I (tobor), cover how to configure WinRM over HTTPS in an Windows environment using Group Policy on Windows Server 2019 domain environment consisting of a Domain Controller and a Certificate Authority.
0:00 Intro Summary
0:52 BTPS SecPack policy settings that will be covered
1:00 Create a group policy
1:21 Assign Group Policy to OU
1:30 Edit Group Policy settings
1:47 Security Filtering permissions on GPO policy
2:05 Delegation permission on GPO Policy
2:18 Policy Setting Services WinRM
3:00 Permissions required to start a service using “Log on as service”
3:41 Recovery Tab on Services
3:54 Policy Setting Create Registry Value
5:22 Policy Setting Network Connections for WMI (optional)
6:04 Policy Setting Allow inbound remote administration exception (optional)
6:24 Policy Setting Allow ICMP Exceptions (optional)
6:41 Policy Setting Credential Delegation
6:52 CredSSP Summary Example Windows Admin Center
7:23 Policy Setting Encryption Oracle Remediation
7:52 Policy Setting Allow Delegate Fresh Credentials
9:08 Policy Setting Allow Delegate Fresh Credentials using NTLM-only Server Authentication
9:30 Windows Components Remote Management
9:58 Policy Setting WinRM Client
12:30 Policy Setting Trusted Hosts
13:07 Policy Setting WinRM Service
13:21 Policy Setting Allow Remote Server Management with WinRM
15:17 Policy Setting Disallow WinRM from storing runas credentials
15:51 Turn on Compatibility HTTP/HTTPS Listener
16:35 Create WinRM SSL Certificate Template
17:02 Duplicate Web Server Cert Template
17:10 Compatability Tab
17:25: General Tab
17:40 Request Handling Tab
18:12 Cryptography Tab
18:27 Security Tab
19:09 Subject Name Tab
20:11 DC Replication to access new template quicker
20:41 Sites and Services
20:52 Force Replication
21:10 Local Computer Cert Manager
21:19 Request New Certificate for WinRM
21:51 Enumerate WinRM cert used with port 5986
22:07 Change Listener Certificate for WinRM
22:20 Delete current certificate associated with port 5986
22:45 Assign certificate to WinRM over HTTPS
24:00 Verify cert assigned to port
24:20 BTPS Secpack command reference
24:39 If incorrect CN name on cert is set, this happens
25:32 Loopback listener is not configured for WinRM service to attach to on my instance
26:00 Invoke-Command Example using WinRM over HTTPS
26:25 WinRM port 5985 is disabled in my instance
View my Verified Certifications!
https://www.youracclaim.com/users/roberthosborne/badges
Follow us on GitHub!
https://github.com/tobor88
https://github.com/OsbornePro
Read our blogs!
https://roberthosborne.com/
Give Respect on HackTheBox!
HackTheBox: https://www.hackthebox.eu/profile/52286
Like us on Facebook!
https://www.facebook.com/osborneprollc
View PS Gallery Modules!
https://www.powershellgallery.com/profiles/tobor
source
