PowerShell
The PowerShell forum accepts bug reports as well as feedback and suggestions. For more information, check out the PowerShell Homepage
The following is a list of the states we use to track items.
status | meaning |
---|---|
survey | We saw this and we are considering it. Please upvote if it’s important to you. |
needs more information | We don’t understand the issue and need additional details. |
investigating | We are looking at this internally to understand things like: scenario, reproduction of issue, costing, or other technical details. |
in queue | The issue is understood and in our unprioritized backlog. Your votes will be used to drive prioritization of this work. |
-
MBOX to EML Converter tool
If you want to convert MBOX files into EML file format then, you need a third-party tool that quickly performs this migration, and the Shoviv MBOX Converter tool is the best answer for this type of queries.
Shoviv MBOX Converter tool easily converts MBOX to PST, MSG, and EML file format with preserving EMLproperties as it.Read more:https://writeapp.me/patrickroggers/note/convert-mbox-to-pst
1 vote -
BUG: JEA -user should not be able to bypass cmdlet restrictions
Presently, if JEA is enabled on target server with cmdlet restrictions for a user account 'user1' - then if the user1 sends command construct with below structure then irrespective of cmdlet restrictions - user1 is able to obtain administrative privelege. This should be fixed as anyone can misuse the JEA features.
Command structure (where this issue is noticed):
Invoke-command -Computername 'computername' -ScriptBlock {
$result={put your cmdlets script here}
}1 vote -
JEA Endpoint defined via DSC causes WinRM service hanging in state 'stopping'
JEA Endpoint defined via DSC causes WinRM service hanging in state 'stopping'
This issue is still present after first reported 3 years ago
1 vote -
Please enable port forwarding within PowerShell
The very cool features on linux is about the port forwarding when we ssh to a remote server.
I hope PowserShell come with these cool things.10 votes -
SeServiceLogonRight is not getting cleaned up after exiting JEA session
I have an issue with Just Enough Administration and Windows 2012 R2, where when I have the 'Run As Virtual account' set to true, it does not clean up after itself. The temporary virtual account is left in 'Logon as a service'. this can be viewed from the local security policy.
2 votes -
Possible Bug: Mapping persistent drives with New-PSDrive using WINRM sessions
I am trying to map persistent drives using New-PSDrive on a remote winrm session, but when I opened a new session the mapping driver got the status of "Unavailable". I am using CREDSSP
Session A creating the mapping
$credentials = Get-Credential user
$session = New-PSSession -ComputerName Server1 -Credential $credentials -Authentication CredSSP
$computername = "Server2"
Invoke-Command -Session $session -ScriptBlock {
param($computername)
New-PSDrive -PSProvider FileSystem -Name "X" -Root "\$computername\scripts" -Persist -Verbose -Scope Global
} -ArgumentList $computernameSession B checking the mapping
$credentials = Get-Credential user
$session = New-PSSession -ComputerName Server1 -Credential $credentials -Authentication CredSSP
$computername = "Server2"Invoke-Command -Session $session -ScriptBlock { …
2 votes -
WinRM
Possible Bug WFM 5.1 with WinRM via Command line. (Can provide Screenshots of issue)
When trying to authenticate to WinRM via command line receive the following error using password with ^ as a special character.
Example Command:
winrm id -r:https://servname:5986 -a:Kerberos -u:serviceaccount@localdomain.local -p:gt^qB%CxkaSQ -encoding:utf-8
Error:
WSManFaultMessage = The user name or password is incorrect.
Error number: -2147023570 0x8007052E
When change ^ to ! receive the following output:
C:\Users\shawns>winrm id -r:https://servername:5986 -a
:Kerberos -u:serviceaccount@localdomain.local -p:gt!qB%CxkaSQ -encoding:ut
f-8
IdentifyResponse
…ProtocolVersion = <a rel="nofollow noreferrer" href="http://schemas.dmtf.org/wbem/wsman/1/wsman.xsd">http://schemas.dmtf.org/wbem/wsman/1/wsman.xsd</a>
ProductVendor = Microsoft Corporation
ProductVersion = OS: 6.3.9600 SP: 0.0 Stack: 3.01 vote -
WMF 5.1 RestrictedRemoteServer session type fails to import the 'Microsoft.PowerShell.Utility' module
When importing this module in a restricted session type or when making a function or a cmdlet from this module visible, i.e:
VisibleFunctions = 'Get-FileHash'
the following message is returned:
WARNING: The 'Microsoft.PowerShell.Utility' module was not imported because the 'Microsoft.PowerShell.Utility' snap-in was already imported.
In practice, the module is not being imported.
Get-PSSnapin shows that a snapin with the same name is indeed loaded:
Name : Microsoft.PowerShell.Utility
PSVersion : 5.1.14409.1005
Description : This Windows PowerShell snap-in contains utility
cmdlets that are used to view and organize data in different ways.
but exposes no commands
Get-PSSnapin from a regular (not remote)…13 votesThis report is a bit confusing, so need some information.
On the system where you received this error, please try running any of the commands from Microsoft.PowerShell.Utility, such as get-member, or get-date. The error message and the information you provided seems to indicate that the module is already loaded, so we are looking for other indications that it is not. -
Enable WINRM certificate mapping for domain user
Currently I need to manage Windows DNS server. I would like to use a client certificate to connect to WinRM to manage it, since I want to expose it in RESTful interface. But WINRM certificate mapping only allows non-domain account.
2 votes -
Add A "Start In" Directory for Enter-PSSession
By default, we are placed into Documents (at least I am), then have to change directories. It would be nice to be able to specify a directory we'd like to start in using Enter-PSSession.
19 votes -
JEA is difficult for delegates to use without tab completion
By default tab completion is disabled in JEA endpoints- and there is no guidance on how (or if) it can be enabled safely.
Without tab completion it is
1. Harder to discover available commands (no Get-<tab>)
2. Harder to execute available commands with correct parameter name spelling etc.
3. Harder to populate correct values (e.g., no help with ValidateSet scenarios)
This all works against the applicability of JEA for delegation scenarios where a less expert sub-admin has to blindly type out a potentially complex and unfamiliar command.
Please make some basic level of tab completion work by default, and please…7 votes -
Block WinRM operations during servicing
The WinRM service starts normally and accepts requests during component servicing operations (eg, "Working on Updates", "Working on Features" screens after a post-update/feature-change reboot). This causes problems for configuration management in cases where the servicing process triggers further reboots, especially since there doesn't appear to be a documented way to determine that servicing is underway. WinRM should either wait to accept requests until servicing is complete, or a way for third-party tools to determine that servicing is underway from Powershell should be documented.
2 votes -
Get-PSSessionCapability returns capabilities even when the speficied user doesn't have permissions to connect to the session
The documentation on Get-PSSessionCapability states it returns information (capabilities) on the session configuration the specified username has on it, but it also returns it for a SessionConfiguration (created with a pssc file) when it wasn't created with a RoleDefinition, no matter if the specified user can or cannot access it.
I would expect it not to return any information for that SessionConfiguration, or have a property that indicates the specified doesn't have the required permissions (invoke / fullcontrol).4 votes -
Server 2012R2 winrm https listener autocertificate reneval
If you enable an https listener on a server and use it with an autoenrolled certificate, the listener will not be updated when the new autoenrollment takes place as the thumbprint will be hardcoded to the listener. This makes the technologie to use an https listener on all your servers to a big administrative burden as you have to keep the listeners up-to-date. Please develop some solution that this certificate will stay up-to-date with each new autoenrollment (like with a scheduled task which starts after autoenrollment scheduled task)
Thanks
Max
43 votes -
WinRM should register it's proper SPN
The WinRM service should register the HTTP/computername:5985 and HTTP/computername.fqdn:5985 (or configured port) SPNs so that clients can locate the proper Kerberos principal to authenticate against. Currently anything that uses Kerberos over http:80 can claim its valid SPN and break Kerberos authentication for WinRM.
31 votes -
Get-WSManCredssp should return an object
Microsoft.WSMan.Management\Get-WSManCredssp currently returns a string describing the WSMan state instead of an object with properties that can be used programmatically. Perhaps something like:
ClientEnabled: $true
ServerEnabled: $false
DelegateComputer: [ "wsman/*.contoso.com" ]1 vote -
WMF/WinRM 5.1 System File version issues after installing KB4103724
My operating system environment is W8.1/WS12R2 with Windows Mangagement Framework 5.1 installed
After installing KB4103724 (May, 2018 Preview of monthly Rollup for NT6.3), I found that some of the files in WMF/WINRM 5.1 were changed, and those changes were not listed on the update history.
Let me say a few questions about this change:
1: Generally speaking, the monthly Summary preview update is used to resolve performance and reliability issues, but this update history does not list the changes in WMF/WINRM 5.1. The affected file in WMF/WINRM 5.1 is listed only in file information for update 4103724.
2: I noticed…
1 vote -
Can we have test-wsman available?
Running PS in mac
1 vote -
Register-PSSessionConfiguration -WarningAction SilentlyContinue does not suppress warning text
When creating a JEA endpoint with the following command:
Register-PSSessionConfiguration -WarningAction SilentlyContinue ...
The warning about restarting the WinRM service is still displayed. The expected action is for the SilentlyContinue argument to suppress any warnings. This occurs every time.
The workaround here is to use the -NoServiceRestart switch and then restart the WinRM service manually.
Behavior is observed on Server 2016 with PSVersion 5.1.14393.0.
Thanks,
J.
1 vote -
PowerShell: Unable to reconnect disconnected PSSession when PSRemotingProtocolVersion does not match
From a win7 or win10 workstation running PS5 I can create a PSRemoting session (new-pssession) to a server running PS4. But if that session should become disconnected, I'm unable to reconnect (or receive) the session, receiving, instead the following error:
Receive-PSSession : Connecting to remote server hsfsrpw001 failed with the following error message : The server that is running
Windows PowerShell does not support connect operations on the protocolversion 2.3 that is negotiated by the client computer. Make
sure the client computer is compatible with the build 6.3.9600.17400 and the protocol version 2.2 of Windows PowerShell. For more
information, see…2 votes
- Don't see your idea?