Search code examples
powershelldictionarydrive

New-PsDrive Remote copy from DFS share errors: A specified logon session does not exist


So to recap the situation: I am at one computer trying to run powershell using enter-pssession computername, then from the remote session, run the logic below:

$DFSPath = "\\DFSpath.com"
$RDL1 = [char](1+[char](gdr ?)[-1].name)
New-PSDrive -Name $RDL1 -PSProvider FileSystem -Root $DFSPath -Persist -credential domain\UN

The get-variable shows the variables properly. But when I try to create with New-PSDrive, it gives:

New-PSDrive : A specified logon session does not exist. It may already have
been terminated

I did look at this: PowerShell 2.0: Accessing Windows Shares during a Remote Session but wasn't able to get it to work. Also I wouldn't know how to devise it in my script above (which will be run on multiple computers). Is there anything newer? I am using v3 powershell. Thanks so much!


Solution

  • From the looks of things it appears that you are experiencing the dreaded "Double-Hop". If you only what to remote to a few computers it's pretty easy to setup the "fix" for the "Double-Hop". On the computers that you want to remote to you need to run the following commands:

    Enable-PSRemoting
    
    Enable-WSManCredSSP Server
    

    Then on the computer you want to remote from you need to run the command:

    Enable-WSManCredSSP Client –DelegateComputer [<FQDN of the server>][*]
    

    In place of the fully qualified domain name you can put a * instead. That will allow you to send your credentials to any computer (that could be dangerous).

    Now how would you work this into a script? There is a command called Invoke-Command. If you look at the parameters of Get-Help Invoke-Command -Parameter *, you'll see that it take a Credential and a Authentication. Here's how you would run a command on multiple computers.

    $MyCred = Get-Credential
    Invoke-Command -ComputerName Computer1,Computer2 -Credential $MyCred -Authentication Credssp -ScriptBlock {Get-ChildItem $args[0]} -ArgumentList '\\Server\Share' -ErrorAction SilentlyContinue
    

    Now if you'll be remoting onto many machines and you know how to use Group Policy. I'd recommend setting up PSRemoting and enabling WSManCred with the Group Policy.