Still Unable to Connect

Topics: General Topics
Nov 26, 2013 at 12:34 PM
I am unable to connect with any client on both Collection Commander and CM12 Health monitor. I have upped the WinRm max connections to 10 for all windows 7 machines ad verified this is set. WinRM is on and configured and working. I am able to connect with the web version of client center 2012 with no issues verifying that WinRM is up and running on machines.

Any more help with suggestions would be appreciated.
Coordinator
Nov 26, 2013 at 3:06 PM
Collection Commander for CM12 is using the same .NET library as Client Center 2012...
Are you running CollectionCommander with the same account as you used for Client Center ? WinRM over SSL ? standard WinRM port ? Do you get any errors ? or just the orange warning sign on the devices ?
Nov 26, 2013 at 3:54 PM
Running with the same credentials as CM2012. using the standard port, not sure about the WinRM over SSL i will have to check that. Just get the orange warning sign and unable to connect.
I double checked the GPO on a few machines also and they are getting everything and the updated max connections.
Coordinator
Dec 2, 2013 at 10:52 AM
Are you able to connect directly in Powershell by using the command ?:
Enter-PSSession <targethostname>
Dec 2, 2013 at 12:41 PM
No, i am unable to run that command. i get the following error. I did add "*" to the trusted hosts to see of that would work, but it made no difference. Is it possible that because our user authentication is on a different domain than our machines that its causing an issue? I tried using the FQDN as well but no difference.

Enter-PSSession : Connecting to remote server failed with the following error m
essage : WinRM cannot process the request. The following error occured while us
ing Kerberos authentication: The network path was not found.
Possible causes are:
-The user name or password specified are invalid.
-Kerberos is used when no authentication method and no user name are specifie
d.
-Kerberos accepts domain user names, but not local user names.
-The Service Principal Name (SPN) for the remote computer name and port does
not exist.
-The client and remote computers are in different domains and there is no tru
st between the two domains.
After checking for the above issues, try the following:
-Check the Event Viewer for events related to authentication.
-Change the authentication method; add the destination computer to the WinRM
TrustedHosts configuration setting or use HTTPS transport.
Note that computers in the TrustedHosts list might not be authenticated.
-For more information about WinRM configuration, run the following command:
winrm help config. For more information, see the about_Remote_Troubleshooting H
elp topic.
At line:1 char:16
  • Enter-PSSession <<<< lab13b-b5
    • CategoryInfo : InvalidArgument: (lab13b-b5:String) [Enter-PSSes
      sion], PSRemotingTransportException
    • FullyQualifiedErrorId : CreateRemoteRunspaceFailed
Dec 2, 2013 at 1:21 PM
Not sure if this will help. I was able to start a remote PS by adding my username to the command line, then it prompted me to log in. Once i did that I was able to start the session on the remote machines. It doesn't look like its passing the credentials from Domain A (usernames) to the machines Domain B (machines).

I can see the same thing happening on Client Center 2012. when i click the "powershell" i get the same error as above and it starts a powershell window on the localhost.

Is there a way to force the use of domain credentials?

Commands that worked:

PS> test-wsman computername

wsmid : http://schemas.dmtf.org/wbem/wsman/identity/1/wsmanidentity.x
              sd
ProtocolVersion : http://schemas.dmtf.org/wbem/wsman/1/wsman.xsd
ProductVendor : Microsoft Corporation
ProductVersion : OS: 0.0.0 SP: 0.0 Stack: 2.0

PS > Enter-PSSession -ComputerName - -Credential domain\username
[l
**-**]: PS C:\Users\username\Documents>