If you are trying to add a Configuration Manager Distribution Point remotely you may end up with issue:

WARNING: The self-signed certificate could not be created successfully

Validation of input parameters failed. Cannot Continue

DP_Certificate_Issue

Code example

Invoke-Command -ScriptBlock { #Step 1 Import-Module $env:SMS_ADMIN_UI_PATH.Replace("\bin\i386","\bin\configurationmanager.psd1") #Step 2 $SiteCode = Get-PSDrive -PSProvider CMSITE #Step 3 Set-Location "$($SiteCode.Name):\" #Step 4 Add-CMDistributionPoint -SiteSystemServerName TestServer.corp.viamonstra.com -SiteCode $SiteCode.Name ` -ClientConnectionType Intranet -MinimumFreeSpaceMB 50 -PrimaryContentLibraryLocation Automatic ` -SecondaryContentLibraryLocation Automatic -PrimaryPackageShareLocation Automatic -EnablePxeSupport ` -SecondaryPackageShareLocation Automatic -CertificateExpirationTimeUtc ((Get-Date).AddYears(100)) -ErrorAction STOP } -ComputerName CM01.corp.viamonstra.com

If you take same code and run it locally on your Primary Site Server, then it works correctly but what is the problem then? The problem is that you haven’t enabled CredSSP on your site server and your admin PC. There are so many different posts in internet that explains the second hop scenario and I will not explain it in this but you can read it from here .

To fix this problem you need to run this command on you admin PC. Please change the DeletegateComputer parameter value

Enable-WSManCredSSP -Role Client -DelegateComputer *.corp.viamonstra.com -Force

And this command on your Primary Site Server

Enable-WSManCredSSP -Role Server -Force

To add the Distribution Point successfully remotely you need to execute the Invoke-Command like that

Invoke-Command -ScriptBlock { #Step 1 Import-Module $env:SMS_ADMIN_UI_PATH.Replace("\bin\i386","\bin\configurationmanager.psd1") #Step 2 $SiteCode = Get-PSDrive -PSProvider CMSITE #Step 3 Set-Location "$($SiteCode.Name):\" #Step 4 Add-CMDistributionPoint -SiteSystemServerName TestServer.corp.viamonstra.com -SiteCode $SiteCode.Name ` -ClientConnectionType Intranet -MinimumFreeSpaceMB 50 -PrimaryContentLibraryLocation Automatic ` -SecondaryContentLibraryLocation Automatic -PrimaryPackageShareLocation Automatic -EnablePxeSupport ` -SecondaryPackageShareLocation Automatic -CertificateExpirationTimeUtc ((Get-Date).AddYears(100)) -ErrorAction STOP } -ComputerName CM01.corp.viamonstra.com -Credential (Get-Credential) -Authentication Credssp

Happy Scripting 🙂