How to add more than one machine to the trusted hosts list using winrm
Solution 1
I prefer to work with the PSDrive WSMan:\
.
Get TrustedHosts
Get-Item WSMan:\localhost\Client\TrustedHosts
Set TrustedHosts
provide a single, comma-separated, string of computer names
Set-Item WSMan:\localhost\Client\TrustedHosts -Value 'machineA,machineB'
or (dangerous) a wild-card
Set-Item WSMan:\localhost\Client\TrustedHosts -Value '*'
to append to the list, the -Concatenate
parameter can be used
Set-Item WSMan:\localhost\Client\TrustedHosts -Value 'machineC' -Concatenate
Solution 2
winrm set winrm/config/client '@{TrustedHosts="machineA,machineB"}'
Solution 3
The suggested answer by Loïc MICHEL blindly writes a new value to the TrustedHosts entry.
I believe, a better way would be to first query TrustedHosts.
As Jeffery Hicks posted in 2010, first query the TrustedHosts entry:
PS C:\> $current=(get-item WSMan:\localhost\Client\TrustedHosts).value
PS C:\> $current+=",testdsk23,alpha123"
PS C:\> set-item WSMan:\localhost\Client\TrustedHosts –value $current
Solution 4
I created a module to make dealing with trusted hosts slightly easier, psTrustedHosts. You can find the repo here on GitHub. It provides four functions that make working with trusted hosts easy: Add-TrustedHost
, Clear-TrustedHost
, Get-TrustedHost
, and Remove-TrustedHost
. You can install the module from PowerShell Gallery with the following command:
Install-Module psTrustedHosts -Force
In your example, if you wanted to append hosts 'machineC' and 'machineD' you would simply use the following command:
Add-TrustedHost 'machineC','machineD'
To be clear, this adds hosts 'machineC' and 'machineD' to any hosts that already exist, it does not overwrite existing hosts.
The Add-TrustedHost
command supports pipeline processing as well (so does the Remove-TrustedHost
command) so you could also do the following:
'machineC','machineD' | Add-TrustedHost
cmm user
Graduate Student at Texas A & M university in MS CE. Previously worked as a software developer in Oracle India Private limited for the past 3 years. Currently working as a Software Development Engineer with Amazon Alexa.
Updated on February 05, 2021Comments
-
cmm user over 3 years
To run powershell commands on a machine from a remote machine we have to add the remote machine to the trusted hosts list of the host machine.
I am adding machine A to machine B's trusted hosts using the following command :
winrm set winrm/config/client ‘@{TrustedHosts="machineA"}’
How to add more machines say machine C, machine D to trusted hosts list of machine B?
-
Snow almost 8 yearsis there a way to append hosts to the list? because I could not find any API for append.
-
SxMT over 7 yearsYou can append with -Value "machineB" -Concatenate
-
svarog over 7 yearsif anyone gets an
Error: Invalid use of command line ...
response, try removing the single quotation marks -
Hylle about 6 yearsThis just doesn't work for me, single quotes or not. I get
Error: Invalid use of command
regardless. -
Jason Boyd about 6 years@HerbM Domain names work fine. Ranges with wildcards only seem to work for a single value, i.e. you can have a comma separated list of machines, or a string containing wildcards, but not a comma separated list where one of the values in the list has a wildcard. This looks like a WinRM issue. It will let you add a value with a subnet mask but it doesn't seem to interpret it as a network range when you try to connect to a machine in the range so that does not seem to work.
-
HerbM about 6 yearsAnd apparently you have to use poor man's 'subnetting' (on octet boundaries) and not CIDR or MASK notation: 192.168.230.* NOT: 192.168.224.0/19 # or whatever
-
Bruno Bieri over 5 years@svarog for me it was vis-versa. I had to add single quotes. Before I had the same error
Error: Invalid use of command
. -
objectNotFound almost 4 years@dhcgm This solution does NOT work for Domain controlled Servers that rely on Kerberos for authentication. Can you please confirm ? So despite adding explicit trusted hosts I can still use non-trusted hosts to access the server as long as I have admin rights on the server. I think this works only for Workgroup Computers. Thanks.
-
hdev almost 4 years@objectNotFound In my environment I used Powershell Remoting only on Workgroup Computers, so I cannot confirm your thesis. But I sounds plausible.