New-PsDrive Remote copy from DFS share errors: A specified logon session does not exist

powershell map drive
1BilliumDollars picture 1BilliumDollars · Sep 11, 2013 · Viewed 12.7k times · Source

So to recap the situation: I am at one computer trying to run powershell using enter-pssession computername, then from the remote session, run the logic below:

$DFSPath = "\\DFSpath.com"
$RDL1 = [char](1+[char](gdr ?)[-1].name)
New-PSDrive -Name $RDL1 -PSProvider FileSystem -Root $DFSPath -Persist -credential domain\UN

The get-variable shows the variables properly. But when I try to create with New-PSDrive, it gives:

New-PSDrive : A specified logon session does not exist. It may already have
been terminated

I did look at this: PowerShell 2.0: Accessing Windows Shares during a Remote Session but wasn't able to get it to work. Also I wouldn't know how to devise it in my script above (which will be run on multiple computers). Is there anything newer? I am using v3 powershell. Thanks so much!

Answer

E.V.I.L. picture E.V.I.L. · Sep 11, 2013

From the looks of things it appears that you are experiencing the dreaded "Double-Hop". If you only what to remote to a few computers it's pretty easy to setup the "fix" for the "Double-Hop". On the computers that you want to remote to you need to run the following commands:

Enable-PSRemoting

Enable-WSManCredSSP Server

Then on the computer you want to remote from you need to run the command:

Enable-WSManCredSSP Client –DelegateComputer [<FQDN of the server>][*]

In place of the fully qualified domain name you can put a * instead. That will allow you to send your credentials to any computer (that could be dangerous).

Now how would you work this into a script? There is a command called Invoke-Command. If you look at the parameters of Get-Help Invoke-Command -Parameter *, you'll see that it take a Credential and a Authentication. Here's how you would run a command on multiple computers.

$MyCred = Get-Credential
Invoke-Command -ComputerName Computer1,Computer2 -Credential $MyCred -Authentication Credssp -ScriptBlock {Get-ChildItem $args[0]} -ArgumentList '\\Server\Share' -ErrorAction SilentlyContinue

Now if you'll be remoting onto many machines and you know how to use Group Policy. I'd recommend setting up PSRemoting and enabling WSManCred with the Group Policy.

Related questions

Determine installed PowerShell version

How can I determine what version of PowerShell is installed on a computer, and indeed if it is installed at all?

Read More
PowerShell says "execution of scripts is disabled on this system."

I am trying to run a cmd file that calls a PowerShell script from cmd.exe, but I am getting this error: Management_Install.ps1 cannot be loaded because the execution of scripts is disabled on this system. I ran …

Read More
How to run a PowerShell script

How do I run a PowerShell script? I have a script named myscript.ps1 I have all the necessary frameworks installed I set that execution policy thing I have followed the instructions on this MSDN help page and am trying …

Read More