Entry tags:
Remote PowerShell
We tried to run PowerShell remotely (in order to automate build deployment).
We managed to make it work on developers' machines, but on production server it just refuses to work:
----------------------------------------------------------------
C:\Windows\system32>powershell
Windows PowerShell
PS C:\Windows\system32> Enable-PSRemoting -SkipNetworkProfileCheck -Force
PS C:\Windows\system32> Enter-PSSession -ComputerName localhost
----------------------------------------------------------------
Note "Unable to check the status of the firewall." part of the message.
Why would Enable-PSRemoting command try to check the status of the firewall?
Another Windows WTF reported by yatur
Update
Finally we were able to fix this remote powershell issue.
The problem was in Group Policy for IpV4Filter on our production machine.
IpV4Filter was limited to a single IP address (main address of that production machine).
I have no idea why it was setup that way.
This is how I fixed WinRM localhost access problem:
In the end, PowerShell and Microsoft server tools leave a negative impression due to bugs and pathetic diagnostic.
Consider another PowerShell surprise:
"ls" and "dir" commands produce empty output in case when folder is empty. No headers, no message that says there are no files. Just nothing. WTF?
We managed to make it work on developers' machines, but on production server it just refuses to work:
----------------------------------------------------------------
C:\Windows\system32>powershell
Windows PowerShell
PS C:\Windows\system32> Enable-PSRemoting -SkipNetworkProfileCheck -Force
WinRM is already set up to receive requests on this computer. Set-WSManQuickConfig : <f:WSManFault xmlns:f="http://schemas.microsoft.com/wbem/wsman/1/wsmanfault" Code="2" Machine="localhost"><f:Message><f:ProviderFault provider="Config provider" path="%systemroot%\system32\WsmSvc.dll"><f:WSManFault xmlns:f="http://schemas.microsoft.com/wbem/wsman/1/wsmanfault" Code="2" Machine="sv7731"><f:Message>Unable to check the status of the firewall. </f:Message></f:WSManFault></f:ProviderFault></f:Message></f:WSManFault> At line:65 char:17 + Set-WSManQuickConfig -force -SkipNetworkProfileCheck + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : InvalidOperation: (:) [Set-WSManQuickConfig], InvalidOperationException + FullyQualifiedErrorId : WsManError,Microsoft.WSMan.Management.SetWSManQuickConfigCommand
PS C:\Windows\system32> Enter-PSSession -ComputerName localhost
Enter-PSSession : Connecting to remote server localhost failed with the following error message : Access is denied. For more information, see the about_Remote_Troubleshooting Help topic. At line:1 char:1 + Enter-PSSession -ComputerName localhost + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : InvalidArgument: (localhost:String) [Enter-PSSes sion], PSRemotingTransportException + FullyQualifiedErrorId : CreateRemoteRunspaceFailed
----------------------------------------------------------------
Note "Unable to check the status of the firewall." part of the message.
Why would Enable-PSRemoting command try to check the status of the firewall?
Another Windows WTF reported by yatur
Update
Finally we were able to fix this remote powershell issue.
The problem was in Group Policy for IpV4Filter on our production machine.
IpV4Filter was limited to a single IP address (main address of that production machine).
I have no idea why it was setup that way.
This is how I fixed WinRM localhost access problem:
Run gpedit.msc Local Computer Policy Computer Configuration Administrative Templates Windows Components Windows Remote Management (WinRM) WinRM Service Allow remote server management through WinRM In "IPv4 filter:" change "208.43.198.72" to "*": IPv4 filter: *
In the end, PowerShell and Microsoft server tools leave a negative impression due to bugs and pathetic diagnostic.
Consider another PowerShell surprise:
"ls" and "dir" commands produce empty output in case when folder is empty. No headers, no message that says there are no files. Just nothing. WTF?