Remotely Managing Hyper-V in a Workgroup

3/12/2021 Hyper-V Microsoft Workgroup WINRM

Getting a remote connection to manage Hyper-V normally works straight off in MS Windows Domain environment but what about workgroups? you get this error: An error occurred while attempting to connect to server. The WinRM Client cannot Process the Request.... This article will take you through the steps to make it work with thanks to Timothy Gruber who originally found the solution!

The Purpose

I have a home setup with a 2016 Server running Hyper-V and want to manage the Hyper-V directly on a Windows 10 machine. Otherwise, at the moment, I'm RDP'ing onto the host to open a connection to each of the VM's hosted on Hyper-V which is more windows then I care to have open and copy and paste doesn't work! 

However keep getting the below message:

An error occurred while attempting to connect to server. The WinRM Client cannot Process the Request....

The below is taken from Timothy Grubers article so all credit to him I just wanted to spread the word about this solution as there is a lot of older articles that seem to get close but don't actually resolve the issue!

When you aren’t using Hyper-V Server in a domain in which you have group policies in place to take care of the automatic configuration of systems for seamless remote manageability, there are quite a few steps one must take on both the Hyper-V Server host and the Windows 10 PC from which you are trying to manage the host.

Most of the information out there, even as recent as September 2020, regarding managing Hyper-V remotely in a workgroup or non-domain environment, results in one of these two outcomes: not enough information, therefore leaving you still unable to connect properly to your Hyper-V host, or incorrect or too much information, leaving your systems vulnerable and insecure, possibly still unable to connect to the Hyper-V host.

Assumptions

This has been done on a 2016 Server and verified by myself as working

  • Server host
  • Server host static IP or reserved/sticky IP
  • Windows 10 PC
  • Administrator access to both the above

Hyper-V Server 2016 or 2019 Host

All steps in this section are to be done on your Hyper-V Server host server. In this example, I am starting from a fresh install of Hyper-V Server 2016 that is fully patched and up-to-date.

Make note of your <Server-Name> (Hyper-V host)
Make note of your <Username> (Hyper-V host)
Make note of your <Password> (Hyper-V host)
Make note of your <Server-IP> run ipconfig from the command prompt (Hyper-V host) 

Where you < > replace content with your details

SCONFIG settings and changes

Open Sconfig located on c:\windows\system32\sconfig.cmd

Confirm that the <Server Name> matches what you have set

Enable Remote Management

Select Option 4 (Configure Remote Management)
Select Option 1 (Enable Remote Management)

and confirm successful load.

Enable Remote Desktop

Return to the Sconfig main menu if you haven't already

Select option 7 (remote Desktop)
When prompted enter E for Enable Remote Desktop
Select option 1 (Allow only clients running Remote Desktop with Network Level Authentication (More Secure)

Windows Update

Return to the Sconfig main menu if you haven't already

This is the most important step, because depending on which patch level Hyper-V Server 2016 is on, versus the patch level of your Windows 10 PC, you WILL get errors and will not be able to remotely connect via Hyper-V Manager.

Select option 6 (Download and Install Updates)
Select option A (All Updates)
Wait for updates to be listed and if needed repeat the step if prompted to reboot until the message "There are no applicable updates"

Powershell Commands

Open Powershell as Administrator:

Run the following commands:

Enable-PSRemoting

This cmdlet configures the computer to receive PowerShell remote commands that are sent by using the WS-Management technology. WS-Management based PowerShell remoting is currently supported only on the Windows platform.

Enable-WSManCredSSP -Role server 
Press Y when Prompted

The Enable-WSManCredSSP cmdlet enables CredSSP authentication on a client or on a server computer. When CredSSP authentication is used, the user credentials are passed to a remote computer to be authenticated. This type of authentication is designed for commands that create a remote session from another remote session. For example, if you want to run a background job on a remote computer, use this kind of authentication.

On your Windows 10 PC

All steps in this section are to be done on your Windows 10 PC. At the time of this article’s creation, I used a working PC running Windows 10 Pro 20H2 (27/02/2021) OS Build 19042.844 fully patched and up to date.

Run windows update (repeat if needed) until you see this message

Install Hyper-V Management Tools

Open up an elevated PowerShell window (Run as Administrator)

Enter the following command, which installs the Hyper-V Management tools, then enter Y to reboot:

Enable-WindowsOptionalFeature -Online -FeatureName Microsoft-Hyper-V-Tools-All -All

Set the network connection category to private

You may need to change “Ethernet” (InterfaceAlias) to match the name of your network connection(s).
You can use Get-NetConnectionProfile to list your connections and their categories.

Once confirmed open up an elevated PowerShell window (Run as Administrator)

Set-NetConnectionProfile -InterfaceAlias Ethernet -NetworkCategory Private

Add the Hyper-V Server host to the local “hosts” file

Because you are not on a domain you may have issues with DNS not resolving so this step will write a line to your host file to reference the Hyper-V Host

Enter the following command, which appends the hostname of the Hyper-V host and it’s IP address to the local hosts file:

Add-Content -Path C:\Windows\System32\drivers\etc\hosts -Value "`n<Server-IP>`t<Server-Name>"

The `n is new line
The `t is horizontal tab character
Replace <Server-IP> and <Server-Name>with the hostname and IP address of your Hyper-V Server host.

You can also add this manually by opening the hosts file (C:\windows\system32\drivers\etc\host) by running Notepad as administrator and added a new line using the examples displayed in the hosts file.

Configure Remote Management Service

Open up an elevated PowerShell window (Run as Administrator)

winrm quickconfig

enter Y when prompted

Add the Hyper-V Server host to the trusted hosts of the Win10 PC

Open up an elevated PowerShell window (Run as Administrator) and run the below

Set-Item WSMan:\localhost\Client\TrustedHosts -Value "<Server-Name>"

enter Y when prompted

Allow the Win10 PC credentials to be delegated to the Hyper-V Server host:

Open up an elevated PowerShell window (Run as Administrator)

Enable-WSManCredSSP -Role client -DelegateComputer "<Server-Name>"

enter Y when prompted

Allow delegating fresh credentials with NTLM-only server authentication

Configure the following in Local Group Policy (gpedit.msc)

Click on the Show button and enter WSMAN/<Server-name>

Reboot!

Please reboot both client and server after these changes and login into both confirming Hyper-V is loading on Host machine

On your Windows 10 Machine

Open Hyper-V on your Windows 10 Machine

Right-Click on “Hyper-V Manager”, and select “Connect to server…”.
Select “Another computer” and type the <SERVER-NAME> of your Hyper-V Server host.
Check “Connect as another user”, then use the local admin account and password of the Hyper-V Host. Check “Remember me”. Use <server-name>\<Username>

Success! 

Or at least should be! this worked first time for me after following the steps from Tims website, so I'm gonna conclude here but he has a bit more on his site for troubleshooting hope this has helped you.