I have been taking a look at the “secrets of powershell remoting” but would like some clarification on a couple of points.
In our desktop environment the vast majority of machines reside in a single forest comprised of multiple domains so this shoud be fairly simple to set up and manage.
Our server environment however has globally over a hundred separate forests (no trusts between them) and several hundred workgroup servers.
I’m aware that when you remote between machines that are not in the same forest kerberos is no longer used. In this scenario:
Is it NTLMv2 doing the actual authentication? If not what?
No username and password can be sniffed?
Will the traffic still be encrypted?
I’m aware from the guide that you can set up https but it suggests that this cannot be automated and as we have over 15000 servers and several hundred new servers being provisioned a week this would not seem to be a practical solution.