Remoting and registry

  • Issue

I’ve recently encountered a weird issue while using Windows PowerShell Remoting.

Using a the following

New-PSSession -ComputerName RemoteServer

failed with the following message:
New-PSSession : Requested registry access is not allowed.
+ FullyQualifiedErrorId : PSSessionOpenFailed

and

icm -ComputerName RemoteServer -Authentication Kerberos { 1 }

failed with the following message:
Requested registry access is not allowed.
+ FullyQualifiedErrorId : PSSessionStateBroken

Sorry, what’s the link between Remoting and the registry?

  • Solution

Well, it appears that I cannot open a logon session on the remote server as well.
Remoting isn’t the culprit. Neither is the version of PowerShell nor the version of the operating system as I suspected initially.
I could also use remoting properly when I provided other credentials in the same shell where it previously failed.

It appears that the User profile service tells us what’s missing:

Windows cannot load classes registry file.
DETAIL – The system cannot find the file specified.

Yes, I can see that there’s no AppData\Local\Microsoft\Windows\UsrClass.dat in the profile.

I deleted the “corrupted” profile and the issue went away 🙂

  • How to better detect this issue?

On the client (source shell), WSMAN has some difficulties to delete the shell (that never opened, I presume)

On the server (target server),

You can use the following code to detect it on the remote server.

Get-WinEvent -FilterHashtable @{ 
    LogName = "Windows PowerShell" ;
    Level = 2 ;
    Id = 103 
}

Windows PowerShell remoting rocks when the registry doesn’t fail 😉 Have fun 😎

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.