I'm trying to administer a Windows 7 machine remotely. I've enabled WinRM and can use Enter-PsSession to connect to the remote machine.
However, I'm noticing a difference between running a particular command locally, vs running it remotely, even though I'm connecting with the same user account (which is a Domain Admin).
The output from the remote session is:
> enter-pssession -computername REMOTEHOST
[REMOTEHOST} > Get-WURebootStatus
New-Object : Creating an instance of the COM component with CLSID {C01B9BA0-BEA7-41BA-B604-D0A36F469133} from the IClassFactory failed due to the following error: 80070005.
At C:\Windows\system32\WindowsPowerShell\v1.0\Modules\pswindowsupdate\Get-WURebootStatus.ps1:52 char:33
+ $objSystemInfo= New-Object <<<< -ComObject "Microsoft.Update.SystemInfo"
+ CategoryInfo : NotSpecified: (:) [New-Object], UnauthorizedAccessException
+ FullyQualifiedErrorId : System.UnauthorizedAccessException,Microsoft.PowerShell.Commands.NewObjectCommand
ExecutionPolicy is set to 'Unrestricted', and this command works great when I'm using a local powershell session on the remote machine.
Is there a different security context for remote powershell sessions?
edit: the specific line it's failing on is this one:
$objSystemInfo= New-Object -ComObject "Microsoft.Update.SystemInfo"
Best Answer
The Windows Update API is special. It specifically checks for and disallows remote access by checking if your token is marked as remote. I don't know why it was written this way.
I ended up creating a scheduled task and invoking the windows update API inside that - quite a nuisance.