Welcome, Guest Login

Rundeck Enterprise Support Center

Enable CredSSP Authentication Windows

Last Updated: Aug 01, 2016 02:52PM PDT
Enable CREPSSP Authentication On Windows Domain

I. On Rundeck Server

I.1 Enable CredSSP

Open a powershell windows and run:

Enable-WSManCredSSP -Role "Client" -DelegateComputer "*.something.com"
(where “something.com” is the DNS domain of the target computer)


Enable-WSManCredSSP -Role "Client" -DelegateComputer "*"

I.2. Allow Delegating Fresh Credentials

  1. Click Start, type mmc and then click OK.
  2. Click File and then click Add/Remove Snap-in.
  3. Click Group Policy Object and then click Add.
  4. Select Local Computer and then click Finish.
  5. Go to Computer Policy\Administrative Templates\System\Credentials Delegation\Allow Delegating Fresh Credentials → Set to enabled and add WSMAN/* to list of computers and check the box for Concatenate OS defaults with input above.

I.3. Enable CredSSP authentication on Winrm Client

Open a CMD Prompt as an Administrator user and execute:

winrm set winrm/config/client/auth @{CredSSP="true"}
*you need to have winrm service configured and running

II. On the remote node

II.1. Enable CredSSP

Open a powershell windows and run:

Enable-WSManCredSSP -Role "Server"

II.2 Make sure that you enable the CredSSP on WinRM Service settings

To get the WinRm Service config
winrm get winrm/config/service

To enable the CredSSP
winrm set winrm/config/service/auth @{CredSSP="true"}


If you are using a non-administrator user (or a not- domain-administrator user) to execute command to remote nodes, you need to set up the access on the remote machine ( to the user or some of its groups, eg: Domain User group).

  • To add permissions to non-administrator user to execute remote commands

Set-PSSessionConfiguration Microsoft.Powershell -ShowSecurityDescriptorUI
seconds ago
a minute ago
minutes ago
an hour ago
hours ago
a day ago
days ago
Invalid characters found