You may see the following error message when you try to connect to a remote PowerShell session:
Enter-PSSession : Connecting to remote server 172.31.24.221 failed with the following error message : The WinRM client cannot process the request. Default authentication may be used with an IP address under the following conditions: the transport is HTTPS or the destination is in the TrustedHosts list, and explicit credentials are provided. Use winrm.cmd to configure TrustedHosts. Note that computers in the TrustedHosts list might not be authenticated. For more information on how to set TrustedHosts run the following command: winrm help config. For more information, see the about_Remote_Troubleshooting Help topic.
This error message is thrown when you try to connect with an IP address instead of a hostname or FQDN:
These steps are mainly relevant when trying to connect from workgroup-based computers.
Within an Active Directory, WinRM will use Kerberos for authentication, and this requires you either use the hostname or the FQDN of the target system you’re connecting to, e.g.:
By using a hostname or FQDN you’ll no longer receive the error message.
Easy Office 365 Management
If you’re specifically using remote PowerShell to trigger Azure AD synchronization, you should consider using Easy365Manager instead.
Easy365Manager is a lightweight snap-in for AD Users & Computers, that allows you to manage Office 365 mailboxes and licenses as part of your AD user management.
With Easy365Manager, you can trigger an Azure AD Connect synchronization directly from user properties: