CredSSP delegates the users credentials from one computer to another remote computer. When the remote server is located in a domain that differs from that of the Applications Manager's server domain, or is in the same domain and experiences a 'double-hop' issue, then CredSSP authentication should be utilized. This is used for Active Directory, SharePoint Server and Exchange Server monitors for some specific metrics.
Perform the following steps on the Remote Server:
Enable-WSManCredSSP -Role Server
- Enable Encryption Oracle Remediation and set Protection Level to Mitigated (Optional)
Perform the following steps on the Applications Manager server:
Note: Replace <HostName> with the hostname of the Remote Server.
Enable-WSManCredSSP -Role client -DelegateComputer <HostName>
- Enable Allow delegating fresh credentials and set value "wsman/<HostName>"
- Enable Allow delegating fresh credentials with NTLM-only server authentication and set value "wsman/<HostName>"
$testSession= New-PSSession -ComputerName <HostName> -Authentication Credssp -Credential Get-Credential
If Session is created without any error in the Edit Monitor page, enable the Use CredSSP authentication option and update the monitor.