Hi all,

I'm struggling to figure out what is going on here.

I'm trying to add a domain user to a VM's local administrators group via this:

$localAdminBlock = `
{
$objUser = [ADSI]("WinNT://domain/domainaccount")
$objGroup = [ADSI]("WinNT://$vm/Administrators")
$objGroup.PSBase.Invoke("Add",$objUser.PSBase.Path)
}

Invoke-Command -ComputerName $vm -Scriptblock $localAdminBlock -Credential $adminCreds

I receive an error:

"Processing data from remote server TestServer failed with the following error message: The request for the Windows Remote Shell with ShellId <id here> failed because the shell was not found on the server.  Possible causes are: the specified ShellId is incorrect or the shell no longer exists on the server.  Provide the correct ShellId or create a new shell and retry the operation..."

Any idea what's going on?

Thanks.

Not sure on the issue, but because you are using ADSI, you shouldn't need to use Invoke-Command to add the user

$Computer = "RemoteMachine"
$UserName = "User"
$Domain = "MyDomain"

# Bind to remote local admin group
$Group =  [ADSI]"WinNT://$Computer/Administrators,group"
# Bind to domain user
$User =  [ADSI]"WinNT://$Domain/$Username,user"
# Add domain user to group
$Group.Add($User.Path)		

Tried just that code directly and I get:

"The following exception occurred while retrieving member "add": The network path was not found."

Tried looking into the $group object and I get "format-default: The following exception occurred while retrieving member 'distinguishedName': 'The network path was not found.'"

You need to use $using:vm instead of $vm since you are passing a value from a local variable into the scriptblock which is executed remotely. If you don't do this then the $vm will be $null in the remote session. If you use $using:vm then Invoke-Command will evaluate the local $vm variable and use this value in the remote session.

$localAdminBlock = `
{
$objUser = [ADSI]("WinNT://domain/domainaccount")
$objGroup = [ADSI]("WinNT://$using:vm/Administrators")
$objGroup.PSBase.Invoke("Add",$objUser.PSBase.Path)
}

Invoke-Command -ComputerName $vm -Scriptblock $localAdminBlock -Credential $adminCreds

You need to use $using:vm instead of $vm since you are passing a value from a local variable into the scriptblock which is executed remotely. If you don't do this then the $vm will be $null in the remote session. If you use $using:vm then Invoke-Command will evaluate the local $vm variable and use this value in the remote session.

$localAdminBlock = `
{
$objUser = [ADSI]("WinNT://domain/domainaccount")
$objGroup = [ADSI]("WinNT://$using:vm/Administrators")
$objGroup.PSBase.Invoke("Add",$objUser.PSBase.Path)
}

Invoke-Command -ComputerName $vm -Scriptblock $localAdminBlock -Credential $adminCreds