Currently i have a AD/Kerberos Configured on one EC2 instance(Windows 2008 R2) and created couple of users. Each of the users has administrator privileges. When We login as a non-domain Administrator, i can successfully execute the winrm commands. But when i login as the domain User (who has administrator privileges), i cannot run the winrm commands:
C:\Users\domain-username>winrm get winrm/config/service/auth WSManFault Message = Access is denied. Error number: -2147024891 0x80070005 Access is denied.
I check the Group Policy Editor for WinRM did not find anything relevant. I am not sure what i am missing.
First thing that pops in my head: is cmd elevated? It would be by default on local Administrator account, not so with domain accounts that belong to local Administrators group. Your current prompt (c:\users...) kind of suggests this might be the reason for access rights issues (elevated cmd starts in c:\windows\system32 by default).
I've tested both elevated and non-elevated and get same results as you do with "normal" and expected results with "elevated" one.
User contributions licensed under CC BY-SA 3.0