Solving a problem with “Get-VM” cmdlet

Environment:

  • Domain “nice.domain”
  • script server “server1.nice.domain”
  • Hyper-V hypervisor “hyperv1.nice.domain”
  • all Windows Server 2012 R2
  • script user “nice\script”
  • script user is member of “Hyper-V Administrators” group on hyperv1.
  • script user has the “Log on as a batch job” right on server1

Scenario 1:
running

in a Powershell console window on server1 (which was started with “run as different user”) will show a nice list of VMs on the hypervisor.

Scenario 2:

  • running
    in a scheduled task script that runs as the script user on server1 will return NOTHING. No, also no exception thrown.
  • other Hyper-V cmdlets seem to work, f.e. works.

Observations:

  • Making the script user a member of the “Administrators” group on “server1” works, but that’s not good security.
  • Adding the script user to the “Administrators” group on hyperv1 does not help
  • It’s obviously a problem on server1, something stops Get-VM from working in a scheduled task.

Question: which rights or security settings are missing in Scenario 2?

If you have any ideas or even the solution, please try to comment below or tweet back here (@RicochetPeter). Thx in advance 🙂