I'm trying to use Invoke-Command to run cmd.exe on a remote computer, where it executes a .bat file to set some environment variables. After that, I need to call an executable within the same cmd.exe session. However, when it tries to create a Java process, I get a frustrating error: 'CreateProcess: Access is denied. Could not launch Java application.' I've suspected that it might be due to security software like SentinelOne, but even with it disabled, the issue persists.
Locally running the same command on the remote server works perfectly. I've also checked that I have the necessary credentials. I've used ProcMon to analyze the differences in execution between local and remote, but I can't identify why CreateProcess fails on the remote side.
Here's a simplified version of my script:
Invoke-Command -ComputerName remote-server -ScriptBlock {cmd.exe /C "cd /d 'M:Directory1Directory2' && call 'M:Directory1Directory2env.bat' && program_name_here"}
Any insights or solutions would be greatly appreciated!
3 Answers
Good catch! Instead of using cmd.exe, try managing everything through PowerShell for better compatibility. You may find it easier to set up and handle errors that arise.
It sounds like you might be dealing with a double hop issue. Since you’re referencing the M drive, which seems like a mapped drive, it might not be accessible in the context of the remote job. Try verifying your drive mapping.
Have you considered doing everything in PowerShell instead of cmd.exe? It might simplify things. You could translate the .bat file into a PowerShell script that sets the environment variables and calls your program. Make sure you test it locally in PowerShell first to iron out any issues.
That could be a good approach! If you're using PowerShell, you can handle errors better than in cmd.exe, and it's generally smoother.
Actually, it's not mapped, just a partition! So that shouldn't be the issue.