WINRM authentication

This topic contains 3 replies, has 4 voices, and was last updated by Profile photo of Don Jones Don Jones 2 years, 10 months ago.

  • Author
  • #17817
    Profile photo of Biswajit

    I connected a remote PC using WINRM. Using Enter-PSSession -cn . Also seen netmon trace & found only [b]SNTP, TCP & HTTP[/b] traffic. Can you pls explain how authecation is worked there using those three Protocol? No kerberos/ntlm found. Even I used ISE [b]New remote powershell tab[/b] & result is same . Only found [b]SNTP, TCP & HTTP[/b] traffic

  • #17818
    Profile photo of Dave Wyatt
    Dave Wyatt

    Assuming your traces are complete, the authentication is probably in the packets you've listed as TCP. TCP is a transport-layer protocol that can carry just about any type of application traffic (including HTTP.)

  • #17819
    Profile photo of Adnan Rashid
    Adnan Rashid

    Sounds correct. Kerberos is over TCP as with most other communication really.

  • #17820
    Profile photo of Don Jones
    Don Jones

    And Remoting itself is HTTP. HTTP is entirely capable of carrying authentication information.

You must be logged in to reply to this topic.