On the Server:
Enable-PSRemoting -Force
Enable-WSManCredSSP -Role Server -Force
On the Client:
Enable-WSManCredSSP -Role Client -DelegateComputer myservername -Force
Set-ItemProperty HKLM:\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults\AllowFreshCredentials -Name WSMan -Value WSMAN/*
Set-ItemProperty HKLM:\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults\AllowFreshCredentialsDomain -Name WSMan -Value WSMAN/*
or manual set fresh creditnal
Computer Configuration > Administrative Templates > System > Credentials Delegation > Allow Delegating Fresh Credentials.
To Start a session:
Enter-PSSession server05 -Authentication CredSSP -Credential DOMAIN\username
if you still run into error complain about NTML try,
Computer Configuration\Administrative Templates\System\Credentials Delegation and set "Allow Delegating Fresh Credential with NTLM on Server Authentication"
If you run into error about WinRM, try winrm quickconfig and make sure all network card is not set to public. I have couple vm, virtual network. I have to disable it before I can run winrm
No comments:
Post a Comment