Authentication issue when calling PowerShell scrip...

JakeP · ‎05-10-2014

Hello all,

I am calling a powershell script using the "invoke external script" workflow and getting an authentication failure. I'm using kerberos authentication with WinRM. The script itself makes a remote connection to Citrix XenDesktop as the user the script is run as and the shared service account has the appropriate permissions. The script does work without error if I log in to the server using the service account I'm using for the shared account in the powershell plug-in.

Here is an example of the error:

[2014-05-09 16:41:20.481] [I] PowerShellInvocationError: Errors found while executing script

Citrix.Broker.Admin.SDK.SdkOperationException: The caller was not authenticated by the service. ---> System.ServiceModel.Security.SecurityNegotiationException: The caller was not authenticated by the service. ---> System.ServiceModel.FaultException: The request for security token could not be satisfied because authentication failed.

I'm scratching my head on this one, any insight or tips would be greatly appreciated!

Thanks!

igaydajiev · ‎05-20-2014

Sound like you are hitting PowerShell multihop issue.

Check here for brief explanation http://blogs.technet.com/b/heyscriptingguy/archive/2013/04/04/enabling-multihop-remoting.aspx

Note that PowerShell plugin does not support CredSSP authentication and you will need to come up with alternative solution.

igaydajiev · ‎05-20-2014

Check also this thread which I believe is for similar issue.

vCO PowerShell plug-in access is denied

JakeP · ‎05-20-2014

Hello igaydajiev,

That was the exact issue and I was able to come up with a workaround similar to the thread you posted, I just forgot to come back and update this thread. Thanks for the reply.

-Jake

All

Authentication issue when calling PowerShell script via workflow?