今天刚开了个新的AD,兴高采烈地把设备都加了域,结果WinRM不工作。报错如下:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 |
PS C:\Windows\system32> enter-pssession server02 enter-pssession : Connecting to remote server server02 failed with the following error message : WinRM cannot process the request. The following error with errorcode 0x80090324 occurred while using Kerberos authentication: There is a time and/or date difference between the client and server. Possible causes are: -The user name or password specified are invalid. -Kerberos is used when no authentication method and no user name are specified. -Kerberos accepts domain user names, but not local user names. -The Service Principal Name (SPN) for the remote computer name and port does not exist. -The client and remote computers are in different domains and there is no trust between the two domains. After checking for the above issues, try the following: -Check the Event Viewer for events related to authentication. -Change the authentication method; add the destination computer to the WinRM TrustedHosts configuration setting or use HTTPS transport. Note that computers in the TrustedHosts list might not be authenticated. -For more information about WinRM configuration, run the following command: winrm help config. For more information, see the about_Remote_Troubleshooting Help topic. At line:1 char:1 + enter-pssession server02 + ~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : InvalidArgument: (server02:String) [Enter-PSSession], PSRemotingTransportException + FullyQualifiedErrorId : CreateRemoteRunspaceFailed |
对于一个新的域,这种情况大概率是两台设备的时钟不同步了。
