Need help with PSRemoting

Scenario: I have a PsRemote Session Configured and Operational from my domain to a VM on Azure which is a WORKGROUP Computer. I have a script located on my Azure VM which I run from my Domain computer using PsRemote session, it reads some text files and returns the results on my computer screen.

Problem: I want those results to be written in a file on my Source/Domain Computer rather than displaying in PowerShell console.

Script Code

Select-String -Path C:\sometextfile.txt -Pattern "Search pattern" | select linenumber,line |`
 Export-Csv -Path '\\destinationIP\d$\results.csv' -NoTypeInformation

 

Error: Access Denied

When I try to write results in a file on my computer it produces the aforementioned error.

 

If I understood it properly, You are connecting to a remote system and reading a file then writing the result back to the source computer.

Node1 -->(Hop1) Node2 -->(Hop2) Node1

This will undergo double-hoping. Double hoping is not allowed by default. TO do this, you hae to allow the source system to delegate your credentials for remote system to use.

Read about credential delgation in below documentation.

https://devblogs.microsoft.com/scripting/enable-powershell-second-hop-functionality-with-credssp/

https://codingbee.net/powershell/powershell-use-credssp-to-run-commands-remotely-with-fewer-issues

https://www.itprotoday.com/powershell/enable-credssp-powershell

You can also register a PSSession Configuration on the workgroup computer and it should allow you to accomplish the same task. Our organization recently switched from CredSSP to this method. With PSSession Configuration, there are many options to configure your PSSession to make you session more secure. There is a great blog post by Ashley McGlone about this exact situation. You can find that here

Register-PSSessionConfiguration

and another blog post on Registering PSSession Configuration

Another Solution to Multi-Hop

If you do chose CredSSP to get past the double hop, make sure to avoid using any wildcards in your trusted host and only use the workgroup vm as the delgate computer.

pwshliquori