PowerShell : A deep dive into remoting - part 2

To get PowerShell remoting working, you need to have the WinRM service up and running and configure it for remoting. WinRm is Microsoft’s implementation of the industry standard WS-Management Protocol which is a DMTF open standard defining a SOAP-based protocol for the management of servers, devices, applications and various Web services. WinRM uses SOAP over HTTP and HTTPS, and thus is considered a firewall-friendly protocol. It was designed to provide interoperability and consistency for enterprise networks that have a variety of operating systems, to locate and exchange management information. WinRM is not exclusive to PowerShell, but when received a traffic that is tagged for PowerShell it can take care of accepting and passing the details to PowerShell.

WinRM is the “server” component of remote management application and WinRS (Windows Remote Shell) is the “client” for WinRM, which runs on the remote computer attempting to remotely manage the WinRM server. It’s important that the computer that needs to be remotly accessed and the computer that has to access the remote computers must have WinRM installed and enabled on them for WinRS to work and retrieve information from the remote system

To setup the computer for remote access, you need to first ensure that the WinRM service is started and running. To check that you can use the Get-Service cmdlet as given below

Get-Service –Name WinRm | select –expand Status

WinRM uses configuration items endpoint and listeners to receive traffic from a specific application. An application using WinRM should have an endpoint configured, it’s also fine if an application have multiple endpoints setup. Listeners are configuration items that the application uses to accept incokming traffic. You can see the listeners setup for WinRM by using the cmdlet

Get-WSManInstance winrm/config/Listener –Enumerate

the default ports used for WS-Management and PowerShell remoting are 5985 over HTTP an 5986 over HTTPS. You can add more listeners if you want using the New-WSManInstance cmdlet. The easiest way to setup PowerShell remoting is by using the Set-PSRemoting cmdlet. This will execute the following tasks on the machine

Enable-PSRemoting –Force –Confirm:$true

• Checks whether the WinRM service is started. If stopped, it starts the service or it will restart the service

• Sets the start mode of WinRM service to auto

• Creates a WinRM listener for HTTP traffic on port 5985 for all local IP addresses.

• Creates a Windows Firewall exception for the WinRM listener.

• Setup endpoints for the applications Microsoft.PowerShell, Microsoft.PowerShell32, Microsoft.ServerManager,  Microsoft.Windows.ServerManagerWorkflows and Microsoft.PowerShell.Workflow

By default, Windows PowerShell Remoting uses Kerberos authentication, which requires a domain controller. If you are not using a domain or need to connect to machines outside your own trusted domain(s), you need to add all computers to the trustedhosts by using the Set-Item cmdlet.

Set-Item wsman:\localhost\client\trustedhosts * -Force

You can note that PowerShell has a PSProvider implementation fo WSMan and you can now query it as a file system.

Next in the series we’ll see how to execute cmdlets using a remote session.