Closed Mugen-2112 closed 1 year ago
Hi @Mugen-2112,
You should be able to use any feature of the module with a Windows, AD, or Basic user credential. I often test Get-VmsCameraReport
against the demo system our sales team uses since it has a wide variety of camera makes and models, and I use a basic user for testing that.
The error is being thrown while attempting to use a ServerCommandService WCF client instance. When using a WCF client as a basic user, it should connect to the management server using HTTPS. Specifically it should connect to https://your.mgmt.srv/ManagementServer/ServerCommandService.svc
but I suspect it is trying to use HTTP instead for some reason.
What parameters are you providing to Connect-ManagementServer
? What does the output of Get-LoginSettings | Select-Object Uri, IsBasicUser, IsOAuthConnection, IsOAuthIdentity
look like?
Is there any difference whether you connect using Connect-ManagementServer -ShowDialog
vs Connect-ManagementServer -ServerAddress http://your.mgmtsrv/ -Credential (Get-Credential) -BasicUser
?
When constructing the URL for the ServerCommandService or ConfigurationApiService endpoints on the Management Server, we check if you're logged in as a basic user, and if so, the URI used the one you see in Get-LoginSettings
, and we ensure to change the scheme to "https" and port to 443 if needed (port 443 is hard-coded in the module because it's hard-coded in Milestone as well).
Sometimes you can get more error details in PowerShell by doing the following - this would expand the error details for the last error...
$Error[0] | Format-List * -Force
$Error[0].Exception | Format-List * -Force
$Error[0].Exception.InnerException | Format-List * -Force
Josh, thanks for getting back with me so quick, and for putting me on the right track. It ended up being something to do with a dedicated user account I had setup with administrative rights for this purpose.
I went through your troubleshooting ideas, and saw no difference in Connect-ManagementServer variations. Get-LoginSettings also looked good.
But your comments made me think that maybe it might be the user account, so I tried it on an existing user that had full control, but not admin, rights, and it worked, but with two 'insufficient user rights' errors. I changed it to administrative rights, and it worked like a champ.
The first machine was local, then I tested the remote machine I connect to via VPN. I connected with an existing user with admin rights, and that worked, but for two errors which I think related to the end point security settings on that machine. I will be there on Thursday, and will look at it closer then, as I don't control the RMM on that machine.
In any event, it would seem that it was something in how I setup the new users, but there is not much to that. Create a user, add it to a group. I'll look into that more, and if I find a root cause, I will update you here.
Thanks again! I am super excited to dig into all these utilities.
Cheers,
B
Hi @Mugen-2112,
I'm finally making the rounds here and wanted to check in with you. Did you end up finding anything else worth sharing? Hopefully everything is working well!
Thanks for checking in, and for the reminder, Josh! Everything is working well, but I still have more messing about with PSTools I want to do. After overcoming that issue, I had to put it on the back burner for a bit. I am just starting to re-focus on that, and on a new Milestone rack server design that I have been wanting to build for awhile. I'll keep you posted. I want to incorporate PSTools into my regular server monitoring and management program, for sure.
Cheers
Brent.
Hello. I have PSTools installed and I am able to run Get-VmsCamera just fine, but when I run Get-VmsCameraReport I get the following error:
PS C:\Users\Bridge> Get-VmsCameraReport | Export-Csv '~\Desktop\report.csv' -NoTypeInformation Exception calling "GetConfiguration" with "1" argument(s): "The HTTP request is unauthorized with client authentication scheme 'Basic'. The authentication header received from the server was 'Basic realm="localhost"'." At C:\Program Files\WindowsPowerShell\Modules\MilestonePSTools\22.3.0\MilestonePSTools.psm1:8203 char:17
PS C:\Users\Bridge>
Get-VmsRecordingServer, Get-LicenseInfo and Get-VmsDeviceStatus all work just fine. Get-VmsManagementServer works, and returns version 22.2.0.2 get-module -listavailable MilestonePSTools returns 22.3.0 PSVersion is 5.1.19041.1682
I have tried this on two different Express+ 2022R2 servers. I have tried it from Powershell on the server itself, and from a separate PC. Same results in all scenarios.
It looks like there is a security feature enabled to block access to that from a less secure connection. I do not have domain controllers running on the two servers I am doing this on, so I am hoping there is a switch I can flip to enable this.
Cheers,
Brent