I have two domains
foo.local
test.local
I can run powershell hyper-v cmdlets against the test.local hyper-v server if I am using a VM that is in the test.local domain.
Get-VM -ComputerName hyperv01.test.local
I want to be able to run this same command from my workstation which is in the foo.local domain.
I believe that I need to enable delegation on the hyper-v server so that my workstation can run the hyperv commands, however it appears that I can't change domains in the Administrator Console.
Is there a way to allow my workstation in the foo.local domain to run Get-VM on a hyperv server in the test.local domain?
Best Answer
PowerShell Remoting and Windows Credential Delegation are two different things. Most of the remoting you do is done without credential delegation.
Delegation lets the computer you connect to remotely take your credentials and reuse them to hop to a 3rd server. This has security implications, but is sometimes necessary, especially when managing groups of hyper-v hosts.
Remoting does not require delegation for your initial connection. There are several ways to authenticate with the remote server. In your domain, you are using Kerberos by default. If you want to use Kerberos to authenticate to the server in the remote domain, the Domain Administrators will need to set up a Domain Trust.
For machines that are not in the same domain (or even in a workgroup) you can use certificate authentication. The Secrets of PowerShell Remoting is a free ebook from the PowerShell community that will walk you through the configuration.