Enabling Powershell Group Policy Exception via Command Line

Question

I am trying to find a way to change Local Group Policy via command line. The change is to set Local Policy to enable "Allow Delegating Fresh Credentials" and set it to "wsman/*.domain.net" in Computer-> Admin Template -> System -> Cred.

The limitation here, is that I am barred from installing additional cmdlets.

The larger goal is to enable CredSSP authentication for PsSession. Other pre-reqs are accomplish via PsExec.

enable-psremoting or winrm quickconfig
Enable-WSManCredSSP client *.domain.net
Enable-WSManCredSSP -Role server

Reference Error: [TESTSERVER001] Connecting to remote server failed with the following error message : The WinRM client cannot process t he request. A computer policy does not allow the delegation of the user credentials to the target computer. Use gpedit. msc and look at the following policy: Computer Configuration -> Administrative Templates -> System -> Credentials Deleg ation -> Allow Delegating Fresh Credentials. Verify that it is enabled and configured with an SPN appropriate for the target computer. For example, for a target computer name "myserver.domain.com", the SPN can be one of the following: WS MAN/myserver.domain.com or WSMAN/.domain.com. For more information, see the about_Remote_Troubleshooting Help topic. + CategoryInfo : OpenError: (System.Manageme....RemoteRunspace:RemoteRunspace) [], PSRemotingTransportExc eption + FullyQualifiedErrorId : PSSessionOpenFailed* *

Answer 1

I found that connecting to servers by FQDN works without the GPO step. However, it does not address the original question of how to set Local GPO via command line or Powershell.