Forum Discussion

Brass Contributor

Dec 01, 2021

Solved

How do I PowerShell Remote from an AAD machine to an AD machine?

Hello, I have an Azure-AD-joined machine, from which I want to do PowerShell Remoting (WinRM) to domain-joined servers. When I try Enter-PSSession myserver (whether I use -Credential with my doma...

powershell

Windows Server

Marc_Laf
Jan 05, 2022
Roger Seekell
After posting my reply I did manage to figure it out. Do the following from an Administrative PS window.
On the machine you are running Enter-PSSession on (Client), first ensure WinRM is running (and setting it to Automatic for ease of use)
Set-Service -Name WinRM -Status Running -StartupType Automatic
Add either all (*) or just the servers you want to connect to into the TrustedHosts list
Set-Item -Path WSMan:\localhost\Client\TrustedHosts -Value 'server1'
or -Value *
To append to the list in the future use -Concatenate at the end of the command. You can also specify multiple servers in the command by using 'server1,server2,server3'
Now you should be able to remote to these servers from an Azure Joined server.
One additional note, you may have to specify credentials in the DOMAIN\Username format in the Enter-PSSession command with the -Credential parameter:
Enter-PSSession server1 -Credential (Get-Credential)

Marc_Laf

Iron Contributor

Jan 05, 2022

Roger Seekell Did you ever figure this out? I was hopeful to finally find a thread with this question but sad to see there were no replies.

Roger Seekell
Brass Contributor
Jan 05, 2022
Thanks for your reply. No, I have not been able to figure it out.
- Marc_Laf
  Iron Contributor
  Jan 05, 2022
  Roger Seekell
  After posting my reply I did manage to figure it out. Do the following from an Administrative PS window.
  On the machine you are running Enter-PSSession on (Client), first ensure WinRM is running (and setting it to Automatic for ease of use)
  Set-Service -Name WinRM -Status Running -StartupType Automatic
  Add either all (*) or just the servers you want to connect to into the TrustedHosts list
  Set-Item -Path WSMan:\localhost\Client\TrustedHosts -Value 'server1'
  or -Value *
  To append to the list in the future use -Concatenate at the end of the command. You can also specify multiple servers in the command by using 'server1,server2,server3'
  Now you should be able to remote to these servers from an Azure Joined server.
  One additional note, you may have to specify credentials in the DOMAIN\Username format in the Enter-PSSession command with the -Credential parameter:
  Enter-PSSession server1 -Credential (Get-Credential)
  - Roger Seekell
    Brass Contributor
    Jan 20, 2022
    Sorry for my delay, but your solution has worked for me! Thanks so much! I didn't realize that the initiating computer needed to have WinRM service enabled and have the target machines in its TrustedHosts list. Thanks again!