### Configure Remote Powershell Step By Step for Standalone Servers ###
in this method we’ll set up Remote Powershell using HTTPS
on the remote server Steps –
1. first lets Enable the PS Remoting Option
1 |
PS C:\Enable-PSRemoting -SkipNetworkProfileCheck -Force |
this cmdlet will enable PSRemoting and enable HTTP Listener
we can view the details for the default listener with the following command: PS C:\dir wsman:\localhost\listener
if you think you won’t use this HTTP Listener then you can simply remove it by typing
1 |
PS C:\Remove-Item -Path WSMan:\localhost\Listener\<Listener Name> -Force |
Now We’ll start configure another listener for HTTPS
2. lets create Certificate (Require PS V4)
1 |
PS C:\$CreateCert = New-SelfSignedCertificate -CertstoreLocation Cert:\LocalMachine\My -DnsName "hostname" |
3. we will use this certificate later on the local machine so lets export it
1 |
PS C:\Export-Certificate -Cert $CreateCert -FilePath <PATH> |
4. Adding the HTTPS Listener with the new certificate we just created
1 |
PS C:\New-Item -Path WSMan:\LocalHost\Listener -Transport HTTPS -Address * -CertificateThumbPrint $CreateCert.Thumbprint –Force |
5. Configure the Server Firewall to listen on Port 5986
1 |
PS C:\New-NetFirewallRule -DisplayName "Windows Remote Management (HTTPS-In)" -Name "Windows Remote Management (HTTPS-In)" -Profile Any -LocalPort 5986 -Protocol TCP |
*Enable Compatibility – support the port 5986 for HTTPS Traffic
1 |
PS C:\Set-Item WSMan:\localhost\Service\EnableCompatibilityHttpsListener -Value true |
On The Local Computer (Client) Steps –
1. Import the Certificatewe created on the server side
copy the certificate file we exported before from step 3 on the remote server steps to your local machine
open Powershell and type
1 |
PS C:\Import-Certificate -Filepath C:\Workdir\<Certificate File> -CertStoreLocation "Cert:\LocalMachine\Root" -CertStoreLocation "Cert:\LocalMachine\Root" |
2. Now All Set up Correct and we can Remote with Enter-PSSession or using the Invoke-Command
Examples –
1 2 3 4 |
PS C:\Enter-PSSession -ComputerName "RemoteComputer" -UseSSL -Credential (Get-Credential) ###Default Port 443 PS C:\Enter-PSSession -ComputerName "RemoteComputer" -UseSSL -Port 5986 PS C:\Invoke-Command -ComputerName "RemoteComputer" -UseSSL -ScriptBlock {Get-Process} -Credential (Get-Credential) |