Windows 10 non-server edition Remote Shell

Question

There a are two computers connected to the local network managed under organization domain.

There are simple task list must be implemented on any machine. I want to abstract away that machine list to a script that can be executed simultaneously on any machine.

Now, I am trying to get interactive admin remote shell. Like SSH on linux machines.

Any machine can ping second one.

Any machine has latest PowerShell deployed.

Any machine configured via

winrm quickconfig
Enable-PSRemoting

Let's expose one machine and call it 'admin pc'.

Also let's expose one random non-admin pc.

Next command successfully executed at admin pc.

Enter-PSSession -ComputerName some_name -Credential domain\name

and I got interactive connection.

On that page noted necessary for me parameter to get admin shell, -RunAsAdministrator, but it doesn't work.

Enter-PSSession -ComputerName some_name -Credential domain\name -RunAsAdministrator


Enter-PSSession : Не удается разрешить набор параметров с использованием указанных именованных параметров.
строка:1 знак:1
+ Enter-PSSession -ComputerName some_name -Credential domain\nam ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidArgument: (:) [Enter-PSSession], ParameterBindingException
    + FullyQualifiedErrorId : AmbiguousParameterSet,Microsoft.PowerShell.Commands.EnterPSSessionCommand

What can cause the error?

Peter Hahndorf · Accepted Answer · 2021-03-06T11:50:30.667

1

To get an elevated admin session on the remote computer you don't need to use -RunAsAdministrator, just connect with a user that is an administrator on the remote machine. The remote session is already elevated.

The -RunAsAdministrator switch can only be used together with the -ContainerId parameter when connecting to a container not when connecting to a remote session.

edited Mar 06 '21 at 11:50

answered Mar 06 '21 at 09:40

Peter Hahndorf

13,763
3
37
58

Thank you for reply. Code https://serverfault.com/a/95464/621126 returns false. I have logged in under domain user that have limited, but on pc-level root access. And, why flag `-RunAsAdministrator` is syntactically incorrect? – Alexander Ushakov Mar 06 '21 at 09:53
I updated my answer about -RunAsAdministrator. I don't know why your session is not elevated. A domain user who is in the local administrator group should work. What does `whoami /groups` return when executed in the remote session? – Peter Hahndorf Mar 06 '21 at 11:53
@AlexanderUshakov: PowerShell has the concept of parameter sets, RunAsAdministrator is incompatible with other parameters that are not part of the same set. – Greg Askew Mar 06 '21 at 14:05
Problem was simple - I have not be presented at local machine admin group. – Alexander Ushakov Mar 09 '21 at 16:12

Windows 10 non-server edition Remote Shell

1 Answers1