一位Powershell新手在尝试使用凭据安全支持提供程序(CredSSP)进行远程授权时遇到问题。尽管已配置相关设置并重启了服务器及客户端,但仍收到关于计算机策略不允许凭据委托的错误提示。
我是powershell的新手,我在使用凭据授权方面遇到了麻烦。我有以下脚本:
$session = New-PSSession myserver -Authentication CredSSP -Credential DOMAIN\Administrator
Invoke-Command -Session $session -ScriptBlock { }
在运行之前,我做了以下事情:
>在myserver上运行Enable-PSRemoting。
>在myserver上运行Enable-WSManCredSSP Server。
>在myserver上运行Restart-Service WinRM。
>在客户端上运行Enable-WSManCredSSP Client -DelegateComputer myserver。
>重新启动服务器和客户端。
但是一旦我运行脚本,我收到以下错误消息:
[myserver] Connecting to remote server failed with the following error message : The WinRM client cannot process the request. A computer policy does not allow the delegation of
the user credentials to the target computer. Use gpedit.msc and look at the following policy: Computer Configuration -> Administrative Templates -> System -> Credentials Delega
tion -> Allow Delegating Fresh Credentials. Verify that it is enabled and configured with an SPN appropriate for the target computer. For example, for a target computer name "m
yserver.domain.com", the SPN can be one of the following: WSMAN/myserver.domain.com or WSMAN/*.domain.com. For more information, see the about_Remote_Troubleshooting Help topic.
+ CategoryInfo : OpenError: (System.Manageme....RemoteRunspace:RemoteRunspace) [], PSRemotingTransportException
+ FullyQualifiedErrorId : PSSessionOpenFailed
我检查了错误消息中提到的策略,但一切似乎都没问题。还有什么可以挡住我?
扫一扫
963
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
