如何让远程计算机在远程计算机本身上运行 PowerShell 脚本?

如何让远程计算机在远程计算机本身上运行 PowerShell 脚本?

我有两台远程机器:1 我们称之为驱动程序,2 我们称之为客户端。它们位于同一个域中,我们称之为“TECH.com”。

在驱动程序机器上,我有一个控制客户端机器的 PowerShell 脚本:1、在客户端上恢复检查点。2、停止客户端。3、启动客户端。等等。我想要做的事情是让客户端机器执行另一个 PowerShell 脚本(它可以驻留在客户端或/和驱动程序上。如果需要,我可以将文件从驱动程序复制到客户端)。

所以我做了一些研究,发现了两种方法:1、WS Management。2、WMI 我在两台机器上都启用了 psremoting。我在两台机器上都测试了 WsMan,它们看起来工作正常。我已经能够在这两台机器之间传输文件,但是,当我尝试运行 Invoke 命令时,它给了我错误:

Connecting to remote server XXXXXXtech.com failed with the following error message : WinRM cannot process the request. The following 
error with errorcode 0x80090311 occurred while using Kerberos authentication: There are currently no logon servers available to service the logon request.  
 Possible causes are:
  -The user name or password specified are invalid.
  -Kerberos is used when no authentication method and no user name are specified.
  -Kerberos accepts domain user names, but not local user names.
  -The Service Principal Name (SPN) for the remote computer name and port does not exist.
  -The client and remote computers are in different domains and there is no trust between the two domains.
 After checking for the above issues, try the following:
  -Check the Event Viewer for events related to authentication.
  -Change the authentication method; add the destination computer to the WinRM TrustedHosts configuration setting or use HTTPS transport.
 Note that computers in the TrustedHosts list might not be authenticated.
   -For more information about WinRM configuration, run the following command: winrm help config. For more information, see the about_Remote_Troubleshooting Help topic.
    + CategoryInfo          : OpenError: (XXXXXX.XXXXtech.com:String) [], PSRemotingTransportException
    + FullyQualifiedErrorId : AuthenticationFailed,PSSessionStateBroken

答案1

有几个选择:


在本地计算机上,允许无需身份验证即可连接到远程计算机:

Set-Item WSMan:\localhost\Client\TrustedHosts -Value $remoteMachine -Force

如果您在同一个域上并且在远程计算机上拥有管理员权限,请继续尝试使用您的用户名进入远程会话。


否则,您可能需要/想要设置一个凭证对象并使用它来启动会话Invoke-Command

$script = { Write-Host "Hello, World!" }
$computerName = "Server Name Or Ip Address"
$username = "domain\user"
$pw = "worstpasswordever"

# Create Credentials
$securepw = ConvertTo-SecureString $pw -asplaintext -force
$cred = new-object -typename System.Management.Automation.PSCredential -argument $username, $securepw

# Create and use session
$session = New-PSSession -credential $cred -ComputerName $computerName
Invoke-Command -Session $session -ScriptBlock $script
Remove-PSSession $session

相关内容