Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Wednesday, May 1, 2019 6:29 PM
Hello,
To give you some context, I have 10 different locations with over 100 computers across the US that I manage. We do not have an active directory setup, so all computers are set to Workgroup. Ive been trying to create a script that will give me access to all computers so that I can run commands on them remotely. The script I made works great in the office that I'm located in, but when I start trying to connect to the other locations I have an issue.
This is the script I run on the machine that I want access to:
Set-ExecutionPolicy -ExecutionPolicy Bypass -Scope CurrentUser
Set-NetConnectionProfile -NetworkCategory Private
Enable-PSRemoting -Force
winrm quickconfig
Get-Item wsman:\localhost\client\trustedhosts
Set-Item wsman:\localhost\client\trustedhosts "mycomputername, Administrator"
This is what I run when trying to connect to the remote PC's:
Set-Item wsman:\localhost\client\trustedhosts *
Enter-PSSession -ComputerName name -Credential Administrator
I can use the computer name when connecting to computers in my office, but I get a WinRM service error when trying to connect using the computer name outside my office, BUT when I replace the computer name with an IP address it works fine.
Is there a way so that I can make the computer name work across the board? I assume using IP wont work out since all computers use DHCP.
All replies (6)
Wednesday, May 1, 2019 6:37 PM
Workgroup computers require configuring CredSSP. There is no need to run all of these commands each time you connect. They are run once per computer to set up WinRM. In a domain this is normally done via Group Policy. In a workgroup CredSSP needs to be configured once for each workgroup computer.
\(ツ)_/
Wednesday, May 1, 2019 9:47 PM
I enabled CredSSP on both my computer and the remote computer, restarted both, and tried to just run Enter-PSSession -ComputerName name -Credential Administrator with no luck. I still get the WinRM error. But if I change name to the IP address it works.
Wednesday, May 1, 2019 9:49 PM
You have to read the docs on how to use this. It requires many more pieces to be satisfied.
\(ツ)_/
Wednesday, May 1, 2019 10:04 PM
Ah ok. It only gave an option to Enable or Disable. Ill see what I can find on it. Thanks for the tip!
Thursday, May 2, 2019 1:40 AM
BUT when I replace the computer name with an IP address it works fine.
That sounds like a DNS problem. Can the machines ping each other? If you run an nslookup on the IP addresses, does it come back with just the computer name or something like computername.home or computername.workgroup?
See also https://www.tenforums.com/tutorials/49652-turn-off-network-discovery-windows-10-a.html
Friday, May 31, 2019 3:06 AM
Hi,
Was your issue resolved?
If you resolved it using our solution, please "mark it as answer" to help other community members find the helpful reply quickly.
If you resolve it using your own solution, please share your experience and solution here. It will be very beneficial for other community members who have similar questions.
If no, please reply and tell us the current situation in order to provide further help.
Best Regards,
Lee
Just do it.