Troubleshoot - How to change password through WinRM

To perform an exchange through WinRM

Validate that the listener is working with the following command:

winrm enumerate winrm/config/listener

If the command does not return any information, it means that we need to register a listener to

the WinRM. To register a listener, run the following command:

winrm quickconfig

After that, register the device in senhasegura, inserting the WinRM connectivity to the port
HTTP:5985

image

After that, it is necessary to perform some configurations in Windows so that it is possible to change the password of a credential
authenticating with another credential (domain or service).

For this, we created the “senhasegura” credential, where it currently belongs only to the group:

If we request a password change run on senhasegura using the “senhasegura” credential as authentication credential to change the password of the “Administrator” (or any user), we will get the following error:

image

This error occurs because the “senhasegura” credential does not have the proper permissions to perform password changes.
To provide the proper permissions, we must insert the credential that is performing the authentication in the Domain Admins group, as shown below:

image

After inserting the credential in this respective group, it was possible to change the password:

If the change continues to give an error, validate that the template used in the password change is “RM - Change Password over HTTP”

1 Like