Invoke-Command 和直接查询的区别 [英] Difference between Invoke-Command and query directly
问题描述
我目前正在编写一个从服务器查询磁盘信息的脚本.我遇到了一个问题,我真的不知道这里发生了什么.愿你能帮助我.
以下代码有效(已替换 ComputerName):
$space1 = Invoke-Command -ComputerName "xxxxxx" -ScriptBlock {Get-WmiObject -Class Win32_LogicalDisk -Filter "DeviceID='C:'"}此代码运行良好,可能需要大约 2 秒才能执行.经过一些试验,我找到了一种可以更快地查询它的方法.对于所有其他服务器,它工作正常,但对于此服务器,它根本不起作用.代码如下:
$space1 = Get-WmiObject -ComputerName "xxxxxx" -Class Win32_LogicalDisk -Filter "DeviceID='C:'"此代码运行大约需要 40 秒,然后以以下错误结束:
<前>Get-WmiObject:RPC 服务器不可用.(来自 HRESULT 的例外:0x800706BA)在行:1 字符:10+ $test1 = Get-WmiObject -ComputerName "xxxxxx" -Class Win32_LogicalD ...+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~+ CategoryInfo : InvalidOperation: (:) [Get-WmiObject], COMException+ FullQualifiedErrorId : GetWMICOMException,Microsoft.PowerShell.Commands.GetWmiObjectCommand有人可以向我解释为什么它可以与 Invoke-Command 一起工作,但当我在 Get-WmiObject 上使用 ComputerName 参数时却不能直接地?如前所述,对于我所有的其他服务器,这都可以正常工作,而且代码速度更快,因此我想始终使用此代码.
到目前为止我所做的:
- 我检查了服务器的 DNS 并测试了类似的命令.
- 尝试了其他一些 WmiObject 命令,似乎 RPC 总是不可用.
我认为问题可能是:
我认为服务器上禁用了 RPC 协议.有人知道如何检查吗?还没有找到任何通过 Google 有效的东西...
什么看起来很特别:
CimInstance 命令有效.他们是否也使用 RPC 协议,还是使用其他协议?没有找到关于那个的任何信息.这是我测试的代码:
Get-CimInstance -ComputerName "ccccc" -ClassName Win32_OperatingSystemMicrosoft 的 WMI 故障排除指南将该错误归类为防火墙问题:
<块引用>错误0x800706BA–HRESULT_FROM_WIN32(RPC_S_SERVER_UNAVAILABLE)
防火墙问题或服务器不可用.
可能的问题
计算机确实不存在 Windows 防火墙阻止了连接
解决方案
连接到 Vista:netsh advfirewall firewall set rule group="windows management instrumentation (wmi)" new enable=yes.连接到下层:允许 Windows 防火墙中的远程管理"规则.
一方面Get-WmiObject与另一方面Get-CimInstance和Invoke-Command的区别在于前者使用 DCOM 进行网络通信,而后者使用 WinRM.请参阅文章 脚本专家博客上的我应该将 CIM 还是 WMI 与 Windows PowerShell 结合使用",了解有关 WMI 和 CIM 之间差异的更多信息.
DCOM 协议基于 RPC 并使用端口 135/tcp 用于 RPC 端点映射器,然后为实际的 RPC 连接分配一个介于 1024 和 65535 之间的随机端口.WinRM 另一方面,仅使用两个端口中的一个:5985 用于 HTTP 连接,5986 用于 HTTPS 连接,因此它对防火墙更加友好,并且启用 WinRM/PowerShell Remoting 已经打开了防火墙中的端口.这很可能是 Invoke-Command 和 Get-CimInstance 起作用而 Get-WmiObject 不起作用的原因.
至于 RPC 协议被禁用:那是不可能的.Windows 严重依赖 RPC 进行内部通信.如果您真的禁用了该协议,Windows 只会停止工作.
I'm currently working on a script that queries the disk information from a server. I'm stack with a problem and I really don't know whats going on here. May you can help me.
The following code is working (ComputerName replaced):
$space1 = Invoke-Command -ComputerName "xxxxxx" -ScriptBlock {
Get-WmiObject -Class Win32_LogicalDisk -Filter "DeviceID='C:'"
}
This code works kinda well and may takes around 2 seconds to execute. After some experimenting I found a way how I can query it even faster. With all other servers it works fine, but for this server it simply doesn't work. Here' the code:
$space1 = Get-WmiObject -ComputerName "xxxxxx" -Class Win32_LogicalDisk -Filter "DeviceID='C:'"
This code takes around ~40 seconds to run, and then ends with the following error:
Get-WmiObject : The RPC server is unavailable. (Exception from HRESULT:
0x800706BA)
At line:1 char:10
+ $test1 = Get-WmiObject -ComputerName "xxxxxx" -Class Win32_LogicalD ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (:) [Get-WmiObject], COMException
+ FullyQualifiedErrorId : GetWMICOMException,Microsoft.PowerShell.Commands.GetWmiObjectCommand
Can someone explain to me why it works fine with Invoke-Command but not when I use the ComputerName param on the Get-WmiObject directly? As said, for all my other servers this works fine and the code is faster so I would like to always use this code.
What I've done so far:
- I checked the server for DNS and I tested similar commands.
- Tried some other WmiObject commands, seems like always the RPC is not available.
What I think the problem could be:
I think the RPC protocol is disabled on the server. Does somebody know how to check that? Haven't found really anything that worked through Google...
What seems special:
CimInstance commands works. Do they use the RPC protocol too, or do they use another protocol? Haven't found any information on that one. Here the code I tested with:
Get-CimInstance -ComputerName "ccccc" -ClassName Win32_OperatingSystem
Microsoft's WMI troubleshooting guide classifies the error as a firewall issue:
Error
0x800706BA–HRESULT_FROM_WIN32(RPC_S_SERVER_UNAVAILABLE)
Firewall issue or server not available.Possible Issues
The computer really doesn't exist The Windows Firewall is blocking the connectionSolution
Connecting to Vista:netsh advfirewall firewall set rule group="windows management instrumentation (wmi)" new enable=yes. Connecting to downlevel: Allow the "Remote Administration" rule in Windows Firewall.
The difference between Get-WmiObject on the one hand and Get-CimInstance and Invoke-Command on the other hand is that the former uses DCOM for the network communication, while the latter use WinRM. See the article "Should I use CIM or WMI with Windows PowerShell" on the Scripting Guys blog for more information about the differences between WMI and CIM.
The DCOM protocol is based on RPC and uses port 135/tcp for the RPC endpoint mapper, which then assigns a random port between 1024 and 65535 for the actual RPC connection. WinRM on the other hand uses only one of two ports: 5985 for HTTP connections an 5986 for HTTPS connections, so it's a lot more firewall-friendly, and enabling WinRM/PowerShell Remoting already opens the ports in the firewall. That's most likely the reason why Invoke-Command and Get-CimInstance work, while Get-WmiObject doesn't.
As for the RPC protocol being disabled: that's not possible. Windows relies heavily on RPC for internal communication. If you actually disabled the protocol Windows would simply stop working.
这篇关于Invoke-Command 和直接查询的区别的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
