Login/Register
PowerShell Access is denied. PSRemotingTransportException + FullyQualifiedErrorId : PSSessionStateBroken
Asked Answered
Solved powershellremote-desktopaccess-deniedpowershell-remoting
K

1

8

I was trying to establish a remote connection to another system and execute some basic commands.

Below are the steps that I have done :

  • Configured the remote machine to accept Shell commands - Enable-PSRemoting – Force
  • Tested the configuration on remote machine - Test-WsMan COMPUTERNAME.
  • Executed the following commands on the host machine :

1.Invoke-Command -ComputerName COMPUTERNAME -ScriptBlock { Get-ChildItem C:\ } -credential USERNAME.

2.Invoke-Command -ComputerName COMPUTERNAME -ScriptBlock { Get-ChildItem C:\ } -credential $Credentials.

3.Invoke-Command -ComputerName COMPUTERNAME -ScriptBlock { Get-ChildItem C:\ }

In all the cases, we were getting access denied error : 

Access is denied. For more information, see the about_Remote_Troubleshooting Help topic. + CategoryInfo   : OpenError: (:) [], PSRemotingTransportException 
+ FullyQualifiedErrorId : PSSessionStateBroken
Kirkman answered 16/6, 2017 at 4:55 Comment(2)
did you run as admin?Kyl
I did run the powershell command as adminKirkman
C
7

From MSDN:

  1. Start Windows PowerShell as an administrator by right-clicking the Windows PowerShell shortcut and selecting Run As Administrator.

  2. The WinRM service is confi gured for manual startup by default. You must change the startup type to Automatic and start the service on each computer you want to work with. At the PowerShell prompt, you can verify that the WinRM service is running using the following command: get-service winrm The value of the Status property in the output should be “Running”.

  3. To configure Windows PowerShell for remoting, type the following command: Enable-PSRemoting –force

In many cases, you will be able to work with remote computers in other domains. However, if the remote computer is not in a trusted domain, the remote computer might not be able to authenticate your credentials. To enable authentication, you need to add the remote computer to the list of trusted hosts for the local computer in WinRM. To do so, type: winrm s winrm/config/client '@{TrustedHosts="RemoteComputer"}' Here, RemoteComputer should be the name of the remote computer, such as: winrm s winrm/config/client '@{TrustedHosts="CorpServer56"}'

You should check if the winrm is running. Also add your remote hosts to the trusted hosts list (or your local machine).

Hope that helps.

Crisscross answered 16/6, 2017 at 11:16 Comment(6)
I was able to solve the issue. It looks like I had to modify the security configuration for Windows PowerShell remoting in the remote machine. I used the command Set-PSSessionConfiguration -ShowSecurityDescriptorUI -Name Microsoft.PowerShell to add the client user on the remote machine. I was then able to communicate from the client machine to remote machine,Kirkman
Can you write down what you had to change to make it work. Would be interesting to know.Crisscross
I was able to solve the issue. It looks like I had to modify the security configuration for Windows PowerShell remoting in the remote machine. I used the command Set-PSSessionConfiguration -ShowSecurityDescriptorUI -Name Microsoft.PowerShell to add the client user on the remote machine. I was then able to communicate from the client machine to remote machine,Kirkman
Thank you @AjmalMoideen - this at least got me to my next error. -_-Hubblebubble
@AjmalMoideen OMG thank you! No one else on Google mentioned this!!Erythrocyte
The remote user may also need to be present in the Remote Management Users local groupWord

© 2022 - 2024 — McMap. All rights reserved.