PSsession between Two machines which is not in domain

This topic contains 4 replies, has 5 voices, and was last updated by Profile photo of Don Jones Don Jones 3 years, 1 month ago.

  • Author
    Posts
  • #13732
    Profile photo of Selvakumar R
    Selvakumar R
    Participant

    hello
    I need to get the remote of powershell from one machine to another the problem is those machines are not in domain. may i know whether it is possible to do that.

  • #13734
    Profile photo of Robert Westerlund
    Robert Westerlund
    Participant

    Yes, it's possible. What error are you receiving? Have you added the remote computer to the TrustedHosts list?

  • #13749
    Profile photo of Dave Wyatt
    Dave Wyatt
    Moderator

    It's possible, but you can't use the default Kerberos authentication in that scenario. Off the top of my head, I don't remember if the PSRemoting commands automatically fall through to NTLM authentication if Kerberos isn't avaialble, or if you have to specify it yourself by using the "-Authentication Negotiate" argument when calling New-PSSession, Invoke-Command, etc.

    You'll also either have to set up an HTTPS listener, or use the TrustedHosts list (HTTPS being the more secure option, since it authenticates the remote computer before it exposes anything related to your user credentials.) There are examples of how to do both of these in the free "Secrets of PowerShell Remoting" ebook, which you can download from https://powershell.org/ebooks/ .

  • #13750
    Profile photo of Vern Anderson
    Vern Anderson
    Participant

    Look for the free E-Book "A Layman's guide to PowerShell Remoting" http://www.ravichaganti.com/blog/?page_id=1301 I believe page 43 or 34 I'm dyslexic.

    Anyway it goes on to tell you how to use the winrm command line syntax to manually add a list of hosts that are allowed to remote. This PDF file was the most helpful to me for figuring out how to do it, and it does work. However I need to get around to figuring out how to add a CIDR noted IP range to it.

    -VERN

  • #13755
    Profile photo of Don Jones
    Don Jones
    Keymaster

    I'll actually suggest the remoting book at powershell.org/wp/ebooks which includes a full walk through of how to set this up.

You must be logged in to reply to this topic.