This project has moved. For the latest updates, please go here.

Connect via IP Address

Topics: Feature Requests
Editor
Feb 11, 2014 at 6:55 PM
Using an IP address to connect used to work in the 2.x version of CM07 Client Center. There has been an ask internally at my company to allow connecting via iP address as well as netbiosname. Particularly for remotely connected clients, often the ip address in DNS doesn't match what the target really is. i know it's our DNS Scavaging; but barring that getting fixed (I doubt it will get fixed as well as we need it to be); is it possible to connect using Client Center via IP address / WinRM ?

Also, I use the web-based ClientCenter, not the click once. :)
Coordinator
Feb 12, 2014 at 7:49 AM
The problem in this case in not the tool itself, it depends on the configuration of WinRM:
http://stackoverflow.com/questions/6587426/powershell-remoting-with-ip-address-as-target

I was able to connect by using the IP after adding "*" (All) to the trusted hosts list
Set-Item WSMan:\localhost\Client\TrustedHosts -Value "*" -Force
Marked as answer by slkissinger on 2/13/2014 at 10:44 AM
Editor
Feb 12, 2014 at 4:54 PM
I must still be missing some config. I have basic authentication, and added that trustedhosts "*"; and still won't let me connect. maybe there's a firewall rule or something...
Editor
Feb 12, 2014 at 6:03 PM
I think i've figured out where I went wrong... Once you use IP Address, WinRM won't use kerberos authentication. So you have to use the pull-down on the left and put in your credentials; even if they are the exact same ones you used to launch the tool with. WinRM needs to pass those explicitly when connecting via IP address. I'll verify that; and then I'll (hopefully) come up with a Compliance Setting for Configmgr12 to set that trustedhost value to * .
Editor
Feb 13, 2014 at 5:45 PM
Edited Feb 13, 2014 at 11:05 PM
Tested a Compliance Setting successfully. I've blogged about the new baseline, and updated the troubleshooting section here with a link to that blog.
Coordinator
Feb 17, 2014 at 10:37 AM
Thanks for providing your findings...
Developer
Feb 20, 2014 at 8:08 AM
Edited Feb 20, 2014 at 8:12 AM
To make it easier for the user you could add a check to verify that credentials have been specifed if an IP-address is given as a hostname, and if it is not maybe display a msgbox with info (or output it in log). Basically there is no point in even trying to connect since we now know it will fail if creds are not specified manually.

This regex should tell you if the input in the hostname field is a valid ip-address:
^(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)(.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)){3}$
Coordinator
Feb 20, 2014 at 8:38 PM
This discussion has been copied to a work item. Click here to go to the work item and continue the discussion.