Disable-WSManCredSSP

Disable Credential Security Service Provider (CredSSP) authentication on a client computer.

Syntax
      Disable-WSManCredSSP [-Role] string [CommonParameters]

Key
   -Role { Client | Server }
Whether CredSSP should be disabled as a client or as a server.

If CredSSP is disabled on the client, the WS-Management setting: <localhost|computername>\Client\Auth\CredSSP is set to false.
Also removes any WSMan/* setting from the CredSSP policy AllowFreshCredentials on the client.

If CredSSP is disabled on the server, the WS-Management setting: <localhost|computername>\Service\Auth\CredSSP is set to false. CommonParameters: -Verbose, -Debug, -ErrorAction, -ErrorVariable, -WarningAction, -WarningVariable, -OutBuffer -OutVariable.

When CredSSP authentication is used, the user's credentials are passed to a remote computer to be authenticated. This type of authentication is designed for commands that create a remote session from within another remote session. For example, running a background job on a remote computer.

Examples

Disable CredSSP on the client, which prevents delegation to servers:

PS C:> Disable-WSManCredSSP -Role Client

Disable CredSSP on the server, which prevents delegation from clients:

PS C:> Disable-WSManCredSSP -Role Server

“It [the Cheshire Cat] vanished quite slowly, beginning with the end of the tail, and ending with the grin, which remained some time after the rest of it had gone” ~ Lewis Carroll

Related:

Enable-WSManCredSSP - Enable Credential Security Service Provider authentication


© Copyright SS64.com 1999-2014
Some rights reserved