Execute PowerShell on Remote Computer

Have you verified that DNS information is correct?  If you're supplying a name to the -computername parameter, and that name doesn't resolve or resolves to a different IP than you're intending, that could be the problem.

Hi Axishk,

On the remote computer, you can test if the remoting has been sucesfully enabled with :
 "Enter-PSSession -ComputerName localhost"
That should give you a new PS session - if not that would give further clues.

Remotely, does a "test-wsman" succeed?
   e.g. test-wsman -computername your_server_name_here

If the Enter-PSSession succeeds but the test-wsman fails also returning RPC server is unavailable, can you ping and browse shares etc?

Are both machines members of the same domain?

Regards,
Alastair.

On a remote computer
---------------------------------
Windows PowerShell
Copyright (C) 2012 Microsoft Corporation. All rights reserved.

PS C:\Users\Administrator.KTL> Enter-pssession -computername localhost
[localhost]: PS C:\Users\Administrator.KTL\Documents>


On a calling computer (where script will be run)
------------------------------------------------------------------
Windows PowerShell
Copyright (C) 2009 Microsoft Corporation. All rights reserved.

PS C:\Users\administrator.KTL> test-wsman -computername 10.0.23.60


wsmid           : http://schemas.dmtf.org/wbem/wsman/identity/1/wsmanidentity.xsd
ProtocolVersion : http://schemas.dmtf.org/wbem/wsman/1/wsman.xsd
ProductVendor   : Microsoft Corporation
ProductVersion  : OS: 0.0.0 SP: 0.0 Stack: 3.0



PS C:\Users\administrator.KTL> ping 10.0.23.60

Pinging 10.0.23.60 with 32 bytes of data:
Reply from 10.0.23.60: bytes=32 time<1ms TTL=128
Reply from 10.0.23.60: bytes=32 time<1ms TTL=128

Ping statistics for 10.0.23.60:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
Control-C
PS C:\Users\administrator.KTL>

On a calling computer running the script
--------------------------------------------------------
PS C:\scripts\chkdisk> .\chkdisk.ps1
Get-WmiObject : The RPC server is unavailable. (Exception from HRESULT: 0x800706BA)
At C:\scripts\chkdisk\ChkDisk.ps1:1 char:22
+ $body = Get-WmiObject <<<<  Win32_LogicalDisk -filter "DriveType=3" -computer (Get-Content .\computer.csv) | Select S
ystemName,DeviceID, @{Name="Free (%)";Expression={"{0:N0}" -f (($_.freespace /1gb) / ($_.size /1gb) * 100) }}, @{Name="
Size (GB)";Expression={"{0:N1}" -f($_.size/1gb)}},@{Name="Free (GB)";Expression={"{0:N1}" -f($_.freespace/1gb)}} |
    + CategoryInfo          : InvalidOperation: (:) [Get-WmiObject], COMException
    + FullyQualifiedErrorId : GetWMICOMException,Microsoft.PowerShell.Commands.GetWmiObjectCommand

Thanks AXISH,

So that all looks good and we can see that the script is trying to get the computer name from the file "computer.csv"

Let's look at the computer.csv file next.   Do we have permissions to it?  We could add a line at the start of do a "get-content .\computer.csv" to make sure it can be output OK.

Also worth checking the format of the csv file itself/

We could replace the get-contect .\computer.csv with the machine name directly to make sure it's ok that way.

Regards,
Alastair.

It may be worth noting that the communication from something like
get-wmiobject Win32_LogicalDisk -computername somecomputer
is different than PS Remoting.  It uses WMI and RPC (TCP 135 and dynamic ports) while PS Remoting uses TCP 5985 (when using the default HTTP).  May be helpful when you decide to turn the firewall back on.

Firewall has been turned off during the testing and it doesn't help. Hence, I have already turned it on again.

Have completely no idea why these few servers doesn't work....  

Tks

Have you tried running the command explicitly with the servername rather that via the get-content?

Regards,
Alastair.

That's a good hint (again). With WMI you will get the RPC error if you provide a wrong address. Get-Content might return more than a computer name only, or additional spaces or other characters.

I use IP address and I'm sure there is no typo error or additional space there....

Tks

So just running a simple oneliner like the following still fails with RPC server unavailable :
   get-wmiobject Win32_LogicalDisk -computername targetcomputername

Are there any errors reported in the security event log of the target machine?

If you are able to put netmon/wireshark on the target machine, if would be interesting to do a trace to ensure that at least some DCOM/WMI communication is taking place.

Is time in sync between to two machines?  As well as connectivity issues, RPC server unavailable can be due to authentication failues resulting from clocks being skewed.

Regards,
Alastair.

The powershell script can be run locally on the remote server. There is no error logged in the security event. And the clock and regional setting is correct.

And what about    get-wmiobject Win32_LogicalDisk -computername targetcomputername, both on a different and the "local" machine "targetcomputername"?

An interesting discovery, if I use host name, it works fine. However, it doesn't work on ip address. Ping test can resolve everything perfect. Any idea ?  Tks

PS C:\scripts\test> get-wmiobject Win32_LogicalDisk -computername portalbi


DeviceID     : A:
DriveType    : 2
ProviderName :
FreeSpace    :
Size         :
VolumeName   :

DeviceID     : C:
DriveType    : 3
ProviderName :
FreeSpace    : 34964590592
Size         : 85530243072
VolumeName   :

DeviceID     : D:
DriveType    : 5
ProviderName :
FreeSpace    :
Size         :
VolumeName   :



PS C:\scripts\test> get-wmiobject Win32_LogicalDisk -computername 10.0.23.60
Get-WmiObject : The RPC server is unavailable. (Exception from HRESULT: 0x80070
6BA)
At line:1 char:14
+ get-wmiobject <<<<  Win32_LogicalDisk -computername 10.0.23.60
    + CategoryInfo          : InvalidOperation: (:) [Get-WmiObject], COMExcept
   ion
    + FullyQualifiedErrorId : GetWMICOMException,Microsoft.PowerShell.Commands
   .GetWmiObjectCommand

PS C:\scripts\test> ping portalbi

Pinging portalbi.abc.com.hk [10.0.23.60] with 32 bytes of data:
Reply from 10.0.23.60: bytes=32 time<1ms TTL=128
Reply from 10.0.23.60: bytes=32 time=1ms TTL=128
Reply from 10.0.23.60: bytes=32 time<1ms TTL=128
Reply from 10.0.23.60: bytes=32 time<1ms TTL=128

Ping statistics for 10.0.23.60:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 1ms, Average = 0ms
PS C:\scripts\test>

While I try to find a reason - is that behaviour the same on a remote (<> "portalbi") and the local ("portalbi") PC?

I don't know the reason for this, but the only thing I can think of offhand that changes when you use an IP vs. a name is the authentication type.  Kerberos (unless I'm recalling incorrectly) doesn't work with IP addresses, so NTLM will be used.

Does the command succeed if you put a period at the end of the IP?
get-wmiobject Win32_LogicalDisk -computername 10.0.23.60.

'get-wmiobject Win32_LogicalDisk -computername 10.0.23.60. ' works fine. Any idea ?

tks