Stuck on elevation prompt for getting powershell settings remotely

sean-ackerman · September 3, 2014, 4:52am

I am trying to verify across 20 servers the powershell configuration.

So locally UAC prompt powershell as admin the below works.

 get-item wsman:\localhost\shell | get-childitem

Remoting wise I thought this work have worked.

 Start-Process powershell.exe -ArgumentList "icm -computername server1,server2,server3 -scriptblock {get-item wsman:\localhost\shell | get-childitem}" -verb runas

Not sure how to capture the output or at least hold up the pop window that occurs.

donj · September 3, 2014, 4:54am

Well… I think the general theory is to try and not run into UAC. I would normally run Invoke-Command from my non-elevated prompt, and provide it with a -Credential parameter, which it would use to make the remote connection. That should remove any UAC pop-up windows, since you’re not launching a new instance of PowerShell. That’ll also put the output right into your PowerShell console, where you can work with it however you like.

sean-ackerman · September 3, 2014, 5:39am

Thanks Don. That where I am at a loss since

icm -computername server1,server2,server3 -scriptblock {get-item wsman:\localhost\} -Cred usernameinfohere

works but soon as I add shell to the end of wsman:\localhost\ I run into what looks like a permissions issue since for example (pre)icm -computername server1,server2,server3 -scriptblock {get-eventlog security -Newest 10} works. I'll keep digging and let you know if I find something fruitfull.

donj · September 3, 2014, 5:47am

It’s square brackets on the code formatting

Couple of things. One, keep in mind that you can map other computers’ WS-MAN to your own WSMAN: drive. It uses demoting under the hood, so try doing that with 1-2 computers. If you’re not able to navigate the hierarchy that way, then yes, there’s a problem of some kind. But that’ll help eliminate certain possibilities.

Second, double-check and make sure Remoting is enabled on those computers. I’m guessing it is, since just going to /localhost/ works.

Third, keep in mind all those settings can also be configured in a GPO, which may be more convenient for you.

sean-ackerman · September 3, 2014, 7:15am

Resorted to using a foreach in combination connect-wsman then reused code.

$file = "wsmansettings.txt"

$servers = "server1","server2","server3","server4","server5"

foreach($server in $servers){
                                Connect-WSMan $server
                                Get-Item wsman:\$server\shell | Get-ChildItem | out-file $file -Append
                                Disconnect-WSMan $server

                            }#foreach

invoke-item $file
$servers = ""

mybad on the pre tags…

sean-ackerman · September 3, 2014, 8:59am

Thanks for the advice and assistance.

Topic		Replies	Views
Running commands in elevated prompt on remote computer PowerShell Help	7	423	May 16, 2024
Access denied when running a PS script to retrieve info from a remote computer PowerShell Help	19	17541	May 16, 2024
Powershell 3.0 Remoting PowerShell Help	21	334	May 16, 2024
Create a powershell with admin rights without being prompted PowerShell Help	5	1432	May 16, 2024
PowerShell remoting broken PowerShell Help	13	483	May 16, 2024

Stuck on elevation prompt for getting powershell settings remotely

Related topics