This question was asked by a colleague on SO here, though it was suggested that we ask it here instead – apologies for the cross posting.
Server is Windows Server 2008 R2
– UAC is disabled on the server (temporarily for this testing only)
– User is in the domain admin group and is a local admin on both the local and remote machine.
The following script works fine when RDP'd into the box:
import-module servermanager
add-windowsfeature nlb
import-module networkloadbalancingclusters
$nodes = get-nlbclusternode
at this point, $nodes has content in it, and I can process it.
So, all is well, until I try this remotely.
enter-pssession -computername MY_SERVER
and then running the above commands gives:
get-nlbclusternode : Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))
At line:1 char:10
+ $nodes = get-nlbclusternode
+ ~~~~~~~~~~~~~~~~~~
+ CategoryInfo : PermissionDenied: (Microsoft.Netwo...tNlbClusterNode:GetNlbClusterNode) [Get-NlbClusterN
ode], UnauthorizedAccessException
+ FullyQualifiedErrorId : AccessDenied,Microsoft.NetworkLoadBalancingClusters.PowerShell.GetNlbClusterNode
All documentation we can find on it anywhere on the web seems toindicate both UAC and local admin as the issues, though we're confirmed as having UAC disabled (not something we want to happen when we start to go any further than our dev enviroment) and being in local admin/domain admin.
We've tried with both Powershell 3 and 4 on the server to no avail.
Really would appreciate any help.
Best Answer
Possibly a double-hop problem. Can you try establishing the remoting session using CredSSP just for testing? (this might be a security risk, so I'm not advising you to keep this enabled after testing - that's up to you to decide)
How to use CredSSP with PowerShell remoting: http://blogs.technet.com/b/heyscriptingguy/archive/2012/11/14/enable-powershell-quot-second-hop-quot-functionality-with-credssp.aspx