locked
Remote administration is failing RRS feed

  • Question

  • I'm adding clients to a new domain using Powershell. Here are the particulars:

    • Windows 2019 with 2016 Domain level
    • Remote Management is enabled
    • Firewall is disabled
    • Logged in on domain controller as as user in the Domain and Enterprise admin groups
    • Launch PS "As Administrator"
    • Tried the following commands
      Add-Computer -Credential admin -DomainName domain.name -ComputerName 10.11.10.118 -Force
      Add-Computer -Credential admin -DomainName domain.name -ComputerName 10.11.10.118 -LocalCredential LocalAdmin
      Add-Computer -Credential domain.name\admin -DomainName domain.name -ComputerName 10.11.10.118 -LocalCredential LocalAdmin

    winrm set winrm/config/client '@{TrustedHosts="10.11.10.118}"}' returns

    Client
        NetworkDelayms = 5000
        URLPrefix = wsman
        AllowUnencrypted = false
        Auth
            Basic = true
            Digest = true
            Kerberos = true
            Negotiate = true
            Certificate = true
            CredSSP = false
        DefaultPorts
            HTTP = 5985
            HTTPS = 5986
        TrustedHosts = 10.11.10.118}

    I get this error:

    Add-Computer : Cannot establish the WMI connection to the computer '10.11.10.118' with the following error message: Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED)).
    At line:1 char:1
    + Add-Computer -Credential admin -DomainName domain.name -Compu ...
    + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        + CategoryInfo          : OperationStopped: (10.11.10.118:String) [Add-Computer], InvalidOperationException
        + FullyQualifiedErrorId : AddComputerException,Microsoft.PowerShell.Commands.AddComputerCommand

    On 10.11.10.118 I see a success audit in the security event log for the admin account associated to the command being run. Isn't this just supposed to work? All of the documentation and support tickets I've read say it should.

    Thanks in advance fr assistance.

    Tuesday, September 24, 2019 11:56 PM

Answers

  • I have honestly tried every thing I know and it's just not working, but it's only in one environment. Since it's a staging env I'm just going to recreate it. Thanks everyone for the help.
    • Marked as answer by FredHuel Thursday, October 3, 2019 3:28 PM
    Thursday, October 3, 2019 3:25 PM

All replies

  • You have to use the local admin credentials to join a domain as well as the domain credentials.

    Read the entire help for this command to learn how to use it.

    help add-computer -online


    \_(ツ)_/

    Wednesday, September 25, 2019 12:10 AM
  • Hi,

    Thanks for your question.

    Please try to use the command below:

    Add-Computer -ComputerName 'TEST' -LocalCredential 'TEST\Administrator' -Credential 'jordan-test.local\Administrator' -DomainName 'test.com' -Force -Restart

    Please try to check the domain administrator and local computer administrator credentials.

    If it not work, please try to refer the post discussed before.

    https://social.technet.microsoft.com/Forums/en-US/618cf17f-0c68-4457-aa68-74de8daf0b5b/remote-wmi-access-denied-0x80070005?forum=winserverpowershell

    Best regards,

    Lee


    Just do it.

    Wednesday, September 25, 2019 8:12 AM
  • I did, read my entire post:

    Add-Computer -Credential domain.name\admin -DomainName domain.name -ComputerName 10.11.10.118 -LocalCredential LocalAdmin
    Wednesday, September 25, 2019 3:42 PM
  • Add-Computer -Credential domain.name\admin -DomainName domain.name -ComputerName 10.11.10.118 -LocalCredential 10.11.10.118 \LocalAdmin


    Just do it.

    Thursday, October 3, 2019 2:21 AM
  • I have honestly tried every thing I know and it's just not working, but it's only in one environment. Since it's a staging env I'm just going to recreate it. Thanks everyone for the help.
    • Marked as answer by FredHuel Thursday, October 3, 2019 3:28 PM
    Thursday, October 3, 2019 3:25 PM