无法使用 C# 远程运行管理 PowerShell 命令
本文关键字:运行 管理 命令 PowerShell 程运行 | 更新日期: 2023-09-27 18:37:19
我正在尝试运行远程PowerShell脚本来查询并终止在特定会话中运行的任务:
string hostname = "XADCG.mydomain.co.uk";
string script = "$pw = convertto-securestring -AsPlainText -Force -String password123 " + Environment.NewLine +
"$cred = new-object -typename System.Management.Automation.PSCredential -argumentlist '"DOMAIN1''zzkillcitrix'",$pw" + Environment.NewLine +
"$sessions = New-PSSession -ComputerName " + hostname + " -credential $cred" + Environment.NewLine +
"Invoke-Command -session $sessions -ScriptBlock {taskkill /s xa7-11.mydomain.co.uk /PID 26208 /F}" + Environment.NewLine +
"Remove-PSSession -Session $sessions" + Environment.NewLine +
"exit";
// Create and open runspace
Runspace runspace = RunspaceFactory.CreateRunspace();
runspace.Open();
// Create piepeline and feed it the script text
Pipeline pipeline = runspace.CreatePipeline();
pipeline.Commands.AddScript(script);
Collection<PSObject> results = new Collection<PSObject>();
try
{
results = pipeline.Invoke();
var error = pipeline.Error.Read();
}
catch (Exception ex)
{
results.Add(new PSObject((object)ex.Message));
}
runspace.Close();
如果我调用 tasklist ,我会在 results 变量(服务器 XADCG 上运行的进程列表)中获得正常的预期结果
但是,如果我尝试对另一个会话(例如 query session user.name /server:xa11.mydomain.co.uk)运行查询,我的结果变量返回空
检查输出哪些错误后,我发现了以下内容:
taskkill /s xa11.mydomain.co.uk /pid 5876 /F
{ERROR: Logon failure: unknown user name or bad password.}
query session user.name /server:xa11.mydomain.co.uk
{Error 5 getting sessionnames}
tasklist /s xa7-11.mydomain.co.uk /fi '"SESSION EQ 4'"
{ERROR: Logon failure: unknown user name or bad password.}
这显然使我似乎使用了错误的用户名/密码,但我 100% 确定这些在 $cred 变量中设置正确
我还可以确认帐户zzkillcitrix确实有权远程运行这些查询(我能够通过为此用户使用runas调用Process.Start来执行所有这些命令)
是否有其他地方需要设置这些凭据,或者我的脚本中缺少其他内容?
感谢对此的任何帮助
我能够使用以下脚本解决此问题:
string hostname = "SERVER.Domain.co.uk";
string script = "$pw = convertto-securestring -AsPlainText -Force -String '"PASSWORD'"" + Environment.NewLine +
"$cred = new-object -typename System.Management.Automation.PSCredential -argumentlist '"Domain1''zzkillcitrix'",$pw" + Environment.NewLine +
"$sessions = New-PSSession -ComputerName " + hostname + " -credential $cred" + Environment.NewLine +
"Invoke-Command -session $sessions -ScriptBlock {taskkill /s xa7-11.Domain1.co.uk /pid 23736 /U Domain1''zzkillcitrix /P PASSWORD /F }" + Environment.NewLine +
"Remove-PSSession -Session $sessions" + Environment.NewLine +
"exit";
Runspace runspace = RunspaceFactory.CreateRunspace();
runspace.Open();
Pipeline pipeline = runspace.CreatePipeline();
pipeline.Commands.AddScript(script);
Collection<PSObject> results = new Collection<PSObject>();
try
{
results = pipeline.Invoke();
var errors = pipeline.Error.Read(pipeline.Error.Count);
foreach (var error in errors)
{
var y = error;
}
}
catch (Exception ex)
{
results.Add(new PSObject((object)ex.Message));
}
runspace.Close();
所以我在使用 $sessions 变量创建New-PSSession时需要进行身份验证,然后在调用实际命令时再次进行身份验证:
"Invoke-Command -session $sessions -ScriptBlock {taskkill /s xa7-11.Domain1.co.uk /pid 23736 /U Domain1''zzkillcitrix /P PASSWORD /F }" + Environment.NewLine +
我仍然不明白为什么我可以从同一服务器手动运行该命令而无需提供凭据,但这是有道理的,因为我使用 $sessions 远程连接到服务器,然后远程处理,在 ScriptBlock 中包含身份验证详细信息时,返回到有问题的会话中。