Whenever you want to use GreenLight to monitor Windows Hosts (perf counters, services, exchange, ...) then you could end up in getting http 401 error indicating that the authentication process failed during the initial connection.

You would see then the following error message


09:24:34.300 [http-bio-443-exec-5] ERROR 122:DefaultRemoteShellService -Received fault for remote shell create request
com.panagenda.commons.wsman.service.transport.HttpResponseFaultException: [401]


Please check the following things to solve this error:


  1. Verify that the credentials are correct
  2. Verify that the user is member of the local Administrator Group or has been explicitly granted access
  3. Make sure that domain name is part of the username  (eg.  domain\username)
  4. Ensure that the Service\Auth\CbtHardening Level is set to RELAXED
    https://msdn.microsoft.com/en-us/library/cc251568.aspx

Please adjust the CbtHardening Setting to Relaxed by using the following RegKey

HKLM\Software\Policies\Microsoft\Windows\WinRM\Service\CbtHardeningLevel


Note: Please check your GPO Settings as well!

 Windows Components\Windows Remote Management (WinRM)\WinRM Service


Useful Links:

https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_remote_troubleshooting?view=powershell-7.2

https://docs.microsoft.com/en-us/windows/win32/winrm/installation-and-configuration-for-windows-remote-management

http://www.hurryupandwait.io/blog/understanding-and-troubleshooting-winrm-connection-and-authentication-a-thrill-seekers-guide-to-adventure