Error when trying to establish a remote PS session

Hello! I’m getting the following error when trying to establish a remote PS session.

New-PSSession : [webd3] Connecting to remote server webd3 failed with the following error message : Access is denied.
For more information, see the about_Remote_Troubleshooting Help topic.
At line:1 char:12
+ $session = New-PSSession -ComputerName webd3 -Credential (Get-Credent …
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : OpenError: (System.Manageme…RemoteRunspace:RemoteRunspace) [New-PSSession], PSRemotin
+ FullyQualifiedErrorId : AccessDenied,PSSessionOpenFailed

On the remote server (WS 2019 Std. Hyper-V VM - “webd3”):

  • The WinRM service is running and set to 'Automatic'
  • The WinRM port is open in the firewall
  • PS Remoting is enabled
  • I've tried the script with both the computer name and the local IP address

On the local laptop (Windows 10):

  • Trusted hosts list allows all (*)
  • I'm running PS as an admin
  • Using this (which worked on $session = New-PSSession -ComputerName webd3 -Credential (Get-Credential)
The error occurs after getting the login dialog and entering my credentials. I've tried qualifying the computer name (webd3\username) and without. Same error either way.

Any idea what I’m missing?

I’d also note that I was able to establish remote PS session with the VM’s host OS (WS 2019 Std. non-desktop experience).


Could be a number of things. What happens if you try this from a shell:

“dir \webd3\c$”

I have found if you cant get to C$ on the remote system, you can get an access denied with PSRemoting.

Also check the following registry key:


If this is not set to one, that can also cause an access denied.

Thanks for the reply, TonyD! The registry key was the solution!

First I tried remote access (dir \webd3\c$), but that failed. After creating the registry key, remote access still failed, but I decided to try creating the remote session in PS again and was successful.

Still not sure why it worked on the host OS as I had not created the registry key there. Oh, well - doesn’t much matter now.

Thanks, again!

A bit more detail on that registry setting. Here is the GPO for that setting:

Computer Configuration >> Administrative Templates >> MS Security Guide >> “Apply UAC restrictions to local accounts on network logons”

Set to Disabled to set the registry to 1