PowerShell - Executing a script remotely on non-domain Target from server on Domain RRS feed

  • Question

  • Hello Experts!

    I am stuck with a very specific problem:

    My infrastructure:

    1. Driver script on a Server in organization domain – uses delegated creds based on user login

    2. Target VM – not on organization domain – different local credentials that need to be passed

    3. Shared network drive with data that should be accessible to '2' – same credentials as '1'

    What I need to do:

    1. Trigger Driver script from Server that is on domain

    2. Revert the Target VM to some existing snapshot (using PowerCLI)

    3. Map a drive on Target VM – using the domain related credentials

    4. Execute some powershell scripts placed on shared network drive (this internally accesses some .dat and .bin files on the same location)

    My problem:

    I am unable to connect to the Target VM with Invoke-Command to execute the drive map script.

    Error: WinRM cannot process the request. The following error with errorcode 0x8009030e occurred while using Negotiate authentication: A specified logon session does not exist. It may already have been terminated.

    Possibly because: -Kerberos accepts domain user names, but not local user names. But I do not have any domain user names, as the VM is not on domain

    What I have tried:

    1. Invoke-Command with script path in ScriptBlock

    2. New-PSSession

    3. Adding the drive map as a startup script on logon – this however does not work unless I manually login to Target VM after each snapshot revert

    Pre-requisites used:

    1. PSRemoting is enabled on both driver and target VMs

    2. The IPs are added as trusted hosts on both

    3. WinRM is configured to process requests

    4. ExecutionPolicy is Unrestricted

    Will be wonderful if anyone can help me with this! Thanks!

    • Moved by Bill_Stewart Friday, July 7, 2017 4:39 PM This is not "help me figure out my connectivity issue" forum
    Tuesday, May 9, 2017 9:43 AM

All replies

  • To remote to  a non-domain computer you must use CredSSP.

    Search for that and you will find many examples and instructions. Also:

    help credssp


    Tuesday, May 9, 2017 1:17 PM