Enabling PowerShell Remoting
PowerShell can be used to control remote computers with Windows PowerShell Remoting. First, you need to learn how to allow and configure it.
PowerShell is commonly available across the Windows platform, including on both Windows 10 and Windows Server. Therefore, it makes sense to use PowerShell to execute management tasks on both local and remote machines because you can pass those skills on to other management situations.
Most cmdlets in PowerShell can be used with the –ComputerName parameter, making it a bit easier to use the command remotely than defining the name of the computer that you wish to run the command against. Run the following cmdlet as an example of how to determine the IP configuration of a remote computer:
Get-NetIPConfiguration -ComputerName PACKTCL1
However, not all cmdlets accept the –ComputerName parameter, and you must enable and configure PowerShell Remoting (explained further in the Enabling PowerShell Remoting section) for these parameters.
The PowerShell Remoting function is used to allow you to connect to one or more remote computers and execute one or more cmdlets or scripts on those remote computers, returning the results to your local computer.
The remote features of Windows PowerShell are supported by the Web Services Management (WS-Management) protocol and the Windows Remote Management (WinRM) service, which implements WS-Management on Windows. Computers running Windows 7 (and later versions) have WinRM 2.0 (or higher).
Important Note
To use the PowerShell Remoting features, you must start Windows PowerShell as an administrator by right-clicking on the Windows PowerShell shortcut and selecting Run As Administrator. You can start this program as an administrator when you start to run or execute PowerShell from another application, such as the Command Prompt (cmd.exe).
By following these steps, you can check the availability of WinRM and configure PowerShell Remoting:
- Start PowerShell as an administrator by right-clicking on the PowerShell shortcut.
- Then, select Run As Administrator.
- The WinRM service is configured to manual startup. You must change the type of startup to Automatic and start the service on every computer that you want to work on. You can verify that the WinRM service is running on the PowerShell prompt by using the following command:
Get-Service winrm
The output of the previous command can be seen in the following screenshot:
Figure 9.13 - Output values of the winrm cmdlet
As you can see in the previous screenshot, the output of the Status property value is Stopped. To manage this computer, the Status property value should be Running.
- To configure Windows PowerShell for remote access, type in the following command:
Enable-PSRemoting –Force
When you execute the previous command in a Windows PowerShell window, the output will look as in the following screenshot:
Figure 9.14 - Output of the Enable-PSRemoting -Force cmdlet
- After you have executed the previous cmdlet and the output is similar to what can be seen in the preceding screenshot, if you re-run the Get-Service WinRM cmdlet, you will see that the Status property value has changed to Running, as shown:
Figure 9.15 - The WinRM service is now running
In many cases, you'll be able to work in other domains with remote computers. However, if the remote computer is not on a trusted domain, your credentials may not be authenticated by the remote computer. To allow authentication, you need to add the remote computer to the WinRM Local Computer Trusted Hosts list.
To do this, run the following code:
winrm set winrm/config/client '@{TrustedHosts="RemoteComputer"}
At this point, RemoteComputer should be the name of the remote computer, as follows:
winrm set winrm/config/client '@{TrustedHosts="PACKTCL2"}'
You must either use Hypertext Transfer Protocol Secure (HTTPS) as the transport or add the remote machine to the TrustedHosts configuration settings when operating on computers in workgroups or homegroups. If you can't connect to a remote host, then you should verify whether the service is running on the remote host and make sure it accepts requests by executing the following command on the remote host:
winrm quickconfig
This command analyzes and configures the WinRM service on that particular remote host.
In this section, you learned how to enable PowerShell Remoting and checked whether the services were running. You can now carry out management tasks via PowerShell Remoting on remote computers. You also now know that enabling PowerShell Remoting on a domain environment is much simpler than setting up PowerShell Remoting on a workgroup environment.