Hi all
I would like to setup RDS Session on new servers automatically.
The first step to join the server to the Active directory domain is ok
Now I would like to install RDS Roles Session automatically
When the server reboot, it runs a script using local admin account.
I know one need an Active directory account to deploy.
So I tried this :
$user = "AD\User" $pwd = ConvertTo-SecureString "xxxxx" -AsPlainText -Force $cred = New-Object System.Management.Automation.PSCredential($user,$pwd) Add-LocalGroupMember -Group "Administrators" -Member $user | Out-File -Append $LogFile Import-Module RemoteDesktop #Enable-PSRemoting -Force Invoke-Command -ComputerName $Env:Computername -ScriptBlock { $RDSSrvName = $Env:Computername + ".xxx.yyy.com" $LogFile = "$Env:ProgramFiles\Renault\RDS_Roles_setup.log" New-RDSessionDeployment -ConnectionBroker $RDSSrvName -WebAccessServer $RDSSrvName -SessionHost $RDSSrvName | Out-File -Append $LogFile } -Credential $cred # -Authentication CredSSP $null = install-windowsfeature -Credential $cred RSAT-RDS-Licensing-Diagnosis-UI -LogPath $LogFile Remove-LocalGroupMember -Group "Administrators" -Member $user | Out-File -Append $LogFileIt returns
[
MYSERVER] Connecting to remote server MYSERVER failed with the following error message : Access is denied. For more information, see the about_Remote_Troubleshooting Help topic. + CategoryInfo : OpenError: (MYSERVER:String) [], PSRemotingTransportException + FullyQualifiedErrorId : AccessDenied,PSSessionStateBroken
If I add Enable-PSRemoting -Force before the command, I get
[
MYSERVER]Connecting to remote server [MYSERVER] failed with the following error message : Access is denied. For more information, see the about_Remote_Troubleshooting Help topic. + CategoryInfo : OpenError: ([MYSERVER]:String) [], PSRemotingTransportException + FullyQualifiedErrorId : AccessDenied,PSSessionStateBroken + PSComputerName : MYSERVER
Even if I try to run the command as the Active directory user being AD-User and Local admin , I get too :
PS C:\users\ad-admin\Desktop> $RDSSrvName = $Env:Computername + ".xxx.yyy.com" PS C:\users\ad-admin\Desktop> New-RDSessionDeployment -ConnectionBroker $RDSSrvName -WebAccessServer $RDSSrvName -SessionHost $RDSSrvName
New-RDSessionDeployment : Validation failed for the "RD Connection Broker" parameter. MYSERVER.xx.yy.fr Unable to connect to the server by using Windows PowerShell remoting. Verify that you can connect to the server. At line:1 char:1+ New-RDSessionDeployment -ConnectionBroker $RDSSrvName -WebAccessServe ...+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : NotSpecified: (:) [Write-Error], WriteErrorException + FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,New-RDSessionDeployment
Could some tell me what I missing ?
The Active Directory user has no right on the active directory
Thanks
ML