Hello!

we work in a big company and have a lot of clouds which are isolated from each other, each cloud is reachable via one jumphost which is reachable and accessible from the local network. Each cloud contains a lot of hosts which are only reachable from the jumphost.

I need to readout or change files etc. from/on the hosts inside the clouds.
I have tried the following to make it work (hostname1 = jumphost, hostname2 = host inside the cloud):

$s = New-PSSession -ComputerName hostname1 -credential ad\username
Import-PSSession -Session $s -CommandName Invoke-Command, New-PSSession -prefix RS

$p = New-RSPSSession -ComputerName hostname2 -credential ad\username
Invoke-RSCommand -session $p -ScriptBlock {Get-ChildItem C:\}
remove-RSpssession $p
remove-pssession $s

It fails with the following error:

Der Parameter "Session" kann nicht gebunden werden. Der Wert "[PSSession]Session1" vom Typ

The following works without problems (it's only a readout of the jumphost):

$cred = Get-Credential ad\username -Message "Geben Sie das Passwort fr den Server ein"
$gh = New-PSSession -ComputerName hostname1 -Credential $cred
$sb1 = {Get-ChildItem C:\}
$result = Invoke-Command -Session $gh -ScriptBlock $sb1

I have also tried to nest New-PSSession in invoke-command from here on to reach the host in the cloud, which also fails with an error.

I have tried a lot of things and searched through google to find a solution, but I have to seek your assistance and hope somebody is able to help me.

Thanks a lot!

Regards,

Marc

• Edited by Marc Tschapek 20 hours 2 minutes ago

Hi Marc,

well, first you may want to use CredSSP Authentication to avoid any second hop issues.

Then, instead of importing the session, enter it. When transferring objects over the network they get serialized and deserialized (turned into text and back), and session object apparently don't survive the transfer intact. So either you fix the serialization issue (major programming job, and it's not guaranteed that simply implementing serialization will fix it) or you don't transfer the second session over the network to your local computer (thus, you'd enter the first session, or invoke a script on the remote session).

Cheers,
Fred

Hi Fred,

thanks a lot for your quick response!
I will try the CredSSP Authentication, but anyway the enter-psssession cmdlet is working without problems when I enter it manually into the shell:
enter-pssession to open a powershell session to the jumphost --> entering invoke-command with the computer name of the cloud-host manually --> i will get the information I need

But the problem is that I need to get information with the help of a .ps1 script and when I try to use enter-pssession in the script it does not work.

That's why I have tried to get it in another way.
Or do you have a solution to use enter-pssession in a script?

Otherwise I think we have to fix the serialization issue...any ideas here?

Thanks a lot for the help!

regards,

Marc

Hi Marc,

fixing it is frankly beyond my skill right now - it's a major c# project though and may well require replacing .NET binaries.

But you do not need to enter the pssession to execute something solely on the remote system. Don't import the session, use Invoke-Command with the Session parameter to run a scriptblock on the remote system.

Example:

$Session = New-PSSession "hostname1"

$script = {
$ses = New-PSSession "OtherRemoteHost"

# Command 1
# Command 2
# ...
# Command n
}
Invoke-Command -Session $Session -ScriptBlock $script

Cheers,
Fred

Ps: You can also create a scriptblock from string, by using [ScriptBlock]::Create($string