspace.Close();

如果我调用tasklist,我会在results变量(服务器XADCG上运行的进程列表)中获得正常的预期结果

但是,如果我尝试针对另一个会话运行查询(例如query session user.name /server:xa11.mydomain.co.uk),我的结果变量将返回空

在检查输出了哪些错误后,我发现了以下内容:

taskkill /s xa11.mydomain.co.uk /pid 5876 /F
    {ERROR: Logon failure: unknown user name or bad password.}

query session user.name /server:xa11.mydomain.co.uk
    {Error 5 getting sessionnames}

tasklist /s xa7-11.mydomain.co.uk /fi \"SESSION EQ 4\"
    {ERROR: Logon failure: unknown user name or bad password.}

这显然使我看起来使用了错误的用户名/密码,但我100%确定这些是在$ cred变量中正确设置的

我还可以确认帐户zzkillcitrix是否有权远程运行这些查询(我可以通过Process.Start为此用户调用runas来执行所有这些命令)

是否还有其他地方我需要设置这些凭据,还是我在脚本中遗漏了其他内容?

感谢您对此的任何帮助

1 个答案:

答案 0 :(得分:0)

我能够使用以下脚本解决此问题:

string hostname = "SERVER.Domain.co.uk";

string script = "$pw = convertto-securestring -AsPlainText -Force -String \"PASSWORD\"" + Environment.NewLine +
                "$cred = new-object -typename System.Management.Automation.PSCredential -argumentlist \"Domain1\\zzkillcitrix\",$pw" + Environment.NewLine +
                "$sessions = New-PSSession -ComputerName " + hostname + " -credential $cred" + Environment.NewLine +
                "Invoke-Command -session $sessions -ScriptBlock {taskkill /s xa7-11.Domain1.co.uk /pid 23736 /U Domain1\\zzkillcitrix /P PASSWORD /F }" + Environment.NewLine +
                "Remove-PSSession -Session $sessions" + Environment.NewLine +
                "exit";

Runspace runspace = RunspaceFactory.CreateRunspace();
runspace.Open();

Pipeline pipeline = runspace.CreatePipeline();
pipeline.Commands.AddScript(script);

Collection<PSObject> results = new Collection<PSObject>();
try
{
    results = pipeline.Invoke();
    var errors = pipeline.Error.Read(pipeline.Error.Count);
    foreach (var error in errors)
    {
        var y = error;
    }
}
catch (Exception ex)
{
    results.Add(new PSObject((object)ex.Message));
}

runspace.Close();

所以我需要在使用New-PSSession变量创建$sessions时进行身份验证,然后在调用实际命令时再次进行身份验证:

"Invoke-Command -session $sessions -ScriptBlock {taskkill /s xa7-11.Domain1.co.uk /pid 23736 /U Domain1\\zzkillcitrix /P PASSWORD /F }" + Environment.NewLine +

我仍然不明白为什么我能够在没有提供凭据的情况下从同一台服务器手动从PowerShell运行该命令,但这是有道理的,因为我正在使用{{将远程连接到服务器上1}}然后在ScriptBlock中包含身份验证详细信息时重新退出到相关会话中。