none
Invoke-Commad on localhost in Windows Server 2012 requires administartive privileges RRS feed

  • Question

  • When I run this:

    Invoke-Command -ComputerName . -ScriptBlock { Get-Date }

    on a non administrative PowerShel session on Windows Server 2008 R2 I get the expected result (getting the date).

    If I try the same on Windows Server 2012 I get:

    [localhost] Connecting to remote server localhost failed with the following error message : Access is denied. For more information, see the about_Remote_Troubleshooting Help topic.
        + CategoryInfo          : OpenError: (localhost:String) [], PSRemotingTransportException
        + FullyQualifiedErrorId : AccessDenied,PSSessionStateBroken

    If I run the script on a PowerShel session with administrator privileges I get the expected result.

    The servers belong to a domain different from the domain my user account belongs to but that can authenticate users.

    Why does Windows Server 2012 require administrator privileges?


    Paulo Morgado


    Tuesday, March 26, 2013 4:08 PM

Answers

  • The documentation (http://technet.microsoft.com/library/hh849719.aspx) for the -ComputerName parameter states that:

    Note: On Windows Vista, and later versions of Windows, to include the local computer in the value of the ComputerName parameter, you must open Windows PowerShell with the "Run as administrator" option.

    However, that doesn't seem to be the case for Windows Server 2008 R2 which is a version of Windows later than Windows Vista.


    Paulo Morgado



    Thursday, May 2, 2013 1:34 PM

All replies

  • Hi,

    I would like to know that whether you enable psremoting on both computer, for more details, please refer to the below link:

    http://technet.microsoft.com/en-us/library/hh849694.aspx

    Regards,

    Yan Li

    If you have any feedback on our support, please click here .


    Cataleya Li
    TechNet Community Support

    Wednesday, March 27, 2013 2:45 AM
    Moderator
  • PSRemoting is enabled on every server but only the Win2012 servers can't self invoke commands although they can on other Win2012 servers.

    Win2008R2 servers can self invoke.


    Paulo Morgado
    http://PauloMorgado.NET/


    Wednesday, March 27, 2013 5:43 PM
  • Hi,

    Please verify below things:

    1. Make sure the WinRM service is running  on the problematic server.

    2. Make sure TCP port 5985 is open on the problematic server - this may include enabling exceptions on whatever software firewalls you have running.

    3. On the probleamtic server, open PowerShell and run your same Invoke-Command, but use "-computername localhost". If that doesn't work, then Remoting isn't properly configured on the server.



    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

    Monday, April 8, 2013 5:32 AM
  • . or localhost is exactly the same. If you read my first message you'll see that I used . and the error message has localhost.

    On my second message, I said I have remoting enabled and can remote from any server to any server except to self on Windows Server 2012 without administrator privileges.


    Paulo Morgado

    Monday, April 8, 2013 9:03 AM
  • The documentation (http://technet.microsoft.com/library/hh849719.aspx) for the -ComputerName parameter states that:

    Note: On Windows Vista, and later versions of Windows, to include the local computer in the value of the ComputerName parameter, you must open Windows PowerShell with the "Run as administrator" option.

    However, that doesn't seem to be the case for Windows Server 2008 R2 which is a version of Windows later than Windows Vista.


    Paulo Morgado



    Thursday, May 2, 2013 1:34 PM