我写了一个 PS 脚本,它使用域管理员凭据远程连接到网络文件夹。但是执行的时候,出现错误:access is denied。我不太明白问题是什么。 PS 脚本我以管理员身份运行,我在脚本中使用域管理员凭据。有没有人遇到过这样的事情?
# The computer name to which you want to connect
$ComputerName = "target_computer_name"
# Domain user credentials (in "domain\username" format)
$Username = "domain\username"
$Password = "password"
# Convert the password to a secure string
$SecurePassword = ConvertTo-SecureString $Password -AsPlainText -Force
# Create a PSCredential object
$Credential = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $Username, $SecurePassword
# Network folder to connect to (e.g., "\\file_server\shared_folder")
$SharePath = "\\file_server\shared_folder"
# Drive letter for the network drive (e.g., "Z")
$DriveName = "Z"
# Execute the script on the target computer
Invoke-Command -ComputerName $ComputerName -Credential $Credential -ScriptBlock {
param($SharePath, $DriveName)
# Check if the network drive with the specified name already exists
if (-not (Get-PSDrive -Name $DriveName -ErrorAction SilentlyContinue)) {
# Create the network drive
New-PSDrive -Name $DriveName -PSProvider FileSystem -Root $SharePath -Persist
Write-Host "Network drive $DriveName successfully connected to $SharePath"
} else {
Write-Host "Network drive with the name $DriveName already exists"
}
} -ArgumentList $SharePath, $DriveName
New-Object -TypeName System.Management.Automation.PSCredential
需要一个 SecureString 作为密码。
在这里阅读
如果这没有帮助,请显示确切的错误消息,然后我可以跟进您的问题。
另外,你不应该用纯文本写密码,而是使用类似 SecretManagement 的东西:
#Prerequisites
Set-PSRepository -Name 'PSGallery' -InstallationPolicy Trusted
Install-Module Microsoft.PowerShell.SecretManagement -Confirm:$false -Scope AllUsers
Install-Module Microsoft.PowerShell.SecretStore -Confirm:$false -Scope AllUsers
Import-Module Microsoft.PowerShell.SecretManagement
Import-Module Microsoft.PowerShell.SecretStore
#Register a local SecretVault
Register-SecretVault -Name VaultName -ModuleName
Microsoft.PowerShell.SecretStore -Description "My first secret vault"
# Create a credential object.
$credential = Get-Credential
# Create a new secret named Secret1
Set-Secret -Name Secret1 -Secret $credential
#Creates an encrypted XML to save the vault password locally
Get-Credential | Export-CliXml ~/vaultpassword.xml
#Abstracts the vault password from the created xml
$vaultpassword = (Import-CliXml ~/vaultpassword.xml).Password
#Unlocks the Secretstore to obtain the saved secrets (your admin password)
Unlock-SecretStore -Password $vaultpassword
以下脚本是我使用 SecretManagement 传递凭证的版本:
$vaultName = "YourVaultName"
$secretName = "administrator"
$vaultpassword = (Import-CliXml C:\Users\yourname\temp1.xml).Password
Unlock-SecretStore -Password $vaultpassword
$username = "administrator"
$password = Get-Secret -Vault $vaultname -Name $secretName
$psCredential = New-Object System.Management.Automation.PSCredential ($username, $password)
$TargetServer = 'your server' #could also be an array of servers
Invoke-Command -ComputerName $TargetServer -Credential $psCredential -Scriptblock {Your script}
有关 SecretManagement 的帮助,我建议您查看 this 博客,这就是教会我这个概念的原因