pythonwindowspowershellkerberoswinrm

PyWinRm credentials getting rejected from doing windows to windows connection


I am using PyWinRm on my windows machine to connect to a remote host using Kerberos. In our environment we use pywinrm on our linux machines to run PowerShell commands all the time using Kerberos. The issue im running into is when i try to run a simple command like: "echo test" it gives me an error of "the specified credentials were rejected by the server". I have winrm configured to support remote PowerShell and have gotten it to work with ntlm but not Kerberos.

Kerberos = true
Negotiate = true
certificate = true
cbthardeninglevel = Relaxed

import winrm
S = winrm.Session("ComputerName", auth=("UserName", None), 
transport="kerberos")
r = s.run_ps('ipconfig')
print(r.std_out)

i tried changing the host name to http://ComputerName:5985/wsman but i still get the error of credentials were rejected. i have winkerberos installed but i dont know how or if i need to implement it here. i added kerberos_delegation=True to the session command and still get a credential error. Kerberos does work on my machine because i used anther library called ms_active_directory that uses Kerberos and it works.


Solution

  • after running winrm enumerate winrm/config/listener i only had a listener for http running. seeing that the config basic = True is unsecure i create a new listener with the command: winrm quickconfig -transport:https once this was completed kerberos was able to communicate after changing the host name to: https://ComputerName:5986/wsman