标签:dom sts different win password request got ann com
客户问题概括:WSManFault
Message = WinRM cannot process the request. The following error occured while using Negotiate authentication: An unknown security error occurred.
Possible causes are:
-The user name or password specified are invalid.
-Kerberos is used when no authentication method and no user name are specified.
-Kerberos accepts domain user names, but not local user names.
-The Service Principal Name (SPN) for the remote computer name and port does not exist.
-The client and remote computers are in different domains and there is no trust between the two domains.
After checking for the above issues, try the following:
-Check the Event Viewer for events related to authentication.
-Change the authentication method; add the destination computer to the WinRM TrustedHosts configuration setting or use
HTTPS transport.
Note that computers in the TrustedHosts list might not be authenticated.
-For more information about WinRM configuration, run the following command: winrm help config.
解决方法:
排查安全日志发现此服务器SPN注册有问题,重新注册spn后即可, 注册spn工具为setspn.exe
举例:
setspn -l HTTP/Servername 确认SPN
setspn -q HTTP/Servername.fqdn
发现重复SPN
setspn -x删除重复spn
CS2: Server 2003 enter-pssession 连接到另外一台服务器报错
标签:dom sts different win password request got ann com
原文地址:http://blog.51cto.com/13133729/2063421
