PSRemoting from Work Group (Non Domain) machine to Domain joined Machine

Hi Team,

I have 2 machines 

M1 - Domain Joined and M2 - Work Group Machine

On Domain Joined Machines (M2) is have enabled psremoting using following method

1. On domain machine (M1) i have added value * in WSMan:\localhost\client\Trustedhost 

2. Enabled-psremoting 

Now,

I am trying to perform "Enter-PSsesion" cmdlet from workgroup (M2 )machine to domain joined (M1 )machines and getting following error 

Enter-Pssession -computername m1.domain.com -credential domain\username 

Error - 

Connectingto remote server M1 failed with the following error message : The
WinRM client cannot process the request. If the authentication scheme is different from Kerberos, or if the client
computer is not joined to a domain, then HTTPS transport must be used or the destination machine must be added to the
TrustedHosts configuration setting. Use winrm.cmd to configure TrustedHosts. Note that computers in the TrustedHosts
list might not be authenticated. You can get more information about that by running the following command: winrm help
config. For more information, see the about_Remote_Troubleshooting Help topic.

Please Suggest ....... 

September 3rd, 2015 11:39am

Hi Amit,

Basically to directly use sessions using computername requires you to domain joined for Kerberos to work.

The first workaround is this "ifthe client computer is not joined to a domain,then HTTPS transport must be used"

That means the destination machine must support web IIS based PowerShell Connection Endpoint, Exchange Server and O365 provides this kind of https://servername/powershell

If you don't have these applications you still have a option to Install and Use Windows PowerShell Web Access.

Other workaround talks about the TrustedHosts configuration which will force NTLM authentication.

HOW TO ADD A COMPUTER TO THE TRUSTED HOSTS LIST

#Get and note the existing list
Get-Item wsman:\localhost\Client\TrustedHosts

#Set the existing list+New value
$curValue = (Get-Item wsman:\localhost\Client\TrustedHosts).value

Set-Item wsman:\localhost\Client\TrustedHosts -Value "$curValue, Server01.Domain01.Fabrikam.com, 172.16.0.0, HomePC"

#Overwrite values with new value
Set-Item wsman:\localhost\Client\TrustedHosts -Value 172.16.0.0,HomePC
Free Windows Admin Tool Kit Click here and download it now
September 3rd, 2015 12:03pm

Hi Satyajit,

I have tried the adding of trustedhosts file but it gave the same error.

Now i will try with https certificate connection and check if it works

September 6th, 2015 7:59am

Hi,

On which server have you added the trusted host and what IP and hostname.

Free Windows Admin Tool Kit Click here and download it now
September 7th, 2015 6:47am

Hi Satyajit,

I have added the trusted host as * on Domain Machine. 

September 9th, 2015 1:27am

Hi Amit,

Please try adding the IP or the hostnames explicitly on the Exchange Server's Trusted Host not the Domain Machine.

Exchange should trust the domain machine.

Free Windows Admin Tool Kit Click here and download it now
September 9th, 2015 3:06am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics