syntax error

Glenn Maxwell 10,046 Reputation points
2021-11-08T20:47:04.92+00:00

Hi All

i am using the below syntax. i am connected to server01 and trying to execute the below syntax.
i.e i am connected to server01 and remoting it to server02 and executing.
when i directly run on server02 i dont see any issue but facing issue with remoting. i have also installed dns module on server01
I am using Account01 and when prompted for credentials i am giving it.
i am getting error Failed to get the zone information for mydomain.com mydc01

Windows Server 2019
Windows Server 2019
A Microsoft server operating system that supports enterprise-level management updated to data storage.
3,442 questions
Windows Server 2016
Windows Server 2016
A Microsoft server operating system that supports enterprise-level management updated to data storage.
2,368 questions
Windows DHCP
Windows DHCP
Windows: A family of Microsoft operating systems that run across personal computers, tablets, laptops, phones, internet of things devices, self-contained mixed reality headsets, large collaboration screens, and other devices.DHCP: Dynamic Host Configuration Protocol (DHCP). A communications protocol that lets network administrators manage centrally and automate the assignment of Internet Protocol (IP) addresses in an organization's network.
1,021 questions
Windows Server PowerShell
Windows Server PowerShell
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.PowerShell: A family of Microsoft task automation and configuration management frameworks consisting of a command-line shell and associated scripting language.
5,354 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,378 questions
0 comments
Accepted answer
  1. Rich Matheisen 44,621 Reputation points
    2021-11-09T15:13:55.587+00:00

    I think you'll find that you're encountering the "Second Hop" problem. You can't use the credentials passed from local machine to SERVER02 when your Get-DnsServerResourceRecord tries to connect to MYDC01. The cmdlet uses WMI/CIM and it's probably being denied permission. The reason, I'm guessing, is probably an error "5" or "1722". 

    # create session from local machine (machine #1) to SERVER02 (machine #2)
$session = New-PSSession -ComputerName server02 -Credential Account01
# Run Invoke-Command on SERVER02 (machine #2)
Invoke-Command -Session $session -ScriptBlock {
    try {
        Write-Host $env:COMPUTERNAME;
        # Try connecting to MYDC01 (machine #3) from Server02 (machine #2)
        $dnsrecords = Get-DnsServerResourceRecord -ZoneName mydomain.com -ComputerName mydc01 -ErrorAction Stop | 
            Where-Object { $_.RecordType -eq "A" -Or $_.RecordType -eq "CNAME" } | 
                ConvertTo-Json
        Write-Host $dnsrecords
        # Note: $dnsrecords never returned to SERVER02!
    }
    catch {
        $_  # return $Error[0] to Server02
    }
}
# remove session with SERVER02 (machine #2)
Remove-PSSession -session $session
    0 comments

6 additional answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Rich Matheisen 44,621 Reputation points
    2021-11-08T22:23:03.023+00:00

    This looks just like the problem posted by @Mda Khmm with the subject "unable to fetch the information" (unable-to-fetch-the-information.html)

    I'll ask for the same information I did in that topic:

    How about posting the error message? The FullyQualifiedErrorId might be telling you what the problem is.

    Change line 9 in your script to just "$<underbar>" instead of "Failed".

    0 comments
  2. Glenn Maxwell 10,046 Reputation points
    2021-11-09T01:30:11.727+00:00

    line 9 can i use in this format
    return "Failed: $Error[0]"

  3. Glenn Maxwell 10,046 Reputation points
    2021-11-09T03:43:58.893+00:00

    please help in editing the syntax

    0 comments
  4. Glenn Maxwell 10,046 Reputation points
    2021-11-09T16:40:06.18+00:00

    i am using domain admin account but still i am getting the below error

    $session = New-PSSession -ComputerName server02 -Credential account1
    Invoke-Command -Session $session -ScriptBlock {
    try {
    Write-Host $env:COMPUTERNAME;
    $dnsrecords = Get-DnsServerResourceRecord -ZoneName mydomain.com -ComputerName mydc01 -ErrorAction Stop | Where-Object { $.RecordType -eq "A" -Or $.RecordType -eq "CNAME" } | ConvertTo-Json
    Write-Host $dnsrecords
    }
    catch {
    $_
    }
    }
    Remove-PSSession -session $session
    server02
    Get-DnsServerResourceRecord : Failed to get the zone information for mydomain.com on server mydc01.
    At line:4 char:15

    • ... nsrecords = Get-DnsServerResourceRecord -ZoneName mydomain.com ...
    • ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    • CategoryInfo : PermissionDenied: (mydomain.com:root/Microsoft/...rResourceRecord) [Get-DnsServerResourceRecord], CimException
    • FullyQualifiedErrorId : WIN32 5,Get-DnsServerResourceRecord