Details about using CredSSP in Windows #36
Conversation
| https://technet.microsoft.com/en-us/library/hh849719.aspx#sectionSection4 | ||
|
|
||
| To use `Invoke-Command -Authentication CredSSP` the Windows Machine has to have: | ||
| - Up and running WinRM over http |
There was a problem hiding this comment.
So can you change the wording so that it does not imply that it must be http?
Or are you saying that it must have http enabled?
There was a problem hiding this comment.
I am saying that it must have http enabled.
The custom-enable-credssp script does everything needed.
There was a problem hiding this comment.
@bostko I thought we were using https with winrm4j now. Are we using http just for this? So do we enable both? Or just one of them?
In separate communication, you said about an error for MSSQL@Azure: NoSuchElementException: could not connect to any socket in [40.68.36.154:5986, 100.89.232.98:5986]. That is the https port, so I assumed we were using https.
bostko
force-pushed
the
winrm_port_sensor
branch
from
6657953
to
9214ca9
Compare
bostko
force-pushed
the
winrm_port_sensor
branch
from
9214ca9
to
6db8984
Compare
|
@neykov any comments from you about the need for http and https when we're using |
| script which enables executing commands with CredSSP in the general case. | ||
| The script works for most of the Windows images out there version 2008 and later. | ||
|
|
||
| Please ensure that Brooklyn's changes are compatible with your organisation's security policy. |
|
useful. @neykov if you have any comments on http(s) (re aled's comment above) it can be a new PR |
|
@aledsage Invoke-Command will default to http transport (the authentication protocol doesn't matter). The script can override it, but then needs to know what settings to use (what's available on the machine). @bostko can you confirm Also the self signed certificate might be a problem for |
|
@neykov indeed. The script does what you wrote. |
@aledsage can you review.