Is the SPN present?
--
You received this message because you are subscribed to the Google Groups "ntsysadmin" group.
To unsubscribe from this group and stop receiving emails from it, send an email to
ntsysadmin+...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ntsysadmin/CADy1Ce7R8q%2Ba%2BBmLCJoch7AUrf__zqzhJLck1mC7kc_pL7hCnQ%40mail.gmail.com.
Try disabling UAC remote restrictions by setting LocalAccountTokenFilterPolicy=1 at HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System.
-Aakash Shah
From: ntsys...@googlegroups.com <ntsys...@googlegroups.com>
On Behalf Of Kurt Buff, GSEC/GCIH/PCIP
Sent: Thursday, March 4, 2021 4:40 PM
To: ntsys...@googlegroups.com
Subject: [ntsysadmin] WinRM not working with local admin credentials
Attempting to use an account in the local Administrators group set up by LAPS to do sweet powershell stuff.
--
To view this discussion on the web visit https://groups.google.com/d/msgid/ntsysadmin/3e7ceebe897c4e759b312a3739ed4671%40smithcons.com.
What’s in trustedhosts?
To view this discussion on the web visit https://groups.google.com/d/msgid/ntsysadmin/CADy1Ce5jtw%3D%2BJ0DD4Xmgr1ZDmV2OCfhyDj%2B4VNx4UoABJ3ZSsg%40mail.gmail.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ntsysadmin/BYAPR06MB5685382D4BC66C1716814212F2969%40BYAPR06MB5685.namprd06.prod.outlook.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ntsysadmin/862c2c7ad441400586ec82d038b374f4%40smithcons.com.
Ok, you got me. No more immediate ideas. You might check out Tobias’ book on PS Remoting.
To view this discussion on the web visit https://groups.google.com/d/msgid/ntsysadmin/CADy1Ce7VvOZAdZX7TPz1FJKOP%3DP%2BqKFy4b4LHXpkZVi_PMCD3Q%40mail.gmail.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ntsysadmin/b90f8e657d074ce79b89d94eb6e3d1b9%40smithcons.com.
I use -Authentication Negotiate and it works well for me. I just tested with CredSSP and it failed with the same error as yours. Try Negotiate and see if it works for you as well.
-Matt
From: ntsys...@googlegroups.com <ntsys...@googlegroups.com>
On Behalf Of Kurt Buff, GSEC/GCIH/PCIP
Sent: Thursday, March 04, 2021 6:40 PM
To: ntsys...@googlegroups.com
Subject: [ntsysadmin] WinRM not working with local admin credentials
Attempting to use an account in the local Administrators group set up by LAPS to do sweet powershell stuff.
--
Since I believe you mentioned that domain accounts work but local accounts don’t, check that you don’t have either of the following entries under “Deny access to this computer from the network”:
NT AUTHORITY\Local account
NT AUTHORITY\Local account and member of Administrators group
-Aakash Shah
From: ntsys...@googlegroups.com <ntsys...@googlegroups.com>
On Behalf Of Kurt Buff, GSEC/GCIH/PCIP
Sent: Friday, March 5, 2021 8:17 AM
To: ntsys...@googlegroups.com
To view this discussion on the web visit https://groups.google.com/d/msgid/ntsysadmin/CADy1Ce6-0HoQp16wNCUG%2BVjf2oBEGKzfms0DVw%3DLa_3m2WeALg%40mail.gmail.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ntsysadmin/DM6PR05MB65388D033F82DD94C5ABC3A5BF969%40DM6PR05MB6538.namprd05.prod.outlook.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ntsysadmin/BYAPR06MB5685F7D203809CB7ED17C089F2969%40BYAPR06MB5685.namprd06.prod.outlook.com.