Remote Session from non-Domain Computer

Welcome Forums General PowerShell Q&A Remote Session from non-Domain Computer

This topic contains 5 replies, has 3 voices, and was last updated by

 
Participant
4 years, 9 months ago.

  • Author
    Posts
  • #14189

    Participant
    Points: 0
    Rank: Member

    I have powershell up and running on all clients and the server in an SBS2008 environment.

    Establishing remote sessions to the clients, server etc work just fine. My question is can I establish a remote powershell session to one of the clients or server from a computer running powershell that is not part of the domain? I have domain credentials.

    Thanks

  • #14190

    Member
    Points: 0
    Rank: Member

    You can, but you either need to be using an HTTPS listener, or you need to configure the TrustedHosts list on your client.

  • #14191

    Keymaster
    Points: 1,759
    Helping HandTeam Member
    Rank: Community Hero

    The options are well-covered in "Secrets of PowerShell Remoting." https://powershell.org/ebooks.

  • #14192

    Participant
    Points: 0
    Rank: Member

    Thanks for the quick replies. I will check out the references.

    Just to make sure I have the nomenclature correct when you say client – that is the machine you would be remoting "To". And that is the one where either HTTP listener or trustedhosts would need to be configured.

    In the trusted hosts you would include the name/ip of the non-domain machine that your are trying to initiate a connection from.

    Thanks,
    David

  • #14193

    Member
    Points: 0
    Rank: Member

    Nope, other way around. Client is the computer you're connecting "from", and that's the one where you'd configure TrustedHosts, if that's the option you decide to take. If you go with HTTPS, you set that up on the computer(s) you're remoting to (which you'd generally call the "server", even if it's a client operating system.)

    In both cases, what you're doing is making the client feel happy about connecting to a computer that can't use Kerberos authentication. If you use HTTPS, the client is still able to authenticate the server before sending any usernames / passwords, and if you use the TrustedHosts list, you're telling the client that it can proceed without authenticating a particular server.

  • #14194

    Participant
    Points: 0
    Rank: Member

    Thanks! That was helpful. I am also assuming that I can use GP to set up the listener.

    Practically that would be the easier route, otherwise I need to update the trusted hosts list every time a new computer was added to the domain.

    In the scenario where I would be using his I would be connecting the client to the lan the servers would be located via a VPN. The servers would not be reachable via a public WAN.

The topic ‘Remote Session from non-Domain Computer’ is closed to new replies.