Enable-WSManCredSSP

Enable Credential Security Service Provider (CredSSP) authentication on a client computer.

Syntax
      Enable-WSManCredSSP [-Role] string
         [[-DelegateComputer] string] [CommonParameters]

Key
   -Role { Client | Server }
      Whether CredSSP should be enabled as a client or as a server.

      If CredSSP is enabled on the client, the WS-Management setting:
      <localhost|computername>\Client\Auth\CredSSP is set to True.
      Also removes any WSMan/* setting from the CredSSP policy AllowFreshCredentials on the client.

      If CredSSP is enabled on the server, the WS-Management setting:
      <localhost|computername>\Service\Auth\CredSSP is set to True.

   -DelegateComputer string
      Allow the client credentials to be delegated to the server(s) specified.
      The value of string should be a fully qualified domain name.

      If -Role specifies a Client, then -DelegateComputer is mandatory.
      If -Role specifies a Server, then -DelegateComputer is not allowed.

When CredSSP authentication is used, the user's credentials are passed to a remote computer to be authenticated. This type of authentication is designed for commands that create a remote session from within another remote session. For example, running a background job on a remote computer.

Examples

Allow the client credentials to be delegated to the server02 computer:

PS C:> enable-wsmancredssp -role client -delegatecomputer server02.ss64.com

Allow the client credentials to be delegated to all the computers in the SS64.com domain:

PS C:> enable-wsmancredssp -role client -delegatecomputer *.ss64.com

Allow a computer to act as a delegate for another:

PS C:> enable-wsmancredssp -role server

“A foolish man proclaimeth his qualifications; a wise man keepeth them secret within himself” ~ Saskya Pandita

Related PowerShell Cmdlets:

Connect-WSMan - Connect to the WinRM service on a remote computer.
Disable-WSManCredSSP - Disable Credential Security Service Provider authentication.


 
Copyright © 1999-2021 SS64.com
Some rights reserved