I can successfully create a remote session using Enter-PSSession to a server SRV_A from a computer MyComputer. Inside this session if I execute the cmdlet Get-Service -ComputerName ComputerB, I get the error “Cannot open Service Control Manager on computer ‘ComputerB’. This operation might require other privileges.”. But when I do the cmdlet “Get-Service -ComputerName ComputerB” from a Powershell session directly on SRV_A, it runs correctly. Of course I use the same user to create the remote session (cmdlet Enter-PSSession) than when I log directly on SRV_A. All machines have Powershell 4.0 installed and SRV_A and ComputerB are in the same domain.
What is wrong? Can we not use a “Get-Service -ComputerName xxx” inside a Remote Powershell Session? Do we get not exactly the same right from a Remote Powershell Session than a “normal” Powershell Session with the same user?
You’re running into the “double hop” problem, as described in “Secrets of PowerShell Remoting.”
Your credential delegates when you remote to SRV_A. However, once there, your credential cannot (by default) be delegated further. So SRV_A cannot access non-local resources.
The ebook Secrets of PowerShell Remoting describes this in more detail and offers solutions, which usually requires enabling additional authentication mechanisms and setting up multiple-hop delegation.