Unable to run PowerShell script across domains

0

I am trying to write a script to retrieve any expired IIS certificates across domains. I can run the script without any errors while on the same domain as the server list but I'm unable to cross domains even though the user I'm using has admin access across all domains.

I've tried using a New-PSSesiion and passing it into the Invoke-Command and I get the error: WindRM cannot process the request. 

cd C:\Deploy\Certs

Enable-PSRemoting –force

            #set up path and user variables
            $AESKeyFilePath = “aeskey.txt” # location of the AESKey                
            $SecurePwdFilePath = “credpassword.txt” # location of the file that hosts the encrypted password                
            $user = "DOMAIN\Username" # User account login 

            #use key and password to create local secure password
            $AESKey = Get-Content -Path $AESKeyFilePath 
            $pwdTxt = Get-Content -Path $SecurePwdFilePath
            $securePass = $pwdTxt | ConvertTo-SecureString -Key $AESKey

           #crete a new psCredential object with required username and password
            $adminCreds = New-Object System.Management.Automation.PSCredential($user, $securePass)



$ServerList=Get-Content .\components\hosts.txt

foreach ( $Server in $ServerList ) {
    Write-Host "Checking $Server is up"
     if ( ( Test-Connection $Server -Quiet ) -eq $True ) {

     # Open remote session:
 #$session = New-PSSession -ComputerName $Server -Credential  $adminCreds -ThrottleLimit 16


Invoke-Command -ComputerName $Server -ScriptBlock  {

Import-Module -Name WebAdministration

Get-ChildItem -Path IIS:SSLBindings | ForEach-Object -Process `
 {
    if ($_.Sites)
    {
        $certificate = Get-ChildItem -Path CERT:LocalMachine/My |
        Where-Object -Property Thumbprint -EQ -Value $_.Thumbprint



        [PsCustomObject]@{
            HostName                     = $Env:COMPUTERNAME
            Sites                        = $_.Sites.Value
            CertificateFriendlyName      = $certificate.FriendlyName
            CertificateDnsNameList       = $certificate.DnsNameList
            CertificateExpiration         = $certificate.NotAfter
            CertificateIssuer            = $certificate.Issuer
        }  


    } 

}  
   }|  Out-File .\expired_Certs.txt -append #-NoTypeInformation
  } 
  }

error message:

WinRM cannot process the request. The following error with errorcode 0x80090311 occurred while using Kerberos authentication: We can't sign you in with this credential because your domain isn't available. Make sure your device is connected to your organization's network and try again. If you previously signed in on this device with another credential, you can sign in with that credential.

powershell
cross-domain
remote-access
invoke-command
asked on Stack Overflow May 20, 2019 by Stacker • edited May 20, 2019 by Theo

1 Answer

0

SOLVED! I read the troubleshooting help and ran the following command to add servers to trusted hosts:

Set-Item wsman:localhost\client\trustedhosts *.domain.name
answered on Stack Overflow May 20, 2019 by Stacker

User contributions licensed under CC BY-SA 3.0