I've got a segmented Active Directory network where multiple VLAN's can only talk to a local AD server, but all AD servers can talk to each other. I'd like to have a script that can proxy through each AD server to run a command on each system per VLAN. However, my code doesn't appear to run the commands.
function RunRemote {
param([string]$ScriptBlock,[string]$Server,[string]$DC)
$icm = '[ScriptBlock]$sb=[ScriptBlock]::create(' + $ScriptBlock + ');icm -cn ' + $Server + ' -ScriptBlock $sb'
icm -cn $DC -ScriptBlock { $icm }
}
$ScriptBlock = "date"
$Server = "Comp01"
$DC= "DC01"
RunRemote $ScriptBlock $Server
I'm not receiving any errors, but none of the commands sent are being run on the remote servers. If I make an interactive session with an AD server, then the Invoke command works as expected to each vlan.
I think you have a dubble hop problem. You're credentials aren't passed to the next hop. You can send you're credentials with the first invoke as parameters and then in the second invoke you use those passed credentials to make a credential object and give it to the credential parameter.
or you can use CredSSP.
this article helped me earlier