主页 / computer / 问题 / 1756688
Accepted
Vijayanand A
Asked: 2022-12-08 11:16:52 +0800 CST

在 MDT2013 上运行 Powershell 脚本

  • 772

我正在使用 PowerShell 的 MDT 任务序列,它使用这样的脚本

%SCRIPTROOT%\ConfigureWinRMwithCertificate_https.ps1

该脚本使用 https 完美地配置了 winrm,但每次,此任务都会在日志中创建异常消息,而不是我在脚本中编写的输出。

错误消息总是说脚本无法从网络驱动器执行(以下错误中隐藏的 IP 地址详细信息):

!><time="19:02:08.000+000" date="xx-xx-xxxx" component="TaskSequencePSHost" context="" type="3" thread="" file="TaskSequencePSHost">
<![LOG[NotSpecified: ('\\1.2.3.4\D$\Scripts':String) [], RemoteException]LOG]!><time="19:02:08.000+000" date="xx-xx-2022" component="TaskSequencePSHost" context="" type="3" thread="" file="TaskSequencePSHost">
<![LOG**[CMD.EXE was started with the above path as the current directory.]**LOG]!><time="19:02:08.000+000" date="xx-xx-2022" component="TaskSequencePSHost" context="" type="3" thread="" file="TaskSequencePSHost">
<![LOG[At line:1 char:1
+ winrm create winrm/config/Listener?Address=+Transport=HTTPS '@{Hostn ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~]LOG]!><time="19:02:08.000+000" date="xx-xx-2022" component="TaskSequencePSHost" context="" type="3" thread="" file="TaskSequencePSHost">
<![LOG[NotSpecified: (CMD.EXE was sta...rent directory.:String) [], RemoteException]LOG]!><time="19:02:08.000+000" date="xx-xx-2022" component="TaskSequencePSHost" context="" type="3" thread="" file="TaskSequencePSHost">
<![LOG[**UNC paths are not supported. Defaulting to Windows directory.]**LOG]!><time="19:02:08.000+000" date="xx-xx-2022" component="TaskSequencePSHost" context="" type="3" thread="" file="TaskSequencePSHost">
<![LOG[At line:1 char:1
+ winrm create winrm/config/Listener?Address=+Transport=HTTPS '@{Hostn ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~]LOG]!><time="19:02:08.000+000" date="xx-xx-2022" component="TaskSequencePSHost" context="" type="3" thread="" file="TaskSequencePSHost">
<![LOG[NotSpecified: (UNC paths are n...dows directory.:String) [], RemoteException]LOG]!><time="19:02:08.000+000" date="xx-xx-2022" component="TaskSequencePSHost" context="" type="3" thread="" file="TaskSequencePSHost">
<![LOG[TSHOST: Script completed with return code 0]LOG]!><time="19:02:12.000+000" date="xx-xx-2022" component="TaskSequencePSHost" context="" type="1" thread="" file="TaskSequencePSHost">

有没有其他方法可以克服这个错误?

实际的 powershell 脚本代码是:

Function CheckWinRMHTTPSConfiguration{
[CmdletBinding()]
param(
[Parameter(Mandatory=$False)][System.Boolean]$isWinrmHttpsConfigured = $false
)

$state_of_WinrmHttps = Get-childItem -Path WSMan:\localhost\Listener | Select-Object -ExpandProperty Keys | where {$_ -match 'https'}
if($state_of_WinrmHttps){ $isWinrmHttpsConfigured = $true}
else { $isWinrmHttpsConfigured = $false}
return $isWinrmHttpsConfigured
}

Function ConfigureWinRMwithPROJECTAACertificate_https{

$Cert_output = Get-ChildItem Cert:\LocalMachine\My | Select @{N="Template";Expression={($_.Extensions |where-object {$_.oid.Friendlyname -match "Certificate Template Information"}).Format(0) -replace "(.+)?=(.+)\((.+)?", '$2'}},@{N="Subject";Expression={$_.SubjectName.name}},Thumbprint

$Thumbprint_of_PROJECTAA_Certificate = $($Cert_output.Thumbprint)

$FQDN_of_LocalMachine = ([System.Net.Dns]::GetHostByName($env:computerName).Hostname)

if(-not $Cert_output){
Write-Host "No certificate avaialable in $FQDN_of_LocalMachine"
}
elseif($Cert_output -is [System.Array]){
Write-Host "Multiple certificates are available in $FQDN_of_LocalMachine.Skipping…”
}
elseif ($Cert_output -isnot [System.Array] -and $($Cert_output.Template) -eq "ORGANIZATIONTEMPLATENAMEHERE"){
$command_construct = 'winrm create winrm/config/Listener?Address=*+Transport=HTTPS '+''''+ '@{Hostname=' +'"'+$FQDN_of_LocalMachine+'"'+';'+' CertificateThumbprint='+'"'+$Thumbprint_of_PROJECTAA_Certificate+'"'+'}'+''''
Invoke-expression -Command $command_construct
}
else{
Write-Host "nothing done"
}
}

Function ConfigureWINRM {
$state_of_WinRM_https = CheckWinRMHTTPSConfiguration
if($state_of_WinRM_https -eq $true){
Write-Host "Deleteing existing winrm https"
Invoke-Expression -Command 'winrm delete winrm/config/listener?Address=*+Transport=HTTPS';
ConfigureWinRMwithPROJECTAACertificate_https
}
else
{
Write-Host "configuring https listener for winrm"
ConfigureWinRMwithPROJECTAACertificate_https
}
}
Function Update_grouppolicy{
invoke-expression -Command 'gpupdate /force /wait:-1 /target:computer' -OutVariable gpupdate_output
Start-Sleep -Seconds 300
}
$output_Update_grouppolicy = Update_grouppolicy
if ($output_Update_grouppolicy -match "Computer Policy update has completed successfully"){
Write-Host "Computer Policy update has completed successfully"
Write-Host "Configuring winrm with https..."
ConfigureWINRM}
else { Write-Host "Group policy did not updated successfully. Thus winrm configuration with https is skipped."}
windows

1 个回答

  1. Best Answer

    根据添加的脚本进行编辑:

    winrm在 powershell(又名)中运行%windir%\system32\winrm.cmd将使用 powershell 的当前工作目录启动 cmd 进程。如果 powershell 的当前目录是 UNC 路径,您将看到该错误。您可以在本地 powershell 中重新创建它:

    PS C:\> cd \\server\share\
PS Microsoft.PowerShell.Core\FileSystem::\\server\share> winrm help
winrm : '\\server\share'
At line:1 char:1
+ winrm help
+ ~~~~~~~~
    + CategoryInfo          : NotSpecified: ('\\mifp-fspr01\SharedFiles':String) [], RemoteException
    + FullyQualifiedErrorId : NativeCommandError
 
CMD.EXE was started with the above path as the current directory.
UNC paths are not supported.  Defaulting to Windows directory.
[...]

    您可以通过将 powershell 脚本设置为在运行winrm命令之前更改为本地路径来停止生成错误。cd X:\或者cd C:\,取决于命令运行的步骤

    检查Start in:任务序列的部分。CMD(MDT 从中启动 powershell)不支持像\\1.2.3.4\当前目录那样的 UNC 路径。这是戴尔的屏幕截图示例:

    MDT命令行启动于

    该错误只是警告您 CMD 默认在 windows 文件夹中启动。这无关紧要,因为该命令使用完整路径而不是像这样的相对路径./myScript.ps1

    如果您想停止看到错误,只需将Start in:位置设置为本地路径,例如X:\C:\

    • 0

相关问题