Steps:
• In Windows Vista and later versions, User Account Control (UAC) affects access to the WinRM service. When the negotiate authentication scheme is used in a workgroup only, the built-in Administrator account can access the service.
To allow all accounts in the Administrators group to access the service, set the value of the following registry key to one ‘1’:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\system\LocalAccountTokenFilterPolicy
• By default, Windows does not allow Java to access certain required session keys when Java attempts to authenticate with Kerberos. The following registry keys should be added to ensure that the required sessions keys are available. The Agent Manager attempts to detect and update these registry keys automatically the first time a WinRM connection is attempted.
Windows 2003, Windows Vista, and later:
• Key: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\Kerberos\Parameters
• Value Name: allowtgtsessionkey
• Value Type: REG_DWORD
• Value: 0x01
Windows XP and Windows 2000:
• Key: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\Kerberos
• Value Name: allowtgtsessionkey
• Value Type: REG_DWORD
• Value: 0x01
© ALL RIGHTS RESERVED. Feedback Terms of Use Privacy Cookie Preference Center