- Issue
I’ve recently encountered a weird issue while using Windows PowerShell Remoting.
Using a the following
New-PSSession -ComputerName RemoteServer
failed with the following message:
New-PSSession : Requested registry access is not allowed.
+ FullyQualifiedErrorId : PSSessionOpenFailed
and
icm -ComputerName RemoteServer -Authentication Kerberos { 1 }
failed with the following message:
Requested registry access is not allowed.
+ FullyQualifiedErrorId : PSSessionStateBroken
Sorry, what’s the link between Remoting and the registry?
- Solution
Well, it appears that I cannot open a logon session on the remote server as well.
Remoting isn’t the culprit. Neither is the version of PowerShell nor the version of the operating system as I suspected initially.
I could also use remoting properly when I provided other credentials in the same shell where it previously failed.
It appears that the User profile service tells us what’s missing:
Windows cannot load classes registry file.
DETAIL – The system cannot find the file specified.
Yes, I can see that there’s no AppData\Local\Microsoft\Windows\UsrClass.dat in the profile.
I deleted the “corrupted” profile and the issue went away 🙂
- How to better detect this issue?
On the client (source shell), WSMAN has some difficulties to delete the shell (that never opened, I presume)
On the server (target server),
You can use the following code to detect it on the remote server.
Get-WinEvent -FilterHashtable @{ LogName = "Windows PowerShell" ; Level = 2 ; Id = 103 }
Windows PowerShell remoting rocks when the registry doesn’t fail 😉 Have fun 😎