Last active
July 26, 2024 18:36
-
-
Save joegasper/129dbf41dc9a5d42c8eef8daa97f08e7 to your computer and use it in GitHub Desktop.
Revisions
-
joegasper revised this gist
Jul 26, 2024 . 1 changed file with 53 additions and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1 +1,53 @@ # How to remotely install RSAT tools with PowerShell ## How to get around Access Denied COM object issue ```PowerShell Access is denied. + CategoryInfo : NotSpecified: (:) [Add-WindowsCapability], COMException + FullyQualifiedErrorId : Microsoft.Dism.Commands.AddWindowsCapabilityCommand ``` ### Set up a virtual account on the remote computer ```PowerShell $comp = 'the-remote-pc-name' # Connect to the remote computer Enter-PSSession $comp # Set up an unrestricted account configuration file: New-PSSessionConfigurationFile -RunAsVirtualAccount -Path $env:TEMP\VirtualLocalAdmin.pssc # Might need to reconnect after the following: Register-PSSessionConfiguration -Name 'VirtualLocalAdmin' -Path $env:TEMP\VirtualLocalAdmin.pssc -Force # List the config permissions: Get-PSSessionConfiguration -Name 'VirtualLocalAdmin' # The accounts/groups listed will have unrestricted access to the system via remote PowerShell. # Using this virtual account will be acting as if a fully local admin. Exit ``` ### From your local workstation connect to the remote computer and install RSAT tools ```PowerShell # Connect to the remote computer using the virtual account Enter-PSSession $comp -ConfigurationName 'VirtualLocalAdmin' # Pick one - all RSAT tools or the example of just ADUC: # Add-WindowsCapability -Online -Name 'Rsat*' -Verbose # Add-WindowsCapability -Online -Name 'Rsat.ActiveDirectory.DS-LDS.Tools~~~~0.0.1.0' -Verbose # Output when successful: # Online : True # RestartNeeded : False Exit ``` ### Clean up the virtual account configuration ```PowerShell # Connect to the remote computer Enter-PSSession $comp # Unregister the virtual account configuration Unregister-PSSessionConfiguration -Name 'VirtualLocalAdmin' # Remove the configuration file Remove-Item $env:TEMP\VirtualLocalAdmin.pssc Exit ``` -
Jul 26, 2024 . 1 changed file with 1 addition and 53 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,53 +1 @@ r -
Jul 26, 2024 . 1 changed file with 1 addition and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -37,6 +37,7 @@ Enter-PSSession $comp -ConfigurationName 'VirtualLocalAdmin' # Output when successful: # Online : True # RestartNeeded : False Exit ``` ### Clean up the virtual account configuration -
Jul 26, 2024 . 1 changed file with 52 additions and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1 +1,52 @@ # How to remotely install RSAT tools with PowerShell ## How to get around Access Denied COM object issue ```PowerShell Access is denied. + CategoryInfo : NotSpecified: (:) [Add-WindowsCapability], COMException + FullyQualifiedErrorId : Microsoft.Dism.Commands.AddWindowsCapabilityCommand ``` ### Set up a virtual account on the remote computer ```PowerShell $comp = 'the-remote-pc-name' # Connect to the remote computer Enter-PSSession $comp # Set up an unrestricted account configuration file: New-PSSessionConfigurationFile -RunAsVirtualAccount -Path $env:TEMP\VirtualLocalAdmin.pssc # Might need to reconnect after the following: Register-PSSessionConfiguration -Name 'VirtualLocalAdmin' -Path $env:TEMP\VirtualLocalAdmin.pssc -Force # List the config permissions: Get-PSSessionConfiguration -Name 'VirtualLocalAdmin' # The accounts/groups listed will have unrestricted access to the system via remote PowerShell. # Using this virtual account will be acting as if a fully local admin. Exit ``` ### From you local workstation connect to the remote computer and install RSAT tools ```PowerShell # Connect to the remote computer using the virtual account Enter-PSSession $comp -ConfigurationName 'VirtualLocalAdmin' # Pick one - all RSAT tools or the example of just ADUC: # Add-WindowsCapability -Online -Name 'Rsat*' -Verbose # Add-WindowsCapability -Online -Name 'Rsat.ActiveDirectory.DS-LDS.Tools~~~~0.0.1.0' -Verbose # Output when successful: # Online : True # RestartNeeded : False ``` ### Clean up the virtual account configuration ```PowerShell # Connect to the remote computer Enter-PSSession $comp # Unregister the virtual account configuration Unregister-PSSessionConfiguration -Name 'VirtualLocalAdmin' # Remove the configuration file Remove-Item $env:TEMP\VirtualLocalAdmin.pssc Exit ``` -
Jul 26, 2024 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1 @@