This discussion has been locked. The information referenced herein may be inaccurate due to age, software updates, or external references.
You can no longer post new replies to this discussion. If you have a similar question you can start a new discussion in this forum.

PowerShell Remoting by FQDN instead of IP

I'm trying to use the  Windows PowerShell Monitor component (actually as part of the "SolarWinds Web Performance Monitor (WPM) Player" template) in the Remote Host Execution Mode.  The component attempts to connect using an IP instead of an FQDN, so this error is generated:

PowerShell script error. Connecting to remote server 172.10.10.31 failed with the following error message : The WinRM client cannot process the request. Default authentication may be used with an IP address under the following conditions: the transport is HTTPS or the destination is in the TrustedHosts list, and explicit credentials are provided. Use winrm.cmd to configure TrustedHosts. Note that computers in the TrustedHosts list might not be authenticated. For more information on how to set TrustedHosts run the following command: winrm help config. For more information, see the about_Remote_Troubleshooting Help topic.

If I specify HTTPS instead, then this error is returned:

PowerShell script error. Connecting to remote server 172.10.10.31 failed with the following error message : The server certificate on the destination computer (172.10.10.31:5986) has the following errors: The SSL certificate contains a common name (CN) that does not match the hostname.

Is there some tricky way to tell the component monitor to access via some Fully Qualified Domain Name instead, or is this a feature request that needs to be made?  I realize that could go about modifying the TrustedHosts setting on all of my different pollers, but we'd prefer the ability to not to and to be able to use HTTPS as it's available for all of our connections.

  • Either a common shared certificate for both hosts must be used to utilize HTTPS (the prefered method) or you can add the Orion server to the list of trusted hosts on the remote computer.

    HTTPS Method

    Tustedhost method:

    CONFIGURING WINDOWS REMOTE MANAGEMENT (WINRM)

    Take the following steps to properly configure Windows Remote Management:

    1.     If not already done so, install PowerShell 2.0 and WinRM on the APM and target servers. Powershell 2.0 can be found here: http://support.microsoft.com/kb/968930.

    2.     On the Orion APM server, open a command prompt as an Administrator. To do this, perform the following step:

         ·         Go to the Start menu and right-click cmd.exe and then select Run as Administrator.

    3.     Enter the following in the command prompt:

           winrm quickconfig

           winrm set winrm/config/client @{TrustedHosts="*"}

    4.     On the target server, open a command prompt as an Administrator and enter the following:

           winrm quickconfig

           winrm set winrm/config/client @{TrustedHosts="IP_ADDRESS"}

  • Right, but if I could just specify a host name instead of an IP address, then I could completely avoid this nonsense.

  • Hello,

    We are having the same issue.

    We use Remote PS over HTTPS with SSL certificates matching the hostname for the CN.

    Same question applies: Is there any way to connect using the FQDN instead of the IP address?

    Regards.

  • FormerMember
    0 FormerMember

    I need a solution as well. We must use SSL for security compliance

  • Simple solution:  use powershell's functions directly like this:

    Invoke-Command -ComputerName ${Node.DNS} -ArgumentList $args[0], $args[1] -ScriptBlock {
    .
    .
    .
    }  -Credential '${CREDENTIAL}'

    Alternatively (I have not tried this) it is possible changing the Node to dynamic IP would force use of the FQDN out of the box - since IP would no longer make sense.