powershell and login with nested group

I have three active directory groups with membership as follows.  When I grant sql01-admins a login (and the sysadmin role) to a sql server instance, users in the nested groups are able to login through ssms and access resources as I expect.  However, if I use the sqlps powershell provider they are not able to access the resources.  If I add the nested group directly, i.e. if I grant sql-test-admins and sql-prod-admins a login (and the sysadmin role), then the sqlps modules is usable.  

Why does this nested group work with ssms but not with the powershell sqlps provider?

sql01-admins

--sql-test-admins

--sql-prod-admins

sql-test-admins

--bill

--larry

sql-prod-admins

--jim

--tom


  • Edited by gordonthree Thursday, August 20, 2015 6:52 PM
August 20th, 2015 6:52pm

It seems most likely to me that it's something to do with the connection string parameters used by PowerShell.

Perhaps the instance isn't properly identified and PowerShell can't find the SQL Server so it times out. It probably gets a SQL Server not found error.

Perhaps PowerShell finds the Database Engine but isn't using integrated authentication so the login fails. In that case the SQL Server error log would have documented the failed login attempt and will provide a reason.

Free Windows Admin Tool Kit Click here and download it now
August 21st, 2015 12:24pm

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics