Remote Access with Powershell and Jenkins
As of March 2014, Jenkins installs the Jenkins service to run as the LocalSystem user (i.e., NT AUTHORITY\SYSTEM
). The LocalSystem account accesses the network using the computer account.
For example , Jenkins on a host named JENKINSSERVER
connects to remote machines using the MYDOMAIN\JENKINSSERVER$
computer account in the MYDOMAIN
Active Directory domain.
This means you need to add the MYDOMAIN\JENKINSSERVER$
account as a member of the BUILTIN\Administrators
local group on the TARGETSERVER
:
NET LOCALGROUP "Administrators" "MYDOMAIN\MYSERVER$" /add
Caveat Emptor: This grants any code executing as LocalSystem or NetworkService on the MYSERVER host to run remote commands on TARGETSERVER
as an Administrator. You may be better off creating a specific domain user for just this service to restrict admin rights to just the single Jenkins service.
Does your Jenkins service account credential have permission to log on remotely to the target computer?
I would use ProcMon to watch the target system when accessed by the administrator account and by the regular service account. You will see a difference, and I bet it will be obvious! Good luck!