i'm using Project Honolulu in a Scenario with Non-Domain Joined Windows Server 2016 Servers.
Honolulu 1802 is installed on a non-Domain joined Windows Server 2016 as a Service. LocalAccountTokenFilterPolicy is set to "0" (Honolulu Server Gateway/Managed Systems).
I'm using Server Certificates provided from my own PKI (using already for Remote-Powershell), so no Manual TrustedHosts List is needed to set. PowerShell-Remoting is working fine for my Servers.
Actually it is only possible to Login to Honolulu Website (Chrome) as local Administrator Built-In Account (RID 500, renamed). If i try to manage a W2K16 Machine by also using the Built-In Admin (Managing as in Honolulu, because Password is not identical) the following error occurs:
The WinRM client cannot process the request. If the authentication scheme is different from Kerberos, or if the client computer is not joined to a domain, then HTTPS transport must be used or the destination machine must be added to the TrustedHosts configuration setting. Use winrm.cmd to configure TrustedHosts. Note that computers in the TrustedHosts list might not be authenticated. You can get more information about that by running the following command: winrm help config.
PowerShell-Remoting from Honolulu Management System to mentioned W2K16 Server is working fine. LocalAccountTokenFilterPolicy should not be a Problem because I'm using actually the RID 500 Account.