3.1.4.1.29.2 http://schemas.microsoft.com/wbem/wsman/1/config/service/auth

The http://schemas.microsoft.com/wbem/wsman/1/config/service/auth resource URI MUST be used to configure the authentication mechanisms supported by a server.

The Web Services Management Protocol Extensions for Windows Vista service MUST<79> use wsman:secprofile/http/basic and wsman:secprofile/https/basic as an authentication scheme if and only if the Basic property in the cfg:ServiceAuthType is true.

The Web Services Management Protocol Extensions for Windows Vista service MUST use wsman:secprofile/http/spnego-kerberos and wsman:secprofile/https/spnego-kerberos as an authentication scheme if and only if either the Negotiate property or the Kerberos property in the cfg:ServiceAuthType is true.

The Web Services Management Protocol Extensions for Windows Vista service MUST use wsman:secprofile/https/mutual as an authentication scheme if and only if the Certificate property in the cfg:ServiceAuthType is true.

When the Web Services Management Protocol Extensions for Windows Vista service receives a Put request containing the CredSSP property, if it does not support CredSSP as an authentication scheme the request MUST fail with a wsman:SchemaValidationError fault. The Web Services Management Protocol Extensions for Windows Vista service MUST NOT<80> use CredSSP as an authentication scheme (as specified in [MS-CSSP]) if the CredSSP in the cfg:ServiceAuthType is false.

When the Web Services Management Protocol Extensions for Windows Vista service receives a Put request containing the CbtHardeningLevel property, if it does not support channel-binding tokens in authentication requests (as specified in [RFC2743] section 1.1.6) the request SHOULD fail with a wsman:SchemaValidationError fault. If the service does not support channel-binding tokens in authentication requests, and it does not fail with a wsman:SchemaValidationError fault, it MUST<81> ignore the CbtHardeningLevel property.