The WinRM client cannot process the request

Question

I try to run the command:

Invoke-Command 10.xx.3x.1xx -ScriptBlock {Get-ADDefaultDomainPasswordPolicy}

But got an error:

OpenError: [10.xx.3x.1xx] Connecting to remote server 10.xx.3x.1xx failed with the following error message : The WinRM client cannot process the request. Default authentication may be used with an IP address under the following conditions: the transport is HTTPS or the destination is in the TrustedHosts list, and explicit credentials are provided. Use winrm.cmd to configure TrustedHosts. Note that computers in the TrustedHosts list might not be authenticated. For more information on how to set TrustedHosts run the following command: winrm help config. For more information, see the about_Remote_Troubleshooting Help topic.

The hosts are in the domain and it working fine with another host in the domain.

I checked using Test-WsMan host_ip command from the remote machine where I try to run the command from and got:

wsmid : http://schemas.dmtf.org/wbem/wsman/identity/1/wsmanidentity.xsd ProtocolVersion : http://schemas.dmtf.org/wbem/wsman/1/wsman.xsd ProductVendor : Microsoft Corporation ProductVersion : OS: 0.0.0 SP: 0.0 Stack: 3.0

I also retriggered the Enable-PSRemotinge on the remote hosts (with no answer back after triggering) but got the above error.

Question

1. Most concern - How do I handle this?
2. Is it possible for when the host is not allowed to run PS remotely to enable it remotely and after the command is triggered successfully turn it to the original status

Thanks

Answer 1

To connect by IP address, add the machine to your TrustedHosts list.

Run PowerShell as Administrator and enter this:

Set-Item WSMan:\localhost\Client\TrustedHosts -Value 'TheRemoteHostsIpAddress' -Concatenate

Replace TheRemoteHostsIpAddress with the remote host's IP address.

To emphasize, this needs to be done on the client, not the server. I.e., add the server's remote IP address to the client's TrustedHosts.

---

Note to readers: The error message "The WinRM client cannot process the request" can show up for other reasons, too. My answer is for OP's scenario specifically.

Check the details included in the error message after the "cannot process the request" part. In OP's case, the message says that to remotely connect by IP address, you must either use HTTPS or have the host in the TrustedHosts list.

Connecting to remote server 10.xx.3x.1xx failed with the following error message : The WinRM client cannot process the request. Default authentication may be used with an IP address under the following conditions: the transport is HTTPS or the destination is in the TrustedHosts list, and explicit credentials are provided. Use winrm.cmd to configure TrustedHosts. Note that computers in the TrustedHosts list might not be authenticated. For more information on how to set TrustedHosts run the following command: winrm help config. For more information, see the about_Remote_Troubleshooting Help topic.