Configure Remote Powershell Step By Step

### Configure Remote Powershell Step By Step for Standalone Servers ###

in this method we’ll set up Remote Powershell using HTTPS

on the remote server Steps –

1. first lets Enable the PS Remoting Option

PS C:\Enable-PSRemoting -SkipNetworkProfileCheck -Force

1	PS C:\Enable-PSRemoting -SkipNetworkProfileCheck -Force

this cmdlet will enable PSRemoting and enable HTTP Listener
we can view the details for the default listener with the following command: PS C:\dir wsman:\localhost\listener
if you think you won’t use this HTTP Listener then you can simply remove it by typing

PS C:\Remove-Item -Path WSMan:\localhost\Listener\<Listener Name> -Force

1	PS C:\Remove-Item -Path WSMan:\localhost\Listener\<Listener Name> -Force

Now We’ll start configure another listener for HTTPS

2. lets create Certificate (Require PS V4)

PS C:\$CreateCert = New-SelfSignedCertificate -CertstoreLocation Cert:\LocalMachine\My -DnsName "hostname"

1	PS C:\$CreateCert = New-SelfSignedCertificate -CertstoreLocation Cert:\LocalMachine\My -DnsName "hostname"

3. we will use this certificate later on the local machine so lets export it

PS C:\Export-Certificate -Cert $CreateCert -FilePath <PATH>

1	PS C:\Export-Certificate -Cert $CreateCert -FilePath <PATH>

4. Adding the HTTPS Listener with the new certificate we just created

PS C:\New-Item -Path WSMan:\LocalHost\Listener -Transport HTTPS -Address * -CertificateThumbPrint $CreateCert.Thumbprint –Force

1	PS C:\New-Item -Path WSMan:\LocalHost\Listener -Transport HTTPS -Address * -CertificateThumbPrint $CreateCert.Thumbprint –Force

5. Configure the Server Firewall to listen on Port 5986

PS C:\New-NetFirewallRule -DisplayName "Windows Remote Management (HTTPS-In)" -Name "Windows Remote Management (HTTPS-In)" -Profile Any -LocalPort 5986 -Protocol TCP

1	PS C:\New-NetFirewallRule -DisplayName "Windows Remote Management (HTTPS-In)" -Name "Windows Remote Management (HTTPS-In)" -Profile Any -LocalPort 5986 -Protocol TCP

*Enable Compatibility – support the port 5986 for HTTPS Traffic

PS C:\Set-Item WSMan:\localhost\Service\EnableCompatibilityHttpsListener -Value true

1	PS C:\Set-Item WSMan:\localhost\Service\EnableCompatibilityHttpsListener -Value true

On The Local Computer (Client) Steps –

1. Import the Certificatewe created on the server side
copy the certificate file we exported before from step 3 on the remote server steps to your local machine
open Powershell and type

PS C:\Import-Certificate -Filepath C:\Workdir\<Certificate File> -CertStoreLocation "Cert:\LocalMachine\Root" -CertStoreLocation "Cert:\LocalMachine\Root"

1	PS C:\Import-Certificate -Filepath C:\Workdir\<Certificate File> -CertStoreLocation "Cert:\LocalMachine\Root" -CertStoreLocation "Cert:\LocalMachine\Root"

2. Now All Set up Correct and we can Remote with Enter-PSSession or using the Invoke-Command
Examples –

PS C:\Enter-PSSession -ComputerName "RemoteComputer" -UseSSL -Credential (Get-Credential) ###Default Port 443
PS C:\Enter-PSSession -ComputerName "RemoteComputer" -UseSSL -Port 5986

PS C:\Invoke-Command -ComputerName "RemoteComputer" -UseSSL -ScriptBlock {Get-Process} -Credential (Get-Credential)

PS C:\Enter-PSSession -ComputerName "RemoteComputer" -UseSSL -Credential (Get-Credential) ###Default Port 443

PS C:\Enter-PSSession -ComputerName "RemoteComputer" -UseSSL -Port 5986

PS C:\Invoke-Command -ComputerName "RemoteComputer" -UseSSL -ScriptBlock {Get-Process} -Credential (Get-Credential)

(Visited 1,127 times, 1 visits today)

Leave a Reply Cancel reply