I have a Standalone computer that is not within our domain. I would like to check this server remotely, its on our network and enable-pssremoting has been run and says it is good to go … also oepened up the firewall ports running netsh command. Trying to run any command with -Computername fails with this error:
gsv : Cannot open Service Control Manager on computer 'SERVERNAME'. This operation might require other privileges.
Thinking I may need to run a session I ran this command – New-PSSession -computername SERVERNAME -Credential SERVERNAMEUSERNAME
Got prompted for a password and then see this
New-PSSession : [Servername] Connecting to remote server SERVERNAME failed with the following error message : WinRM cannot
process the request. The following error with errorcode 0x80090311 occurred while using Kerberos authentication: There are currently
no logon servers available to service the logon request.
Possible causes are:
-The user name or password specified are invalid.
-Kerberos is used when no authentication method and no user name are specified.
Seeing the kerberos errors I figured I needed basic auth so then ran this command
New-PSSession -computername SERVERNAME -Credential ServernameUserName -Authentication basic
prompted for password and then I get this error:
New-PSSession : [SERVERNAME] Connecting to remote server SERVERNAME failed with the following error message : The WinRM client
cannot process the request. Unencrypted traffic is currently disabled in the client configuration. Change the client configuration
and try the request again. For more information, see the about_Remote_Troubleshooting Help topic.
So a few more help files to figure out how to change my client config and get this:
WSManConfig: Microsoft.WSMan.ManagementWSMan::localhostClient
Type Name SourceOfValue Value
—- —- ————- —–
System.String NetworkDelayms 5000
System.String URLPrefix wsman
System.String AllowUnencrypted GPO false
Well now I am stuck … not sure where to go next my client is forcing encryption through a GPO – is there some other method I can use to remote manage a non-domain server?