I am trying to remove a remote system from my domain connected to a PC to a server in our DMZ, but I cannot figure out how to make it work.
The DMZ server has a configured HTTP listener for the default port 5985, which is enabled. The two network adapters in the machine are designated as "Public" networks, so I changed the remote control firewall (HTTP-In) rule for the public profile to accept connections from my IP address, as well as an already configured local subnet.
On my client machine (Windows 10), I added the server host name to WSMan: \ localhost \ Client \ TrustedHosts, and I added the LocalAccountTokenFilterPolicy file to the registry (value: 1, Type: DWORD).
I create a credential object with my local server credentials (server_name \ username) and then I try to $Sess = New-PSSession -ComputerName DMZCOMPUTER -Port 5985 -Credential $Credconnect, always trying to use Kerberos to connect to a machine that obviously will not work.
If I try $Sess = New-PSSession -ComputerName DMZCOMPUTER -Port 5985 -Credential $Cred -Authentication Basic, I get an error message that is currently disabled by unencrypted traffic. Other auto-implementation schemes generate different error messages, but I have never been deleted.
Am I missing a configuration somewhere? What are the required settings (server and client) for using remote powershell connections to a workgroup server from a connected domain client.
source
share