3

I have two machines say Machine-A: An azure vm role on cloud. Machine-B: A machine on my network domain.

I can remote login to both MachineA and MachineB (using RDP) and copy say a folder 'temp' from location \MachineA.cloudapp.net\C$\temp to \MachineB\C$\

How do I achieve this programmatically, preferrably through powershell script?

I tried:

$rm = new-object RemoteMachine
$pass = ConvertTo-SecureString -AsPlainText $rm.Password -Force
$Cred = New-Object System.Management.Automation.PSCredential -ArgumentList $rm.Username,$pass
Invoke-Command -ComputerName $rm.MachineName -Credential $Cred -ScriptBlock{
#   Copy folder
}

Where RemoteMachine is:

public class RemoteMachine
{
    public string MachineName="MachineA.cloudapp.net";
    public string Username="remote";
    public string Password="password";    
    }
}

It fails with logon failure, though I use the same credentials for RDP. I have another doubt, even if the login is possible, then how will MachineA will know about MachineB?

Probably I am missing something simple and direct!

4

2 回答 2

0

需要在 VM 上启用 PowerShell 远程处理:

 PS> Enable-PSRemoting

然后,您应该能够远程进入,并在该计算机上传递管理员的凭据:

Invoke-Command -ComputerName MachineA -Credential username -ScriptBlock {
#   Copy folder
}

如果username是域帐户,请确保包含域(例如DOMAIN\username)。PowerShell 将提示您输入密码。

因为您是从 MachineA 复制到 MachineB,所以您可能会遇到双跳问题。要从 MachineA 连接到 MachineB,PowerShell 再次需要您的凭据(用户名/密码),而 MachineA 上没有这些凭据。您必须启用名为 CredSSP 的功能,以允许在机器之间存储和共享凭据。

  • 接收凭据的机器必须配置为接收它们(即充当服务器)
  • 发送凭据的机器必须配置为发送它们(即充当客户端)

有关启用 CredSSP 的详细信息,请参阅我对此问题的回答。

于 2012-07-10T23:54:51.677 回答
0

您可以查看Bruce Payette 好书第 13 章中的在多跳环境中转发凭据。

您可能需要 CredSSP 机制,该机制使您能够通过受信任的中介将您的凭据安全地传递给目标机器。

于 2012-07-10T11:43:43.443 回答