Discovery issue - Can't connect to target host via WinRM service, and this MID server is set to connect via WinRM only

Derek C
Tera Guru

‎01-25-2021 01:53 PM

Hello,

I am having issues connecting to certain window servers via Discovery. For the record we are using JEA and not a domain account with full admin rights.

Every time I run a quick discovery we get the error "Can't connect to target host via WinRM service, and this MID server is set to connect via WinRM only". There doesn't seem to be a lot of helpful data online, has anyone seen this issue? Does anyone have any suggestions on how to troubleshoot it?

Thanks!

Labels:
0 Helpfuls
  • 1,921 Views
6 REPLIES 6

Vivektietsood
Tera Guru
Tera Guru

‎01-25-2021 02:55 PM

Please check if the ports 5985 and 5986 are open from mid to the target windows boxes you are trying to scan.

you can try opening command line from mid and do a port query from mid to target windows to find out. 

Also check if you can open a Remote Desktop connection using the credentials you have from mid to windows boxes. 

If any of the above fail you would know where is the problem

Please mark helpful or accept solution so that it helps others with a similar question

Derek C
Tera Guru
In response to Vivektietsood

‎01-25-2021 03:38 PM

Thanks Vivektiesood,

I used portqry and discovered that 5985 is LISTENING while 5986 is FILTERED. That is opposite from devices that I can discover successfully, 5985 is FILTERED and 5986 is LISTENING. I wonder if there is something going on there. I unfortunately don't think I can test RDP as the account is set to use JEA and not standard windows credentials. I don't think it will have the rights to actually log on, might be worth a shot though.

0 Helpfuls

Vivektietsood
Tera Guru
Tera Guru
In response to Derek C

‎01-25-2021 03:58 PM

yeah please check with your system admins to be sure that the id you are using can RDP to the target boxes. 

I would also suggest getting the ports opened 5985 and trying - maybe to at least one box that is not successful.

Please mark helpful or accept solution so that it helps others with a similar question

Ashutosh Munot1
Kilo Patron
Kilo Patron
In response to Vivektietsood

‎01-26-2021 01:37 PM

+1 to Vivek. We need both this port to be open for successful discovery.


Thanks,
Ashutosh

0 Helpfuls