Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
In SCOM 2007 R2, if you have the Exchange 2010 Management pack, you may see alerts with the following description:
"Logon to the virtual directory 'PowerShell (Default Web Site)' failed with the following error: 'Connecting to remote server failed with the following error message : The WinRM client cannot process the request. The WinRM client tried to use Negotiate authentication mechanism, but the destination computer (<servername>:80) returned an 'access denied' error. "
The error is caused by an entry made in the WinRM client configuration. Specifically, the TrustedHosts is set to "*".
You can see this in a command prompt by typing winrm get winrm/config/client. The TrustedHosts will show:
TrustedHosts = *
To resolve the issue, set TrustedHosts to a null:
winrm set winrm/config/client '@{TrustedHosts=""}'
Restart the service "WinRm"
At this point, the Test-PowerShellConnectivity cmdlet should work fine.
You can modify a list of computers at once, using PowerShell:
| 001 002 003 004 005 006 007 |
foreach ($Computer in Get-Content C:\scripts\Servers.txt){ Invoke-Command -ComputerName $Computer -ScriptBlock {Set-Item -LiteralPath "wsman:localhost\client\TrustedHosts" -Value "" -Force} (Get-WmiObject -ComputerName $Computer -Class Win32_Service -Filter "Name = 'WinRm'").StopService() | Out-Null do{ }while((Get-WmiObject -ComputerName $Computer -Class Win32_Service -Filter "Name = 'WinRm'").State -ne "Stopped") (Get-WmiObject -ComputerName $Computer -Class Win32_Service -Filter "Name = 'WinRm'").StartService() | Out-Null } |