Hello all,
I am calling a powershell script using the "invoke external script" workflow and getting an authentication failure. I'm using kerberos authentication with WinRM. The script itself makes a remote connection to Citrix XenDesktop as the user the script is run as and the shared service account has the appropriate permissions. The script does work without error if I log in to the server using the service account I'm using for the shared account in the powershell plug-in.
Here is an example of the error:
[2014-05-09 16:41:20.481] [I] PowerShellInvocationError: Errors found while executing script
Citrix.Broker.Admin.SDK.SdkOperationException: The caller was not authenticated by the service. ---> System.ServiceModel.Security.SecurityNegotiationException: The caller was not authenticated by the service. ---> System.ServiceModel.FaultException: The request for security token could not be satisfied because authentication failed.
I'm scratching my head on this one, any insight or tips would be greatly appreciated!
Thanks!
Sound like you are hitting PowerShell multihop issue.
Check here for brief explanation http://blogs.technet.com/b/heyscriptingguy/archive/2013/04/04/enabling-multihop-remoting.aspx
Note that PowerShell plugin does not support CredSSP authentication and you will need to come up with alternative solution.
Check also this thread which I believe is for similar issue.
Hello igaydajiev,
That was the exact issue and I was able to come up with a workaround similar to the thread you posted, I just forgot to come back and update this thread. Thanks for the reply.
-Jake