powershell Set-LocalUser密码不适用于列表中的一台计算机,但几分钟前它还可以工作

tv6aics1  于 2023-03-23  发布在  Shell
关注(0)|答案(1)|浏览(140)

给定:
PowerShell 5.1
Windows Server 2016标准版
我正在使用PowerShell 5.1 Set-LocalUser为我的几台计算机设置密码。昨天和今天我都在测试,它一直运行良好。突然,它对其中一台计算机不起作用。有什么想法吗?我在事件日志中没有看到任何内容

Invoke-Command -ComputerName Computer1,Computer2 -Credential $credential -ScriptBlock {
    $securePassword = ConvertTo-SecureString -String 'P@$$w0rd123' -AsPlainText -Force
    Set-LocalUser -Name User1 -Password $securePassword -Verbose
}

错误信息:

[Computer2] Connecting to remote server Computer2 failed with the following error message : WinRM 
cannot process the request. The following error with errorcode 0x80090311 occurred while using Kerberos authentication: We can't sign you 
in with this credential because your domain isn't available. Make sure your device is connected to your organization's network and try 
again. If you previously signed in on this device with another credential, you can sign in with that credential.  
 Possible causes are:
  -The user name or password specified are invalid.
  -Kerberos is used when no authentication method and no user name are specified.
  -Kerberos accepts domain user names, but not local user names.
  -The Service Principal Name (SPN) for the remote computer name and port does not exist.
  -The client and remote computers are in different domains and there is no trust between the two domains.
 After checking for the above issues, try the following:
  -Check the Event Viewer for events related to authentication.
  -Change the authentication method; add the destination computer to the WinRM TrustedHosts configuration setting or use HTTPS transport.
 Note that computers in the TrustedHosts list might not be authenticated.
   -For more information about WinRM configuration, run the following command: winrm help config. For more information, see the 
about_Remote_Troubleshooting Help topic.
    + CategoryInfo          : OpenError: (Computer2:String) [], PSRemotingTransportException
    + FullyQualifiedErrorId : AuthenticationFailed,PSSessionStateBroken
hjzp0vay

hjzp0vay1#

听起来像是一个*短暂的 * 失败,就像错误消息的这一部分所暗示的那样(强调是添加的):
使用Kerberos身份验证时发生以下错误,错误代码为0x80090311:我们无法使用此凭据让您登录**,因为您的域不可用**。
然而,这也可能是由于先前使用 * 不同的 * 凭证连接:
如果您之前使用其他凭据登录此设备,则可以使用该凭据登录。
要了解有关特定错误的详细信息,请执行以下操作:

无法联系任何授权机构进行身份验证。
进行身份验证的一方的域名可能是错误的,该域可能无法访问,或者可能存在信任关系失败。

相关问题