5
我一直在努力處理winrm和TrustedHosts,但無濟於事。經過一番試驗後,我發現winrm/config/client的這個字段限制爲1023個符號,這是不夠的,特別是如果通過他們的ipv6添加主機。 我從Installation and Configuration for Windows Remote Management引用:A trusted hosts list should be set up when mutual authentication cannot be established.使用winrm連接到遠程服務器而無需將服務器添加到TrustedHosts
而且在同一個文件中的文本說:Other computers in a workgroup or computers in a different domain should be added to this list.所以我認爲,這意味着,只要兩臺計算機都在同一個域中,我應該能夠訪問它們的一個從其他使用winrm。
我試圖兩臺計算機添加到測試域和執行:
winrm get winrm/config/client -r:192.168.100.1 -u:user -p:pass
從其中一個到另一個,但這種失敗,錯誤:
WSManFault
Message = The WinRM client cannot process the request. If the authentication
scheme is different from Kerberos, or if the client computer is not joined to a
domain, then HTTPS transport must be used or the destination machine must be ad
ded to the TrustedHosts configuration setting. Use winrm.cmd to configure Truste
dHosts. You can get more information about that by running the following command
: winrm help config.
Error number: -2144108316 0x803380E4
The WinRM client cannot process the request. If the authentication scheme is dif
ferent from Kerberos, or if the client computer is not joined to a domain, then
HTTPS transport must be used or the destination machine must be added to the Tru
stedHosts configuration setting. Use winrm.cmd to configure TrustedHosts. You ca
n get more information about that by running the following command: winrm help c
onfig.
增加192.168之後.100.1到TrustedHosts上面的查詢成功。所以我的問題是:是否可以在兩臺主機之間使用winrm而不修改TrustedHosts?將受信任的主機設置爲*不適合我。
對不起。這可能很有趣,但我無法在Web上的任何地方找到它,如果您使用ComputerName,則不需要向TrustedHosts添加任何內容。但我證實它的作品:) –