New-PSDrive error with double hop RRS feed

  • Question

  • I'm trying to install software from a UNC share path, executing a script from serverA, to install the software on serverB.  The install executables will be called over a UNC share on serverC - your classic double hop issue.

    While the installation process does complete successfully, and New-PSDrive "does something", it is still throwing an exception even if redirected to NULL:

    A specified logon session does not exist. It may already have been terminated
        + CategoryInfo          : InvalidOperation: (Share:PSDriveInfo) [New-PSDrive], Win32Exception
        + FullyQualifiedErrorId : CouldNotMapNetworkDrive,Microsoft.PowerShell.Commands.NewPSDriveCommand

    System.ComponentModel.Win32Exception (0x80004005): A specified logon session does not exist. It may already have been terminated

    New-PSDrive is granting me access to the share from serverB to serverC.  In the block below you can see the difference when you comment out the New-PSDrive statement - GCI (and my install) will either succeed or fail.

    Which part of the New-PSDrive command is failing?  It seems it's trying to do 2 things - one which succeeds and grants my session access to the share  - and the other is trying to create the mapping which fails.  Note that Get-PSDrive does not show a record for the share on serverC even though it becomes accessible over UNC path.

    ### Execute from serverA

    $Share_Root = '\\serverC\share' $CRED = Get-Credential ($env:USERDOMAIN + '\' + $env:USERNAME) Invoke-Command -ComputerName 'serverB' -Credential $CRED { Try {New-PSDrive -Root $using:Share_Root -PSProvider FileSystem -credential $using:cred -Name 'Share' -ErrorAction Stop} Catch {Write-Host $_.exception} $ShareFile = "$using:Share_Root\readme.txt" Get-ChildItem $ShareFile }

    Friday, August 10, 2018 5:53 PM

All replies

  • You cannot use the same credentials to a share.  Don't use credentials when you already have access to the share.

    You cannot connect to a remote drive remotely.  That is what the second hop restriction means.  Use CredSSP or don't use remoting.


    • Proposed as answer by PM091 Friday, August 10, 2018 6:09 PM
    Friday, August 10, 2018 6:05 PM