WINRM authentication

This topic contains 3 replies, has 4 voices, and was last updated by  Don Jones 3 years, 9 months ago.

  • Author
  • #17817


    I connected a remote PC using WINRM. Using Enter-PSSession -cn . Also seen netmon trace & found only [b]SNTP, TCP & HTTP[/b] traffic. Can you pls explain how authecation is worked there using those three Protocol? No kerberos/ntlm found. Even I used ISE [b]New remote powershell tab[/b] & result is same . Only found [b]SNTP, TCP & HTTP[/b] traffic

  • #17818

    Dave Wyatt

    Assuming your traces are complete, the authentication is probably in the packets you've listed as TCP. TCP is a transport-layer protocol that can carry just about any type of application traffic (including HTTP.)

  • #17819

    Adnan Rashid

    Sounds correct. Kerberos is over TCP as with most other communication really.

  • #17820

    Don Jones

    And Remoting itself is HTTP. HTTP is entirely capable of carrying authentication information.

You must be logged in to reply to this topic.