Score:1

New-CimSession from outside domain

ru flag
jdm

How can I initiate a new CIM session to a Windows server in my domain, from a PC that is not in the domain? I know this works, because I did it recently from the same computer, but I always forget the magic incantation. My PowerShell history contains something like the following, which doesn't work:

$creds = Get-Credential
$sop = New-CimSessionOption -UseSsl
$session = New-CimSession -CN "ft-ads-01" -Credential $creds -Authentication NtlmDomain
# or
$session = New-CimSession -CN "ft-ads-01" -Credential $creds -SessionOption $sop

Remoting is enabled on the server. I can use my domain credentials to access shares, and run PsExec. How do I make CIM/WMI (and possibly mmc snap ins) work, with changing as little configuration as possible?

Especially I'm not sure which transport to use. For wsman with SSL I would need to set up SSL on the server I think. Kerberos should work just going by the protocol, but I think Windows' tools refuse to make a connection when there is no "trust relationship" (in the Unix world, I would sometimes authenticate against an external KDC). I also couldn't get any of the other options to work.

Daniel avatar
in flag
What's the error preventing you from connecting?
mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.