enable credssp via powershell on windows server 2008 r2


Posted on 3rd June 2013 by Mike in Windows 2008 R2

, , , ,

Enable CredSSP is needed when you’re doing a double hop. The example below shows what we’re talking about:

[———-1st hop———] [——————-2nd hop——————————]
Script Executes on Server 1 >>> Script Connects to Server 2 and downloads file from Server 3

On machine that will make 1st hop

1st – Enable group policy:
Computer Configuration -> Administrative Templates -> System -> Credentials Delegation -> Allow Delegating Fresh Credentials
-Show list of servers
-Add “wsman/*.domain.com” or “wsman/servername.domain.com” where servername is the name of the machine that makes the first hop
(your allowing the 1st machine to pass cred SSP to *.domain.com machines or to a specific host/server on domain.com)

2nd – Enable WSManCredSSP via Powershell
Enable-WSManCredSSP -Role Client -DelegateComputer *.domain.com -Force

May be necessary but wasnt in our case:
Set-ItemProperty HKLM:\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults\AllowFreshCredentialsDomain -Name WSMan -Value “WSMAN/*.domain.com”

On machine that will make 2nd hop:

Enable WSManCredSSP Via powershell
Enable-WSManCredSSP -Role Server –Force;logoff

Corrupted NTOSKRNL.exe after Auto-update SP1 on Vista Basic


Posted on 15th March 2009 by Mike in Atlanta Computer Repair

, , , ,

This one is a pain in the butt… I’ve run into it twice on one laptop. The scenario is as follows… user leaves laptop on over night… user comes in the next day to find their computer FUBAR. Yep, looks like the dreaded Vista Basic SP1 auto-update got ya again Bob!

Well, I’ve never had any luck searching for posts on this issue and fixing the problem. I’ve replaced ntoskrnl.exe with one from the cd and I still get the message (It’s actually not corrupt, though vista tells you it is). I’ve replaced all the files updated by SP1 and got startup repair to tell me, “The OS booted successfully”, though it never will load vista… just startup repair again and again. Every time I see this one I just clone/ghost the drive, wipe it clean and reinstall. Apparently if you download SP1 manually and install it, you wont run into this issue. I’m not sure if that is the case though as I’ve done that and the user still brings the computer to me months later with the same problem.

We’re open to any suggestions on this one. Right now our action plan includes upgrading users to Ultimate or Premium to avoid this as the problem seems to only plague Basic users.