Revision as of 12:44, 18 January 2019

Allow Remote Powershell

Server

Enable PSRemoting

On the server you'll be accessing

PS> Enable-PSRemoting -Force      #suppresses user prompts and enables.
PS> Enable-PSRemoting -SkipNetworkProfileCheck -Force      #enables even on public networks.

Enable Windows Remote Management (WinRM)

You will also probably have to enable WinRM (windows remote management)

# Set start mode to automatic
PS> Set-Service WinRM -StartMode Automatic

# Verify start mode and state - it should be running
PS> Get-WmiObject -Class win32_service | Where-Object {$_.name -like "WinRM"}

# Start/Stop service
PS> Start-Service -Name "WinRM"
PS> Stop-Service -Name "WinRM"

Trusted Hosts List

You may also need to add the client that will be connecting to the trusted hosts list.

PS> Set-Item WSMan:\localhost\Client\TrustedHosts -Value "FQDN" -Force    #Adds an individual host.  Overwrites previous entry.
PS> Set-Item WSMan:\localhost\Client\TrustedHosts -Value "*" -Force      #Adds everything to the trusted host list.

PS> Get-Item WSMan:\localhost\Client\TrustedHosts


   WSManConfig: Microsoft.WSMan.Management\WSMan::localhost\Client

Type            Name                           SourceOfValue   Value                                                  
----            ----                           -------------   -----                                                  
System.String   TrustedHosts                                   *

Test Connectivity

PS> Test-WSMan -ComputerName {ServerFQDN} -Credential {ServerFQDN/Domain}\{User} -Authentication Default
ie. PS> Test-WSMan -ComputerName win-45mo0eqvg4g -Credential win-45mo0eqvg4g\Administrator -Authentication Default

Client

Trusted Hosts

From the Client you need add the server to the Trusted Hosts.
NOTE: While you do NOT need WinRM to be running on the client, you do need to start it in order to manipulate the trusted host list.

PS> PS> Start-Service -Name "WinRM"

PS> Set-Item WSMan:\localhost\Client\TrustedHosts -Value "FQDN" -Force    #Adds an individual host.  Overwrites previous entry.
PS> Set-Item WSMan:\localhost\Client\TrustedHosts -Value "*" -Force      #Adds everything to the trusted host list.

PS> Get-Item WSMan:\localhost\Client\TrustedHosts


   WSManConfig: Microsoft.WSMan.Management\WSMan::localhost\Client

Type            Name                           SourceOfValue   Value                                                  
----            ----                           -------------   -----                                                  
System.String   TrustedHosts                                   *  

PS> Stop-Service -Name "WinRM"

Test Connectivity

PS> Test-WSMan -ComputerName {ServerFQDN} -Credential {ServerFQDN/Domain}\{User} -Authentication Default
ie. PS> Test-WSMan -ComputerName win-45mo0eqvg4g -Credential win-45mo0eqvg4g\Administrator -Authentication Default

Sessions/Invoke Command

To run remote powershell commands, you'll need to either specify the computer name or create a session and specify that.

#Without a Session, unique one-liner
PS> Invoke-Command -ComputerName win-45mo0eqvg4g -Credential win-45mo0eqvg4g\Administrator -ScriptBlock {HostName}
WIN-45MO0EQVG4G

#With a session
PS> New-PSSession -ComputerName win-45mo0eqvg4g -Credential win-45mo0eqvg4g\Administrator

 Id Name            ComputerName    ComputerType    State         ConfigurationName     Availability
 -- ----            ------------    ------------    -----         -----------------     ------------
  6 WinRM6          win-45mo0eqvg4g RemoteMachine   Opened        Microsoft.PowerShell     Available

PS> Invoke-Command -Session (Get-PSSession) -ScriptBlock {Hostname}
WIN-45MO0EQVG4G

New/Disconnect/Remove

The process should be to Create a NEW session > DISCONNECT the session (but leaves in history) > REMOVE the session (removes from history).

PS> New-PSSession -ComputerName win-45mo0eqvg4g -Credential win-45mo0eqvg4g\Administrator
PS> Disconnect-PSSession (Get-PSSession)
PS> Remove-PSSession (Get-PSSession)

@@ Line 37: / Line 37: @@
 ==Client==
 ===Trusted Hosts===
-From the Client you should only have to potentially add the server to the Trusted Hosts
+From the Client you need add the server to the Trusted Hosts. <br>
-  <nowiki>PS> Set-Item WSMan:\localhost\Client\TrustedHosts -Value "FQDN" -Force    #Adds an individual host.  Overwrites previous entry.
+'''NOTE:''' While you do NOT need WinRM to be running on the client, you do need to start it in order to manipulate the trusted host list.
+  <nowiki>PS> PS> Start-Service -Name "WinRM"
+PS> Set-Item WSMan:\localhost\Client\TrustedHosts -Value "FQDN" -Force    #Adds an individual host.  Overwrites previous entry.
 PS> Set-Item WSMan:\localhost\Client\TrustedHosts -Value "*" -Force      #Adds everything to the trusted host list.
@@ Line 48: / Line 51: @@
 Type            Name                           SourceOfValue   Value
 ----            ----                           -------------   -----
-System.String   TrustedHosts                                   *  </nowiki>
+System.String   TrustedHosts                                   *
+PS> Stop-Service -Name "WinRM"</nowiki>
 ===Test Connectivity===

Windows/Powershell

Revision as of 12:44, 18 January 2019

Contents

Allow Remote Powershell

Server

Enable PSRemoting

Enable Windows Remote Management (WinRM)

Trusted Hosts List

Test Connectivity

Client

Trusted Hosts

Test Connectivity

Sessions/Invoke Command

New/Disconnect/Remove

Personal tools

Namespaces

Variants

Views

Actions

Search

Navigation

Mediawiki

Confluence

DevOps Tools

Ubuntu

Ubuntu 22

Mac OSX

Oracle Linux

AWS

Windows

OpenVPN

Grafana

InfluxDB2

TrueNas

OwnCloud

Pivotal

osTicket

OTRS

phpBB

WordPress

VmWare ESXI 5.1

Crypto currencies

HTML

CSS

Python

Java Script

PHP

Raspberry Pi

Canvas LMS

Kaltura Media Server

Plex Media Server

MetaSploit

Zoneminder

ShinobiCE

Photoshop CS2

Fortinet

Uploaded

Certifications

General Info

Games

Meal Plans

NC Statutes

2020 Election

Volkswagen

Covid

NCDMV

Toolbox