Windows/Powershell

From r00tedvw.com wiki
Jump to: navigation, search

Contents

Allow Remote Powershell

Server

Enable PSRemoting

On the server you'll be accessing

PS> Enable-PSRemoting -Force      #suppresses user prompts and enables.
PS> Enable-PSRemoting -SkipNetworkProfileCheck -Force      #enables even on public networks.

Enable Windows Remote Management (WinRM)

You will also probably have to enable WinRM (windows remote management)

# Set start mode to automatic
PS> Set-Service WinRM -StartMode Automatic

# Verify start mode and state - it should be running
PS> Get-WmiObject -Class win32_service | Where-Object {$_.name -like "WinRM"}

# or verify it with this
PS> Get-Service -Name "WinRM"

# Start/Stop service
PS> Start-Service -Name "WinRM"
PS> Stop-Service -Name "WinRM"

Trusted Hosts List

You may also need to add the client that will be connecting to the trusted hosts list.

PS> Set-Item WSMan:\localhost\Client\TrustedHosts -Value "FQDN" -Force    #Adds an individual host.  Overwrites previous entry.
PS> Set-Item WSMan:\localhost\Client\TrustedHosts -Value "*" -Force      #Adds everything to the trusted host list.

PS> Get-Item WSMan:\localhost\Client\TrustedHosts


   WSManConfig: Microsoft.WSMan.Management\WSMan::localhost\Client

Type            Name                           SourceOfValue   Value                                                  
----            ----                           -------------   -----                                                  
System.String   TrustedHosts                                   *  

Add to existing

If you want to add to the existing list without overwriting, you can either create an array out of the existing values, or use the -Concatenate switch.

PS> $curList = (Get-Item WSMan:\localhost\Client\TrustedHosts).value
PS> Set-Item WSMan:\localhost\Client\TrustedHosts -Value "$curList, FQDN"

PS> Set-Item WSMan:\localhost\Client\TrustedHosts -Concatenate -Value FQDN

Test Connectivity

PS> Test-WSMan -ComputerName {ServerFQDN} -Credential {ServerFQDN/Domain}\{User} -Authentication Default
ie. PS> Test-WSMan -ComputerName win-45mo0eqvg4g -Credential win-45mo0eqvg4g\Administrator -Authentication Default

Client

Trusted Hosts

From the Client you need add the server to the Trusted Hosts.
NOTE: While you do NOT need WinRM to be running on the client, you do need to start it in order to manipulate the trusted host list.

PS> PS> Start-Service -Name "WinRM"

PS> Set-Item WSMan:\localhost\Client\TrustedHosts -Value "FQDN" -Force    #Adds an individual host.  Overwrites previous entry.
PS> Set-Item WSMan:\localhost\Client\TrustedHosts -Value "*" -Force      #Adds everything to the trusted host list.

PS> Get-Item WSMan:\localhost\Client\TrustedHosts


   WSManConfig: Microsoft.WSMan.Management\WSMan::localhost\Client

Type            Name                           SourceOfValue   Value                                                  
----            ----                           -------------   -----                                                  
System.String   TrustedHosts                                   *  

PS> Stop-Service -Name "WinRM"

Test Connectivity

PS> Test-WSMan -ComputerName {ServerFQDN} -Credential {ServerFQDN/Domain}\{User} -Authentication Default
ie. PS> Test-WSMan -ComputerName win-45mo0eqvg4g -Credential win-45mo0eqvg4g\Administrator -Authentication Default

Sessions/Invoke Command

To run remote powershell commands, you'll need to either specify the computer name or create a session and specify that.

#Without a Session, unique one-liner
PS> Invoke-Command -ComputerName win-45mo0eqvg4g -Credential win-45mo0eqvg4g\Administrator -ScriptBlock {HostName}
WIN-45MO0EQVG4G

#With a session
PS> New-PSSession -ComputerName win-45mo0eqvg4g -Credential win-45mo0eqvg4g\Administrator

 Id Name            ComputerName    ComputerType    State         ConfigurationName     Availability
 -- ----            ------------    ------------    -----         -----------------     ------------
  6 WinRM6          win-45mo0eqvg4g RemoteMachine   Opened        Microsoft.PowerShell     Available

PS> Invoke-Command -Session (Get-PSSession) -ScriptBlock {Hostname}
WIN-45MO0EQVG4G

New/Disconnect/Remove

The process should be to Create a NEW session > DISCONNECT the session (but leaves in history) > REMOVE the session (removes from history).

PS> New-PSSession -ComputerName win-45mo0eqvg4g -Credential win-45mo0eqvg4g\Administrator
PS> Disconnect-PSSession (Get-PSSession)
PS> Remove-PSSession (Get-PSSession)
Personal tools
Namespaces

Variants
Actions
Navigation
Mediawiki
Confluence
DevOps Tools
Ubuntu
Oracle Linux
AWS
Windows
OpenVPN
Grafana
Pivotal
osTicket
OTRS
phpBB
WordPress
VmWare ESXI 5.1
Crypto currencies
HTML
CSS
Python
Java Script
PHP
Raspberry Pi
Canvas LMS
Kaltura Media Server
MetaSploit
Zoneminder
Photoshop CS2
Fortinet
Uploaded
Certifications
General Info
Games
Meal Plans
NC Statutes
Toolbox