Policy
Trusted Hosts
Windows 11 25H2
Policy overview
Key metadata and intent for this policy.
Supported OS tags: Windows10, Windows10RT, Windows11, Windows7, Windows8, Windows81, WindowsRT, WindowsRT81, WindowsServer2008, WindowsServer2012, WindowsServer2012R2, WindowsServer2016, WindowsVista
This policy setting allows you to manage whether the Windows Remote Management (WinRM) client uses the list specified in TrustedHostsList to determine if the destination host is a trusted entity. If you enable this policy setting, the WinRM client uses the list specified in TrustedHostsList to determine if the destination host is a trusted entity. The WinRM client uses this list when neither HTTPS nor Kerberos are used to authenticate the identity of the host. If you disable or do not configure this policy setting and the WinRM client needs to use the list of trusted hosts, you must configure the list of trusted hosts locally on each computer.
Registry values
How enabled and disabled states update the registry.
No explicit registry values are set for enabled or disabled states.
Policy elements
Inputs and configuration options exposed by this policy.
| Element | Type | Registry mapping | Constraints & behavior |
|---|---|---|---|
TrustedHostsList: ID TrustedHosts_List | text | HKLM\Software\Policies\Microsoft\Windows\WinRM\Client\TrustedHostsList Type REG_SZ | None |
Other policies in this category
Explore related policies at the same level.
- ComputerAllow Basic authenticationAt least Windows Vista
- ComputerAllow CredSSP authenticationAt least Windows Vista
- ComputerAllow unencrypted trafficAt least Windows Vista
- ComputerDisallow Digest authenticationAt least Windows Vista
- ComputerDisallow Kerberos authenticationAt least Windows Vista
- ComputerDisallow Negotiate authenticationAt least Windows Vista