Connect to remote server using winrm without adding the server to TrustedHosts
If both machines are on the same domain, you should be able to use the ComputerName instead of the IP address. When you use the IP address you're pretty much forced to use TrustedHosts from what I've seen.
Ivaylo Strandjev
Hi! Great to meet you! My name is Ivaylo and here is who I am: I have a twin brother and you can also find him somewhere in the community(http://stackoverflow.com/users/1108032/boris-strandjev) I graduated masters subject artificial intelligence in 2012 in Sofia University. For about 10 years I was doing math competitions and I have a lot of awards from those. Later I decided to transition to computer programming competitions(next bullet) One of my hobbies is doing computer programming competitions. I've been doing that since the fall of 2000 I have been teaching competitive programming, design and analysis of algorithms, advanced data structures as teaching assistant in Sofia University since 2007. I like teaching I love sports especially volleyball and I also go to the gym 4-5 times a week
Updated on June 08, 2022Comments
-
Ivaylo Strandjev almost 2 years
I have been struggling to deal with winrm and TrustedHosts but to no avail. After some experimenting I found out the this field of winrm/config/client is limited up to 1023 symbols which is way not enough especially if adding hosts by their ipv6. I quote from Installation and Configuration for Windows Remote Management:
A trusted hosts list should be set up when mutual authentication cannot be established.
Also in the same file the text says:
Other computers in a workgroup or computers in a different domain should be added to this list.
So I thought that this implies that as long as two computers are in the same domain, I should be able to access one of them from the other using winrm.I tried to add two computers to a test domain and the executed:
winrm get winrm/config/client -r:192.168.100.1 -u:user -p:pass
From one of them to the other, but this failed with the error:
WSManFault Message = The WinRM client cannot process the request. If the authentication scheme is different from Kerberos, or if the client computer is not joined to a domain, then HTTPS transport must be used or the destination machine must be ad ded to the TrustedHosts configuration setting. Use winrm.cmd to configure Truste dHosts. You can get more information about that by running the following command : winrm help config. Error number: -2144108316 0x803380E4 The WinRM client cannot process the request. If the authentication scheme is dif ferent from Kerberos, or if the client computer is not joined to a domain, then HTTPS transport must be used or the destination machine must be added to the Tru stedHosts configuration setting. Use winrm.cmd to configure TrustedHosts. You ca n get more information about that by running the following command: winrm help c onfig.
After adding 192.168.100.1 to TrustedHosts the query above succeeds. So my question is: is it possible to use winrm between two hosts without modifying TrustedHosts? Setting Trusted hosts to
*
is not an option for me.