PowerShell Core is denied permission to SshdBroker service state

Created on 25 Jul 2018  路  6Comments  路  Source: PowerShell/PowerShell

Noticed following permission denied errors on PowerShell Core 6.0.2 and 6.1.0-preview.4 even when running in Administrative session of PowerShell Core.

Client OS is Windows 10 1083 (Build 17134.167)

Thank you.

Steps to reproduce

>Get-Service -Name 'SshdBroker'

Expected behavior

>Get-Service -Name 'SshdBroker'

Status   Name               DisplayName
------   ----               -----------
Stopped  SshdBroker         SshdBroker

Actual behavior

>Get-Service -Name 'SshdBroker'
Get-Service : Service 'SshdBroker (SshdBroker)' cannot be queried due to the following error:
At line:1 char:1
+ Get-Service -Name 'SshdBroker'
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo          : PermissionDenied: (System.ServiceProcess.ServiceController:ServiceController) [Get-Service], ServiceCommandException
+ FullyQualifiedErrorId : CouldNotGetServiceInfo,Microsoft.PowerShell.Commands.GetServiceCommand

Get-Service : The resource loader failed to find MUI file
At line:1 char:1
+ Get-Service -Name 'SshdBroker'
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo          : NotSpecified: (:) [Get-Service], Win32Exception
+ FullyQualifiedErrorId : System.ComponentModel.Win32Exception,Microsoft.PowerShell.Commands.GetServiceCommand

Environment data

> $PSVersionTable
Name                           Value
----                           -----
PSVersion                      6.1.0-preview.4
PSEdition                      Core
GitCommitId                    6.1.0-preview.4
OS                             Microsoft Windows 10.0.17134
Platform                       Win32NT
PSCompatibleVersions           {1.0, 2.0, 3.0, 4.0...}
PSRemotingProtocolVersion      2.3
SerializationVersion           1.1.0.1
WSManStackVersion              3.0
Area-Cmdlets-Management Issue-Discussion Resolution-Answered
Source
picture LawrenceHwang

Most helpful comment

Thank you @MaximoTrinidad 馃憤

Given the case is specific and likely only have limited number of users impacted. I suggest closing this issue. The information you shared is sufficient for future PowerShell users run into this case.

I also used Remove-Service cmdlet in PowerShell Core 6 to remove the SshdBroker service, which also removed the error when running Get-Service in PowerSell Core 6.

> Remove-Service -Name SshdBroker -Verbose
VERBOSE: Performing the operation "Remove-Service" on target "SshdBroker (SshdBroker)".

Cheers,

Lawrence

picture LawrenceHwang on 29 Jul 2018
👍4

All 6 comments

@LawrenceHwang,

Just an FYI

In newer edition of Windows 10 (ie. 17713), the SshBroker Service is no longer used.

Windows 10 OpenSsh client is enabled by default. But the OpenSsh Server will need to be installed in order to allow other system to remotely connect to Windows.

openssh_01_2018-07-25_11-35-29

MaximoTrinidad picture MaximoTrinidad on 25 Jul 2018

Thank you @MaximoTrinidad for sharing the info. Is the SshdBroker removed in the newer build or installed just not used? Sorry I don't have an environment setup with newer build yet.

LawrenceHwang picture LawrenceHwang on 26 Jul 2018

Hi @LawrenceHwang,

I got an scenario that on after the upgrade to newer Windows 10 Insider Build the sshbroker no longer work ("

I would suggest not to upgrade and do a fresh installation of the Windows 10 Insider edition.

:)

MaximoTrinidad picture MaximoTrinidad on 26 Jul 2018

Thank you @MaximoTrinidad 馃憤

Given the case is specific and likely only have limited number of users impacted. I suggest closing this issue. The information you shared is sufficient for future PowerShell users run into this case.

I also used Remove-Service cmdlet in PowerShell Core 6 to remove the SshdBroker service, which also removed the error when running Get-Service in PowerSell Core 6.

> Remove-Service -Name SshdBroker -Verbose
VERBOSE: Performing the operation "Remove-Service" on target "SshdBroker (SshdBroker)".

Cheers,

Lawrence

LawrenceHwang picture LawrenceHwang on 29 Jul 2018
👍4

@LawrenceHwang I could not disagree more. Every PC I've looked at in our Organization, has been upgraded and every one has this issue: SshdBroker and it's RUNNING despite being set to MANUAL on all of them. And, If Microsoft thinks my Team and I are going to REINSTALL Windows fresh on over 1500 PC's they've got another thing coming!!

LordDelacroix picture LordDelacroix on 8 Nov 2020

You should not need to reinstall Windows to fix this issue. You just need to remove the service from the affected systems.

Assuming they are domain joined, then one solution would be to create a startup script that checks to see if the broker service exists on the computer, and if so, removes it. Combine that with a WMI filter that only runs said script if and only if the broker service is on the system. After a few days, all hosts would be resolved, You could add a bit of telemetry to the script to report back each host on which the script was run to confirm the service removal. I wish I was better with WMI filters to tap one out. But you get the idea and no doubt Google can assist with the details.

doctordns picture doctordns on 8 Nov 2020
Was this page helpful?
0 / 5 - 0 ratings

Related issues

rudolfvesely picture rudolfvesely  路  3Comments
rkeithhill picture rkeithhill  路  3Comments
mklement0 picture mklement0  路  3Comments
concentrateddon picture concentrateddon  路  3Comments
aragula12 picture aragula12  路  3Comments