PowerShell script fails to authenticate user when running Invoke-Command

I've recently created a little script that allows me to get the disk size and free space of 2 servers at each school site when I provide the script with the schools 4 digit site code.

First it pulls the information on the sites from a .csv file, and then uses that information to put together a string for the DC FQDN hostname, and the .10 server.

Then it requests the password for my elevated access account used to get the information on the disks.

I am having an issue where when the script creates the script block and then uses Invoke-Command and sends the script block to the servers, and provides back the PowerShell object with the information.

The error provided is as per below:

[{ServerName}] Connecting to remote server {ServerName} failed with the
following error message : WinRM cannot process the request. The following
error with errorcode 0x80090311 occurred while using Kerberos authentication: 
There are currently no logon servers available to service the logon request.
Possible causes are:
  -The user name or password specified are invalid.
  -Kerberos is used when no authentication method and no user name are specified.
  -Kerberos accepts domain user names, but not local user names.
  -The Service Principal Name (SPN) for the remote computer name and port does
   not exist.
  -The client and remote computers are in different domains and there is no trust
   between the two domains.
After checking for the above issues, try the following:
  -Check the Event Viewer for events related to authentication.
  -Change the authentication method; add the destination computer to the WinRM
   TrustedHosts configuration setting or use HTTPS transport.
Note that computers in the TrustedHosts list might not be authenticated.
  -For more information about WinRM configuration, run the following command:
   winrm help config. For more information, see the about_Remote_Troubleshooting
   Help topic.
    + CategoryInfo          : OpenError: ({ServerName}:String) [], PSRemotingTransportException
    + FullyQualifiedErrorId : AuthenticationFailed,PSSessionStateBroken

Things I've tried:

• Resetting my password

• Altering the Authentication type to Basic

• Getting others to try the same thing - some have the same issue, others do not
• Other users on my workstations also have the same issue
• I re-imaged my workstation and it worked for a bit, but then stopped again as it appeared to stop after the device installed software updates, so I'm in the middle of uninstalling those updates, however two of them won't allow me to uninstall, I assume they're forced installs by Microsoft and required to be installed (The uninstall button disappears when selected) - KB4019472 and KB4049065.

Device is running Windows 10 1607 v14393.1944, PowerShell v5.1.

There is a one-way trust between the domain I am in and the domains the DC1 and MS10 (.10) are in, the domains trust us, but we don't trust the domains.

The account I use is local admin on the device via a nested AD Group, across all domains.

I'm not very understanding of Kerberos, so any help would be amazing.

The script is below: Note: I've had to remove some parts, so I've filled the area with what would be there (i.e. {String} where there would just be standard text, and {FQDNServerName} where there would be a FQDN server name written as text, or {Region} where I would have had the region written as text}).

$csvSchoolsLoc = "{FQDNServerName}\SharedReports$\SchoolsExport.csv"
$Schools = Import-Csv $csvSchoolsLoc -Delimiter "`t" -Header LocCode,SchoolName,SchoolAddress,SchoolPhoneNumber,SchoolFaxNumber,SchoolOfficerInCharge,DistrictCode,DistrictNumeric,RegionCode,RegionNumeric,LSD,WANLinkType,RouterName,RouterIP,RouterStatus,OneSchemaGraphUrl,OneSchemaSiteUrl,SCCMSiteID,SiteAdminNetwork,ProxyServerIP,PrimaryDcName,PrimaryDcIP,PrimaryDcOS,PrimaryDcVersion,PrimaryDcPatch,Style

#Gets the users credentials for their GBN ZZ account - this is used throughout the script for authentication
$username = "{Region}\zz-$env:USERNAME"
$mycreds = Get-Credential -UserName $username -Message "Enter your password for {region}\zz-$env:USERNAME"

Clear-Host
Write-Host "What is the schools 4 digit site code?" -ForegroundColor Magenta
$Global:SiteCode = Read-Host

Function Main {
    Clear-Host

    $SchoolName = $schools | Where-Object {$_.LocCode -eq $SiteCode} | ForEach-Object SchoolName

    $Region = $schools | Where-Object {$_.LocCode -eq $SiteCode} | ForEach-Object RegionCode

    Write-Host "Getting details for: " -ForegroundColor Gray -NoNewline; Write-Host "$SchoolName - $SiteCode - ($Region)"-ForegroundColor Yellow

    $DC1 = "{String}$($Region)$($SiteCode)001.$region.{String}.{String}.{String}"
    $MS10 = "{String}$($Region)$($SiteCode)010.$region.{String}.{String}.{String}"

    if (Test-Connection -ComputerName $DC1 -Count 2 -Delay 1 -Quiet) {
        $DC1Run = $true
    } else {
        $DC1Run = $false
    }
    if (Test-Connection -ComputerName $MS10 -Count 2 -Delay 1 -Quiet) {
        $MS10Run = $true
    } else {
        $MS10Run = $false
    }

    $ScriptBlock = {
        $DiskCTotal = Get-WmiObject -Class Win32_LogicalDisk -Filter "DeviceID='C:'" -Impersonation 3 | ForEach-Object {$_.size / 1GB}
        $DiskCFree = Get-WmiObject -Class Win32_LogicalDisk -Filter "DeviceID='C:'" -Impersonation 3 | ForEach-Object {$_.freespace / 1GB}
        $DiskZTotal = Get-WmiObject -Class Win32_LogicalDisk -Filter "DeviceID='Z:'" -Impersonation 3 | ForEach-Object {$_.size / 1GB}
        $DiskZFree = Get-WmiObject -Class Win32_LogicalDisk -Filter "DeviceID='Z:'" -Impersonation 3 | ForEach-Object {$_.freespace / 1GB}

        return @{
            'ZFreeSpace' = $DiskZFree
            'CFreeSpace' = $DiskCFree
            'ZTotalSize' = $DiskZTotal
            'CTotalSize' = $DiskCTotal
        }
    }
    if (($DC1Run -eq $true) -and ($MS10Run -eq $true)) {
        $ServerDC1 = Invoke-Command -ComputerName $DC1 -Credential $mycreds -ScriptBlock $ScriptBlock
        $ServerMS10 = Invoke-Command -ComputerName $MS10 -Credential $mycreds -ScriptBlock $ScriptBlock

        #Clear-Host
        Write-Host -ForegroundColor Yellow "$SchoolName - $SiteCode - ($Region)"
        Write-Host -ForegroundColor Cyan "Server $DC1 - Domain Controller"
        Write-Host "$([math]::round($ServerDC1.CFreeSpace,2)) GB free on C Drive (Total Size $([math]::round($ServerDC1.CTotalSize,2)) GB)"
        Write-Host "$([math]::round($ServerDC1.ZFreeSpace,2)) GB free on Z Drive (Total Size $([math]::round($ServerDC1.ZTotalSize,2)) GB)"
        Write-Host "" 
        Write-Host -ForegroundColor Cyan "Server $MS10 - Distribution Point"
        Write-Host "$([math]::round($ServerMS10.CFreeSpace,2)) GB free on C Drive (Total Size $([math]::round($ServerMS10.CTotalSize,2)) GB)"
        Write-Host "$([math]::round($ServerMS10.ZFreeSpace,2)) GB free on Z Drive (Total Size $([math]::round($ServerMS10.ZTotalSize,2)) GB)"
    } else {
        #Clear-Host
        Write-Host -ForegroundColor Yellow "$SchoolName - $SiteCode - ($Region)"
        Write-Host -ForegroundColor Cyan "Server $DC1 - Domain Controller"
        if ($DC1Run) {
            Write-Host "DC1 connection status is running" -ForegroundColor Green
        } else {
            Write-Host "DC1 connection status is down" -ForegroundColor Red
        }
        Write-Host "" 
        Write-Host -ForegroundColor Cyan "Server $MS10 - Distribution Point"
        if ($MS10Run) {
            Write-Host "MS10 connection status is running" -ForegroundColor Green
        } else {
            Write-Host "MS10 connection status is down" -ForegroundColor Red
            if ($DC1Run -eq $true) {
                $RDP = Read-Host -Prompt "Would you like to RDP to $DC1 'Y'"
                if ($RDP -eq "Y") {
                    Start-Process -FilePath "$env:windir\System32\mstsc.exe" -ArgumentList "/v:$DC1" -Wait -WindowStyle Maximized
                }
            }
        }
    }
    Write-Host ""
    Write-Host "What is the next schools 4 digit site code? -or- Press Enter to retry the above site again" -ForegroundColor Magenta
    $Entry = Read-Host
  if ($Entry -eq "") {
    # Do nothing
  } else {
    $Global:SiteCode = $Entry
  }
}

$x = 0

do {
    Main
} until ($x -gt 0)

EDIT: The uninstall of the software updates did not fix the issue, so unless it's something to do with those 2 updates that I can't uninstall it doesn't appear to be Software Updates.

It turns out that the domains I am trying to reach were not in my TrustedHosts config for WinRM.

By using the following command, I was able to add the domains (of which I have numerous) to the TrustedHosts using the '*' wildcard.

NOTE: I have replaced part of the domain with {String} where it would normally have part of the domain name for confidentiality reasons.

winrm set winrm/config/client @{TrustedHosts="<local>,*.{string}.edu.au"}