33 views

Error


The following error is returned when discovering a device via WinRM:

Winrs error:The WinRM client cannot process the request. Default authentication may be used with an IP address under the following conditions: the transport is HTTPS or the destination is in the TrustedHosts list, and explicit credentials are provided. Use winrm.cmd to configure TrustedHosts. Note that computers in the TrustedHosts list might not be authenticated. For more information on how to set TrustedHosts run the following command: winrm help config

Root Cause


The MID Server uses IP addresses to communicates with target servers. As detailed in the error, "authentication may be used with an IP address under the following conditions: the transport is HTTPS or the destination is in the TrustedHosts list." Therefore, the target IP address must be added to the TrustedHosts list.

Solution


Add the target IP address to the TrustedHosts list. Run the following command on the Windows command line to add all servers to the TrustedHosts list:

winrm s winrm/config/client @{TrustedHosts="*"}

Note: The command above may fail if run on Powershell

Then run the following command to view computers in the TrustedHosts list:

Get-Item WSMan:\localhost\Client\TrustedHosts

Note: There is no command to add or remove a single server from the TrustedHosts.  The whole list is re-created when the command is used to add a server to the TrustedHost. The server can be placed between the quotations such as TrustedHosts="server_01,server_02". However, an asterisk is used to add "all" as it is usually not known ahead of time what server will be discovered.

Additional Information


The MID Server parameter mid.windows.management_protocol determines whether the MID Server will use WinRM or WMI for discovery.

Article Information

Last Updated:2018-10-10 06:26:44
Published:2018-10-10