Disable-WSManCredSSP - PowerShell


 

Disables Credential Security Service Provider (CredSSP) authentication on a client computer. (Disable-WSManCredSSP)

   

# NAME
Disable-WSManCredSSP

# SYNOPSIS
Disables Credential Security Service Provider (CredSSP) authentication on a client computer.

# SYNTAX
Disable-WSManCredSSP [-Role] <string> [<CommonParameters>]

# DESCRIPTION
The Disable-WSManCredSPP cmdlet disables CredSSP authentication on a client or on a server computer. When CredSSP authentication is used, the user's credentials are passed to a remote computer to be authenticated. This type of authentication is designed for commands that create a remote session from within another remote session. For example, you use this type of authentication if you want to run a background job on a remote computer.

The cmdlet is used to disable CredSSP on the client by specifying Client in the Role parameter. The cmdlet then performs the following:

- Disables CredSSP on the client. The WS-Management setting <localhost|computername>\Client\Auth\CredSSP is set to false.
- Removes any WSMan/* setting from the Windows CredSSP policy AllowFreshCredentials on the client.

The cmdlet is used to disable CredSSP on the server by specifying Server in the Role parameter. The cmdlet then performs the following:

- Disables CredSSP on the server. The WS-Management setting <localhost|computername>\Service\Auth\CredSSP is set to false.

Caution: CredSSP authentication delegates the user's credentials from the local computer to a remote computer. This practice increases the security risk of the remote operation. If the remote computer is compromised, when credentials are passed to it, the credentials can be used to control the network session.

To disable CredSSP authentication, use the Disable-WSManCredSSP cmdlet.

# PARAMETERS
-Role <string>
Accepts one of two possible values: Client or Server. These values specify whether CredSSP should be disabled as a client or as a server.

If the cmdlet is used to disable CredSSP on the client by specifying Client in the Role parameter, then the cmdlet performs the following:

- Disables CredSSP on the client. The WS-Management setting <localhost|computername>\Client\Auth\CredSSP is set to false.
- Removes any WSMan/* setting from the Windows CredSSP policy AllowFreshCredentials on the client.

If the cmdlet is used to disable CredSSP on the server by specifying Server in the Role parameter, the cmdlet performs the following:

- Disables CredSSP on the server. The WS-Management setting <localhost|computername>\Service\Auth\CredSSP is set to false.

Required? true
Position? 1
Default value
Accept pipeline input? false
Accept wildcard characters? false

<CommonParameters>
This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, WarningAction, WarningVariable,
OutBuffer and OutVariable. For more information, type,
"get-help about_commonparameters".

# INPUTS
None
This cmdlet does not accept any input.

# OUTPUTS
None
This cmdlet does not generate any output.

# NOTES

To enable CredSSP authentication, use the Enable-WSManCredSSP cmdlet.

# EXAMPLE 1

C:\PS>Disable-WSManCredSSP -Role Client

# Description
-----------
This command disables CredSSP on the client, which prevents delegation to servers.

# EXAMPLE 2

C:\PS>Disable-WSManCredSSP -Role Server

# Description
-----------
This command disables CredSSP on the server, which prevents delegation from clients.

RELATED LINKS
Online version: http://go.microsoft.com/fwlink/?LinkId=141438
Connect-WSMan
Disconnect-WSMan
Enable-WSManCredSSP
Get-WSManCredSSP
Get-WSManInstance
Invoke-WSManAction
New-WSManInstance
New-WSManSessionOption
Remove-WSManInstance
Set-WSManInstance
Set-WSManQuickConfig
Test-WSMan

C:\Windows>powershell get-help Enable-WSManCredSSP -full

ColorConsole [Version 1.7.1000] PowerShell 2.0-Export
Microsoft Windows [Version 6.1.7600]
Copyright (c) 2014 Microsoft Corporation.

OS: Windows 10, 8.1, 8, 7, Vista / Windows Server 2016, 2012, 2008
»»»» ColorConsole








Windows-10





Windows-10

... facebook.de
... Windows-10 FAQ
... Windows-10 Info


Become a Sponsor
... Your button here?





PowerShell: Disables Credential Security Service Provider (CredSSP) authentication on a client computer.

HTTP: ... PS_Windows/en/Disable-WSManCredSSP.htm
0.249
17357

Wie kann man in Windows 8.1 einen Neustart mit Wiederherstellungs-Optionen einleiten?

 /

Wie funktioniert das Wiederbeleben von Pixeln mit Is-My-LCD-OK?

 /

Create A Share via Shared Folder Wizard in Windows 10!

 /

Gruppierung der Tastenkürzel Befehle fürs schnelle Einfügen von Texten!

 /

Wo ist der Autostart-Ordner in Windows 8.1, bzw. 8?

 /

Change Desktop Wallpaper in Windows 10, how to?

 /

Where can I find the file version history in Windows 8.1 / 10 (backup, security)!

 /

Core-X architecture?

 /

Put the picture in the first position of the PDF, very easy!

 /

How do I start the cmd.exe?

 /

Modify the size of the icons in the task bar of Windows 8.1 and 10!

 /

How to create admin CMD on the Windows 8.1 and 10 desktop?

 /