Enabling PS Remoting (Enable-PSRemoting) in Windows Azure Role using Startup Task

  • Article

Recently I was working on an issue in which enabling PS Remoting PowerShell script in Windows Azure the following error occurred:

Set-WSManQuickConfig : Access is denied. at line:<N> char:<N>

If you have followed the below steps to enable PS Remoting in Windows Azure application, I am sure you have seen the above described error.

1. Created a PowerShell Script (Example EnablePSRemoting.ps1) as below:

Set-ExecutionPolicy unrestricted -force

"Before PSREMOTING"

enable-psremoting -force

"After PSRemoting"

2. Created a Startup.cmd file as below:

powershell -ExecutionPolicy Unrestricted EnablePSRemoting.ps1 >> PowershellLog.txt

3. Now included the Startup.cmd as Startup task in Service Definition file as below:

<ServiceDefinition name="MyAzureService" xmlns="https://schemas.microsoft.com/ServiceHosting/2008/10/ServiceDefinition">

   <WebRole name="MyWebRole">

      <Startup>

         <Task commandLine="Startup.cmd" executionContext="elevated" taskType="simple">

         </Task>

      </Startup>

   </WebRole>

</ServiceDefinition>

4. Deployed application.

Once Windows Azure application runs on cloud you will hit the following error:

Set-WSManQuickConfig : Access is denied. at line:<N> char:<N>

The reason for above error is as below:

1. The Startup task runs on Windows Azure in no user context or in other way LocalSystem context

2. The PowerShell script which you are trying to run as Startup task designed to run in user context and because of #1, it returns "Access Denied" error.

Solution:

To solve this problem you will need to use the task scheduler to create an user first and then launch the PowerShell script in newly created user context. To create the user within the startup task and then successfully enabling the PS Remoting please follow David Aiken blog:

https://www.davidaiken.com/2011/01/19/running-azure-startup-tasks-as-a-real-user/