Kieran Jacobsen

Kieran Jacobsen

He/Him. Microsoft MVP and GitKraken Ambassador. 🌏 Poshsecurity.com. 🏳‍🌈 Gay. 🐱 Cat owner.

WinRM in Workgroup Environments

Just a quick blog post this time, mainly focusing on some configuration items you “may” need to do if you are working with WinRM, in particular in workgroup environments. These are settings you may need to configure client side when trying to interact with servers. You probably saw these in the notes section of Get-WinRMPassword.

Firstly, how do you view your configuration?

winrm get winrm/config

Next, if you are connecting to systems where HTTP listeners have been configured on the server, if your running on a later Windows Client, you will need to allow for the connection to be made. By default “unencrypted” that is HTTP sessions will not be allowed.

winrm set winrm/config/service @{AllowUnencrypted="true"}

Now I recommend enabling basic auth, just incase.

winrm set winrm/config/client/auth @{Basic="true"}

Finally, the server a client connects to, actually needs to be listed in trusted hosts. This can be done like this:

winrm set winrm/config/client @{TrustedHosts="myserver"}

Note that the command above will clear any other trusted host entries you might have.

And that is pretty much all you need to do!

The easiest to understand guides are (in no particular order):

More PowerShell Malware Found In The Wild

PowerShell + WinRM = Get-WinRMPassword