Unable to execute powershell scripts on few production servers.

[gangadhar01a]

Hi,

I am able to execute commands on remote nodes via Rundeck, except powershell scripts and we are using winRM for file copier. As I am able to execute the commands which means no firewall issues, can you please point me to the right direction to fix the issue.

Below I will provide the rundeck project configuration, winRM and error details

Rundeck project configuration:

"#Thu Feb 14 19:19:05 PST 2019 #edit below project.description= project.disable.executions=false project.disable.schedule=false project.file-copy-destination-dir=C:\Users\rundeck.svc\ project.jobs.gui.groupExpandLevel=1 project.label= project.name=WMS project.nodeCache.delay=30 project.nodeCache.enabled=true project.winrm-auth-type=kerberos project.winrm-cert-trust=all project.winrm-cmd=CMD project.winrm-hostname-trust=all project.winrm-password-storage-path=keys/demo/rundeck project.winrm-protocol=https project.winrm-user-option=rundeck.svc resources.source.1.config.cache=true resources.source.1.config.timeout=30 resources.source.1.type=url resources.source.2.config.file=/var/rundeck/projects/wms/etc/resources.xml resources.source.2.config.format=resourcexml resources.source.2.config.generateFileAutomatically=false resources.source.2.config.includeServerNode=false resources.source.2.config.requireFileExists=false resources.source.2.type=file service.FileCopier.default.provider=overthere-winrm service.NodeExecutor.default.provider=overthere-winrm"

winRM config on remote node: PS C:\Windows\system32> winrm g winrm/config Config MaxEnvelopeSizekb = 500 MaxTimeoutms = 60000 MaxBatchItems = 32000 MaxProviderRequests = 4294967295 Client NetworkDelayms = 5000 URLPrefix = wsman AllowUnencrypted = false Auth Basic = true Digest = true Kerberos = true Negotiate = true Certificate = true CredSSP = false DefaultPorts HTTP = 5985 HTTPS = 5986 TrustedHosts Service RootSDDL = O:NSG:BAD:P(A;;GA;;;BA)(A;;GR;;;IU)S:P(AU;FA;GA;;;WD)(AU;SA;GXGW;;;WD) MaxConcurrentOperations = 4294967295 MaxConcurrentOperationsPerUser = 1500 EnumerationTimeoutms = 240000 MaxConnections = 300 MaxPacketRetrievalTimeSeconds = 120 AllowUnencrypted = true Auth Basic = true Kerberos = true Negotiate = true Certificate = false CredSSP = false CbtHardeningLevel = Relaxed DefaultPorts HTTP = 5985 HTTPS = 5986 IPv4Filter = * [Source="GPO"] IPv6Filter = * [Source="GPO"] EnableCompatibilityHttpListener = false EnableCompatibilityHttpsListener = false CertificateThumbprint AllowRemoteAccess = true [Source="GPO"] Winrs AllowRemoteShellAccess = true IdleTimeout = 7200000 MaxConcurrentUsers = 10 MaxShellRunTime = 2147483647 MaxProcessesPerShell = 25 MaxMemoryPerShellMB = 1024 MaxShellsPerUser = 30

Error: [overthere-winrm:prod-sb-wmsapp2.hautelook.local] failed: WinRM Error: Error when sending request to https://prod-sb-wmsapp2.hautelook.local:5986/wsman Request: <env:Envelope xmlns:env="http://www.w3.org/2003/05/soap-envelope">

Note: I am able to execute the commands on remote node except the powershell script.

My Rundeck detail

• Rundeck version: [ 2.11.3-1]
• install type: [rpm]
• OS Name/version: [centos 7]
• DB Type/version: [choose: mysql ]

To Reproduce Steps to reproduce the behavior: set up project with Default node executor: winRM Default node file copier: winRM Workflow has the following command to execute powershell.exe -File "//corpshares/tech/servicerestart.ps1" (servicerestart.ps1 - Script placed on share)

[v-2vinty]

@gangadhar01a Did you find solution to this problem yet? So far i have narrowed the issue down to rundeck server looking up for wrong kerberos service record in DNS. In my case its trying to lookup "_kerberos._udp.IS01-RUNDEK-003.CVENT.NET" where is01-rundek-003 is not the name of a domain controller. Any idea how rundeck server comes up with this srv record name??

[ltamaster]

Hi @gangadhar01a, Are you using an administrator user?