Forum Discussion
Access Denied Error When Using Enter-PSSession in Workgroup/Entra Joined Env
Hello everyone,
I'm currently facing an issue with establishing an Enter-PSSession connection between two computers in my setup. Here are the details:
- Computer1: Hybrid Entra Joined, hostname: Computer1
- Computer2: Workplace/Entra Joined, hostname: Computer2
I would like to connect from Computer1 to Computer2 using Enter-PSSession. My account is a Hybrid Account and part of the Local Admin Group on Computer2. Both computers are connected with the same Entra ID.
The firewall on Computer2 has an open port (HTTP Port 8085). Although the computers are not in the same subnet, the network layer seems to be functioning correctly.
I have made the following registry entries on Computer1:
Registry-Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Client trusted_hosts "*"
Registry-Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Client spn_prefix "HOST"
To establish a connection, I use the following string:
$aadusername1 = Get-Credential -UserName "AzureAD\username1 @domain.ch" -Message "AzureAD\email address removed for privacy reasons" Enter-PSSession -ComputerName XX.XX.XXX.55 -Port 5985 -Credential $aadusername1 -Authentication Negotiate
Unfortunately, I am unable to connect to Computer2. I receive the following error message:
Connecting to remote server XX.XX.XXX.55 failed with the following error message: Access is denied. For more information, please refer to the about_Remote_Troubleshooting Help topic.
In the Event Log of Computer2 i see following Event Log entry:
Event ID: 4625 Antragsteller: Sicherheits-ID: NULL SID Kontoname: - Kontodomäne: - Anmelde-ID: 0x0 Anmeldetyp: 3 Konto, für das die Anmeldung fehlgeschlagen ist: Sicherheits-ID: NULL SID Kontoname: email address removed for privacy reasons Kontodomäne: AzureAD Fehlerinformationen: Fehlerursache: Unbekannter Benutzername oder ungültiges Kennwort. Status: 0xC000006D Unterstatus:: 0xC0000064 Prozessinformationen: Aufrufprozess-ID: 0x0 Aufrufprozessname: - Netzwerkinformationen: Arbeitsstationsname: Computer1 Quellnetzwerkadresse: YY.YY.YYY.11 Quellport: 55343 Detaillierte Authentifizierungsinformationen: Anmeldeprozess: NtLmSsp Authentifizierungspaket: NTLM Übertragene Dienste: - Paketname (nur NTLM): - Schlüssellänge: 0
We encountered an issue where establishing a connection using Basic Authentication is not possible. However, when connecting from Computer2 to Computer2 using the described connection, the connection can be successfully established. The Event Log shows the following security protocols:
- Anmeldeprozess: Pku2uSsp
- Authentifizierungspaket: NegoExtender
If anyone has any insights or suggestions on how to solve this problem and enable a successful connection with the desired security protocols, your input would be greatly appreciated. Thank you!