Return
-
Title
What are the configuration settings to monitor a machine from a "WORKGROUP" out of the domain? -
Description
Recommended protocol to monitor a"WORKGROUP" machine out of the domain?Recommended settings?Correct password structure? -
Resolution
If a local administrator account is used for the remote machine then either WinRM (using BASIC authentication) or WMI can be used.
For administrator accounts local to the target machine, the domain value should be blank, and the user name should not contain any domain or computer name value, just the username. If the user credential is a local administrator then the credential should be setup as follows:
Domain:User: foglight.testPassword: ***********where domain is blank.
If WinRM with BASIC authentication is desired, follow the steps outlined in the documentation. There is also information there about HTTPS and the use of certificates.
If WMI is desired, then the target machine needs to be setup accordingly,
Regarding the following image:
"Certificate = true" is NOT needed for https. Usually either Basic or Negotiate needs to be true depending on the type of authentication you expect to use. Generally when one is used, the other one can be disabled to prevent useless attempts.
A domain account is needed for WinRM with Negotiate Authentication, and not WinRM on a whole. WinRM with Basic authentication will use a local account.
Negotiate is only attempted first if it is enabled, but if it is disabled and Basic authentication is enabled, then only Basic will be used.
RESOLUTION:Setting Negotiate=false on the target resolved the issue. Working WinRM settings for the "WORKGROUP"