What -RunAsCredential limitations of Register-PSSessionConfiguration are?

This topic contains 4 replies, has 3 voices, and was last updated by  Ondrej Zilinec 3 years, 9 months ago.

  • Author
  • #18836



    I'm trying to have constrained endpoint which will run with credentials from different domain (no trust between domain where computer is and what endpoint shall be running under. Is it possible? Trying to register this endpoing ends up in error

    Error Message = The verification of the runAs user credentials failed with the error 1326.
    Fully Qualified Error ID = System.InvalidOperationException,Microsoft.PowerShell.Commands.SetItemCommand

    Severity = Warning
    Host Name = ConsoleHost
    Host Version = 4.0
    Host ID = e0fc0707-f4e5-4563-acc3-8f89c6947a94
    Engine Version = 4.0
    Runspace ID = 4bffa899-03c7-4641-bf6f-68bcf0b3c6de
    Pipeline ID = 51
    Command Name = Set-Item
    Command Type = Cmdlet
    Script Name =
    Command Path =
    Sequence Number = 2050
    User = PROD\gs
    Shell ID = Microsoft.PowerShell

    User Data:

  • #18839

    Don Jones

    The computer registering the endpoint, and the machine where the endpoint will be, need to be able to resolve the credential.

  • #18840


    They can resolve the credential, question is wether you can run endpoint under credentials in different domain. Say I can use those credentials to access file shares from this box but I can not use them to run endpoint as.

  • #18841

    Don Jones

    Ah, I see.

    A file share isn't the ideal test of that; the endpoint RunAs credential needs certain rights, like the right to create process objects and tokens. That's different from being able to just access a file share. It's more like being able to log on interactively, although not exactly the same. You probably won't be able to use a RunAs credential from an un trusted domain.

    • #18859

      Ondrej Zilinec

      You will not be able to runas from untrusted domain for sure 🙂

You must be logged in to reply to this topic.