Trusted Hosts

This policy setting allows you to manage whether the Windows Remote Management (WinRM) client uses the list specified in TrustedHostsList to determine if the destination host is a trusted entity.

If you enable this policy setting, the WinRM client uses the list specified in TrustedHostsList to determine if the destination host is a trusted entity. The WinRM client uses this list when neither HTTPS nor Kerberos are used to authenticate the identity of the host.

If you disable or do not configure this policy setting and the WinRM client needs to use the list of trusted hosts, you must configure the list of trusted hosts locally on each computer.


Supported on: At least Windows Vista
Registry HiveHKEY_LOCAL_MACHINE
Registry PathSoftware\Policies\Microsoft\Windows\WinRM\Client
Value NameTrustedHosts
Value TypeREG_DWORD
Enabled Value1
Disabled Value0

TrustedHostsList:

Registry HiveHKEY_LOCAL_MACHINE
Registry PathSoftware\Policies\Microsoft\Windows\WinRM\Client
Value NameTrustedHostsList
Value TypeREG_SZ
Default Value

Syntax:

Configure the trusted hosts by a comma separated list

of host names. You can use wildcards (*) but only

one wildcard is allowed in a host name pattern.

Use "<local>" (case insensitive) is used to indicate

all host names that do not contain a period (.).

The list can be empty to indicate that no host is trusted.

Use asterisk (*) to indicate that all hosts are trusted.

If you use *, then no other pattern can appear in the list.

Examples:

*.mydomain.com indicates that all computer in mydomain.com are trusted

2.0.* indicates that all IP addresses starting with 2.0. are trusted


windowsremotemanagement.admx

Administrative Templates (Computers)

Administrative Templates (Users)