Problem running PS script from PS web

I just recently setup a PS Web server for my team to be able to share PS scripts. On two of my scripts that manupliate AD I am getting errors.
I have verified that the AD module is available.
Here is one of the errors

Get-ADComputer : Unable to contact the server. This may be because this server does not exist, it is currently down,
or it does not have the Active Directory Web Services running.
At C:\PSScripts\Create Server LADM Groups.ps1:1 char:19

  • $ServerAccounts = Get-ADComputer -Filter * -SearchBase 'OU=Servers,DC=info,DC=co …
  •               ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    
    • CategoryInfo : ResourceUnavailable: (:slight_smile: [Get-ADComputer], ADServerDownException
    • FullyQualifiedErrorId : ActiveDirectoryServer:0,Microsoft.ActiveDirectory.Management.Commands.GetADComputer

Thanks in advance.

Are you hosting the scripts in a web service?

Can you run the scripts in a normal PowerShell console from the web server?

Is the web server part of the domain?

Do any other scripts that access AD work?

Not sure I know what you mean by hosting the scripts in a web service.
Yes, I can run all the components of the script from the PS web.
Yes.
No.

Thanks in advance :slight_smile:

Hey there Nathan,

Would it be possible to see the script code? I’ve got a PSWA server in my test environment, so I can test and see if I can duplicate the issue.

Actually, I was able to duplicate it just running Get-ADComputer “%servername%”. A couple of things to check:

Make sure that at least one of your DCs is running Active Directory Web Services. You won’t be able to connect without it.
Use the -Server parameter to specify the DC running ADWS.

Alternatively, you could use PSWA to connect to domain controller (you’ll have to make sure it’s in a PswaAuthorizationRule before you can access it), and execute the script from there.

So I have tried your suggestions and it still fails to run for PSWEB.
Here is a copy of my script that I am trying to execute from PSWEB
$GroupVar=Read-Host “Enter Computer name”
$UserVar=Read-Host “Enter Local Admin User ID”
$ErrorActionPreference = “SilentlyContinue”
$DoesUserExist=(Get-ADUser -Identity $UserVar -Server DC05 -ErrorAction SilentlyContinue)
$DoesGroupExist=(Get-ADGroup -Identity “$GroupVar - LADM” -Server DC05 -ErrorAction SilentlyContinue)
$UserInGroup=(Get-ADGroupMember -Identity “$GroupVar - LADM” -Server DC05 | Where-Object {$_.SamAccountName -eq $UserVar} -ErrorAction SilentlyContinue)
$ErrorActionPreference = “Ignore”
if ($DoesUserExist.SamAccountName -eq $UserVar)
{
Write-Host -ForegroundColor Green “User account Found. Will try to add to group”
}
Else
{
Write-Warning “User Account does not exist. Will creat one now”
$UserGivenNameVar=Read-Host “Enter Users First Name”
$UserSurNameVar=Read-Host “Enter Users Last Name”
$PasswordVar=(ConvertTo-SecureString ‘Password01’ -AsPlainText -force)
New-ADUser -Name “$UserGivenNameVar $UserSurNameVar - Local Admin” -SamAccountName $UserVar -UserPrincipalName “$UserVar@internal.domain.com” -AccountPassword $PasswordVar -ChangePasswordAtLogon 1 -GivenName $UserGivenNameVar -Surname $UserSurNameVar -DisplayName “$UserGivenNameVar $UserSurNameVar - Local Admin” -Path ‘OU=Workstation Local Admin Users,OU=People,DC=internal,DC=domain,DC=com’ -Enabled $true -Server DC05
Write-Host -ForegroundColor Green “User Account Created”
}
if ($DoesGroupExist.SamAccountName -eq $GroupVar)
{
Write-Host -ForegroundColor Green “Group Found. Will Try to add user to group.”
}
Else
{
Write-Warning “Group Not found. Will create now”
New-ADGroup -Name “$GroupVar - LADM” -GroupScope Global -GroupCategory Security -Path ‘OU=Workstation Local Admin Computers,OU=Groups,DC=internal,DC=domain,DC=com’ -Server DC05
Write-Host -ForegroundColor Green “Group Created”
}
if ($UserInGroup.SamAccountName -eq $UserVar)
{
Write-Warning “User account already in group. No further action needed”
}
Else
{
Add-ADGroupMember -Identity “$GroupVar - LADM” -Members $UserVar -Server DC05
Write-Host -ForegroundColor Green “Account added to group”
}