Hello,

I would like to know if there is a way, without changing Exchange default security configuration, to open a remote powershell from a computer not joined in the Exchange domain but in the local network. By default, Exchange seems to only allow Kerberos as the authentication mechanism.

I'm really not a specialist in Kerberos, I've looked ont other forums, but it seems it is possible to authenticate with Kerberos if some config is done on the DC like a setspn and a keytab file.

Does anyone has already been confronted to the same issue ?

Thanks

• Moved by Jason Johnston [MSFT]Microsoft employee Friday, May 01, 2015 1:00 PM Not a development question.

Hi Luc,

I recommend you refer to the following article, it may give you some hints:

Enable and Use Remote Commands in Windows PowerShell

In many cases, you will be able to work with remote computers in other domains. However, if the remote computer is not in a trusted domain, the remote computer might not be able to authenticate your credentials. To enable authentication, you need to add the remote computer to the list of trusted hosts for the local computer in WinRM. To do so, type:

winrm s winrm/config/client '@{TrustedHosts="RemoteComputer"}'

Here, RemoteComputer should be the name of the remote computer, such as:

winrm s winrm/config/client '@{TrustedHosts="CorpServer56"}'

When you are working with computers in workgroups or homegroups, you must either use HTTPS as the transport or add the remote machine to the TrustedHosts configuration settings. If you cannot connect to a remote host, verify that the service on the remote host is running and is accepting requests by running the following command on the remote host:

winrm quickconfig

This command analyzes and configures the WinRM service.

Best re