3

I have two machines say Machine-A: An azure vm role on cloud. Machine-B: A machine on my network domain.

I can remote login to both MachineA and MachineB (using RDP) and copy say a folder 'temp' from location \MachineA.cloudapp.net\C$\temp to \MachineB\C$\

How do I achieve this programmatically, preferrably through powershell script?

I tried:

$rm = new-object RemoteMachine
$pass = ConvertTo-SecureString -AsPlainText $rm.Password -Force
$Cred = New-Object System.Management.Automation.PSCredential -ArgumentList $rm.Username,$pass
Invoke-Command -ComputerName $rm.MachineName -Credential $Cred -ScriptBlock{
#   Copy folder
}

Where RemoteMachine is:

public class RemoteMachine
{
    public string MachineName="MachineA.cloudapp.net";
    public string Username="remote";
    public string Password="password";    
    }
}

It fails with logon failure, though I use the same credentials for RDP. I have another doubt, even if the login is possible, then how will MachineA will know about MachineB?

Probably I am missing something simple and direct!

dushyantp
  • 4,398
  • 7
  • 37
  • 59

2 Answers2

0

You may have a look to Forwarding credentials in multihop environments in capter 13 of Bruce Payette nice book.

You perhaps need the CredSSP mechanism which enables you to securely pass your credentials to a target machine via a trusted intermediary.

JPBlanc
  • 70,406
  • 17
  • 130
  • 175
0

PowerShell remoting needs to be enabled on your VM:

 PS> Enable-PSRemoting

You should then be able to remote in, passing the credentials of an administrator on that machine:

Invoke-Command -ComputerName MachineA -Credential username -ScriptBlock {
#   Copy folder
}

If username is a domain account, make sure to include the domain (e.g. DOMAIN\username). PowerShell will prompt you for the password.

Because you're copying from MachineA to MachineB, you're probably encountering the double-hop problem. To connect to MachineB from MachineA, PowerShell needs your credentials again (username/password) and it doesn't have them on MachineA. You have to enable something called CredSSP to allow credentials to be stored and shared between machines.

  • The machine receiving the credentials has to be configured to receive them (i.e. to act as a server)
  • The machine sending the credentials has to be configured to send them (i.e. to act as a client)

See my answer on this question for details on enabling CredSSP.

Community
  • 1
  • 1
Aaron Jensen
  • 25,861
  • 15
  • 82
  • 91
  • Nope already tried that. :( no success. BTW even if the login is possible, then how will MachineA will know about MachineB? – dushyantp Jul 11 '12 at 14:08