I want to call (execute) a cmd or ps1 script remotely from one Windows 2016 Server 2016 on another. The problem is that script access to a \\network-share is denied.
Reproduce:
(1) a batch or ps1 script with specific Domain-User to \\network-share is successful:
dir \\network-share results in what it should.
(2) try to execute this script from another server via wmic or ps1 with the same user that has access to \\network-share (wmic /node:"node" /user:"domain\usr" /password:"pwd" process call create "cmd.exe /c C:\temp\cmd.bat").
The cmd.bat contains: dir \\network-share or dir \\<UNC-FQDN>\share or dir \\<IP>\share and always gets „Access is denied“ although domain\usr itself has access to the \\network-share.
(3) the identical routine (2) with dir C:\temp runs like expected.
Already tried some registry keys, e.g.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies]
DisableLoopbackCheck
DisableStrictNameChecking
BackConnectionHostNames
LocalAccountTokenFilterPolicy
Maybe one of those is needed on both machines and I did not try every option but to understand what might be the problem here could help I guess.
So, thx & Kind Regards :-)
In the meantime I found two ways to overcome the problem:
a) using Sysinternals PsExec.exe -u domain\user -p pwd -i \\node C:\temp\cmd.bat
b) Create a Scheduled Task on the target machine that can be executed remotely by C:\Windows\System32\schtasks.exe /run /tn "name of the task" /s node /u domain\user /p pwd
Maybe this will help somebody else.