Active Directory - Configure Windows Remote Management (WinRM)

Windows Remote Management (WinRM) is Microsoft's new remote management technology. WinRM replaces the PSTools package from SysInternals.

WinRM is a service that is started on Windows Server 2008 and above. The server side listener must be configured on all hosts before they will accept requests. In order for this configuration to be secure, all connections should be over HTTPS.

In order to perform these tasks securely WinRM should be configured to use SSL to encrypt all of its traffic. This will require that each host has a valid Server Authentication certificate with a CN matching the hostname.

The following command will configure WinRM:

winrm quickconfig -transport:https

Verify that TCP/5986 is open in the firewall and you should be all set. Be sure to use the computer name as it appears in the CN of the server certificate and the "-UseSSL" argument.

Now you should be able to use the following commands:

Run a command on a remote server

Invoke-Command -computer computer.domain.tld -scriptblock {Get-Service Server} -UseSSL

Run a local script on a remote server

Invoke-Command -computer computer.domain.tld -FilePath C:\scripts\test.ps1 -UseSSL

Execute a command multiple remote servers:

$Servers = @("RemoteHost1.domain.tld ", "RemoteHost2.domain.tld ", "RemoteHost3.domain.tld ")
Invoke-Command -ComputerName $Servers -ScriptBlock {Get-Service Server}

Force Group Policy Update on all Domain Controllers

Invoke-Command -comp $((Get-ADComputer -f * -searchbase "ou=domain controllers,dc=domain,dc=tld").dnshostname) -ScriptBlock {gpupdate /target:computer /force} -UseSSL

Connect to a local/remote computer by name:

Enter-PSSession -ComputerName RemoteHost.domain.tld -UseSSL

Keywords:WinRM Windows Remote Management PowerShell psh   Doc ID:35144
Owner:Marc T.Group:Identity and Access Management
Created:2013-11-06 12:17 CDTUpdated:2020-04-09 08:57 CDT
Sites:Campus Active Directory, Identity and Access Management
Feedback:  1   0