Powershell Server Network drive

Question

I have a client and a server. The client will call a script like:

#Predefine necessary information
$Username = \"Niels\"
$Password = \"password\"
$ComputerName          


        

Answer 1

You can't do this using the default authentication mechanism. You need to use an authentication mechanism that allows you to flow credentials, not just identity. Kerberos is one of these. CredSSP is another that is built into Windows starting from Vista/Server 2008 onwards.

I have experience setting up CredSSP. Note that there is some security risk because the target machine will have access to the credentials as plain text.

To set it up you will need to run two commands (both from an elevated shell). One on the machine you are running the above script on (the client) and another on the target that you will be connecting to via remoting (the server).

Enable-WSManCredSSP -Role Client -DelegateComputer $ComputerName -Force

This enables delegation to $ComputerName from the client (note you may have to use the FQDN). For security reasons you should avoid using the wild card '*' although you might consider using '*.mydomain.int' to enable delegation to all machines on the domain.

On the target server

Enable-WSManCredSSP -Role Server

Then when you create the session use the -Authentication flag

$Session = New-PSSession -ComputerName $ComputerName -credential $Cred -Authentication Credssp

There are questions on ServerFault on setting up CredSSP. There is also a blog post here with additional explanation. This post has troubleshooting tips for some commonly encountered error messages.