我在使用Jenkins运行远程脚本时遇到问题。我已经安装了PowerShell插件,可以在本地构建服务器上运行PowerShell脚本,但是当我尝试在远程服务器上运行它时,它会一直失败。我可以在本地和远程运行Jenkins之外的相同脚本,它工作得很好。我的假设是我缺少安全设置,但对于我的生活,我找不到它。
任何见解/帮助都会非常感激。
下面的代码在服务器上使用PowerShell运行,但不是通过Jenkins运行:
$ErrorActionPreference = 'Stop'
# Create a PSCredential Object using the "User" and "Password" parameters
that you passed to the job
$SecurePassword = 'xxxxxxx' | ConvertTo-SecureString -AsPlainText -Force
$cred = New-Object System.Management.Automation.PSCredential -ArgumentList 'ci-user', $SecurePassword
# Invoke a command on the remote machine.
# It depends on the type of job you are executing on the remote machine as
to if you want to use "-ErrorAction Stop" on your Invoke-Command.
Invoke-Command -ComputerName xxx.xx.xx.xxx -Credential $cred -ScriptBlock {
# Restart the W32Time service
Restart-Service -Name W32Time
}
以下错误是我在Jenkins中运行时得到的错误。当我在Jenkins之外运行时,我使用相同的用户名和密码并且工作:
Connecting to remote server xxx.xx.xx.xxx failed with the
following error message : WinRM cannot process the request. The following
error with errorcode 0x8009030d occurred while using Negotiate authentication:
A specified logon session does not exist. It may already have been terminated.
Possible causes are:
-The user name or password specified are invalid.
-Kerberos is used when no authentication method and no user name are
specified.
-Kerberos accepts domain user names, but not local user names.
-The Service Principal Name (SPN) for the remote computer name and port does
not exist.
-The client and remote computers are in different domains and there is no
trust between the two domains.
After checking for the above issues, try the following:
-Check the Event Viewer for events related to authentication.
-Change the authentication method; add the destination computer to the WinRM
TrustedHosts configuration setting or use HTTPS transport.
Note that computers in the TrustedHosts list might not be authenticated.
-For more information about WinRM configuration, run the following command:
winrm help config. For more information, see the about_Remote_Troubleshooting
Help topic.
At C:\Windows\TEMP\jenkins3589460126620702793.ps1:12 char:1
+ Invoke-Command -ComputerName xxx.xx.xx.xxx -Credential $cred -ScriptBlock {
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : OpenError: (xxx.xx.xx.xxx:String) [], PSRemoting
TransportException
+ FullyQualifiedErrorId : 1312,PSSessionStateBroken
答案 0 :(得分:0)
这可能是由几个不同的问题造成的:
您的远程计算机和连接计算机是否在同一个域中?如果没有,请验证ci-user的域并重试。
$ cred = New-Object System.Management.Automation.PSCredential -ArgumentList 'connectingserver / ci-user',$ SecurePassword
在远程服务器上启用WinRM,WinRM服务是否正在运行,您是否设置为允许适当的远程处理?请按照以下步骤验证:https://technet.microsoft.com/en-us/library/ff700227.aspx?f=255&MSPPError=-2147217396
答案 1 :(得分:0)
我发现了我的方式错误,但希望这个答案能帮助遇到它的其他人。
问题是我使用的用户是本地用户,需要将其视为工作组用户。因此,我需要将其作为\ ci-user传递给ci-user。一旦我这样做,它就像一个魅力。
感谢您的所有意见。