E
E S S
Hello Technet,
I am testing WEF from a Win10 VM to a Windows Server 2016 Collector. They are in DIFFERENT Domains and VLANs, but there are no firewall issues.
My set up is as follows:
FORWARDING ENDPOINT (non-domain): Win 10 VM
EVENT COLLECTOR: Windows Server 2016
I am getting the following error whenever I run the command:
winrm g winrm/config -r:https://<FQDN of the Collector>:5986 -a:certificate -certificate:"thumbprint of client auth cert"
WSManFault
Message = The WinRM client cannot process the request. The destination computer (<FQDN>:5986) returned an 'access denied' error. Specify one of the authentication mechanisms supported by the server. If Kerberos mechanism is used, verify that the client computer and the destination computer are joined to a domain. Possible authentication mechanisms reported by server: Negotiate Kerberos ClientCerts
Error number: -2147024891 0x80070005
Access is denied.
Both systems have WinRM running. I am certain the client thumbprint is trying to authenticate and being denied. I have mapped the local user on the collector to the same issuing certificate for the client auth thumbprint. So I am certain the Collector is testing the thumbprint to the mapping and giving back an "Access Denied" even though I've moved all the necessary certs. In addition, I have added this local user to the Administrators account on the collector.
I have moved all necessary certs to the Third Party, Root, Intermediate, and Trusted People stores on both machines. The Endpoint is a NON-DOMAIN computer attempting to authenticate via certificate to the Collector. For whatever reason though, the Collector is not recognizing the client thumbprint and giving an "Access Denied" error.
There are no firewall/port issues, as I can Telnet to 5986 from the Endpoint to the Collector and vice versa. The cert mappings are created, and the WinRM is running on both systems.
I feel like I have tried everything, and still, no luck. I am at a loss and am hoping there is someone on these forums who can assist or provide a breadcrumb that I have not tried yet. I would be glad to provide further information.
Thank you all for your help.
Continue reading...
I am testing WEF from a Win10 VM to a Windows Server 2016 Collector. They are in DIFFERENT Domains and VLANs, but there are no firewall issues.
My set up is as follows:
FORWARDING ENDPOINT (non-domain): Win 10 VM
EVENT COLLECTOR: Windows Server 2016
I am getting the following error whenever I run the command:
winrm g winrm/config -r:https://<FQDN of the Collector>:5986 -a:certificate -certificate:"thumbprint of client auth cert"
WSManFault
Message = The WinRM client cannot process the request. The destination computer (<FQDN>:5986) returned an 'access denied' error. Specify one of the authentication mechanisms supported by the server. If Kerberos mechanism is used, verify that the client computer and the destination computer are joined to a domain. Possible authentication mechanisms reported by server: Negotiate Kerberos ClientCerts
Error number: -2147024891 0x80070005
Access is denied.
Both systems have WinRM running. I am certain the client thumbprint is trying to authenticate and being denied. I have mapped the local user on the collector to the same issuing certificate for the client auth thumbprint. So I am certain the Collector is testing the thumbprint to the mapping and giving back an "Access Denied" even though I've moved all the necessary certs. In addition, I have added this local user to the Administrators account on the collector.
I have moved all necessary certs to the Third Party, Root, Intermediate, and Trusted People stores on both machines. The Endpoint is a NON-DOMAIN computer attempting to authenticate via certificate to the Collector. For whatever reason though, the Collector is not recognizing the client thumbprint and giving an "Access Denied" error.
There are no firewall/port issues, as I can Telnet to 5986 from the Endpoint to the Collector and vice versa. The cert mappings are created, and the WinRM is running on both systems.
I feel like I have tried everything, and still, no luck. I am at a loss and am hoping there is someone on these forums who can assist or provide a breadcrumb that I have not tried yet. I would be glad to provide further information.
Thank you all for your help.
Continue reading...