Powershell Remoting is very impressive feature from Windows server 2008 R2 / Powershell 2.0, it allows to run any PowerShell commands or access full PowerShell sessions on remote Server unlike the older native commands that run on the same server where the command been executed , so it’s powerful and easy to run a function from multiple system with less amount of time
What changes from native command execution?
- PowerShell command is executed on the client
- Same PowerShell command is transmitted to the server
- Server executes the PowerShell command and then returns the output to the client
- Client displays or uses the returned output
How to Enable Powershell Remoting on Windows server 2008, Windows 7 and other systems
By default Powershell Remoting is disabled on Windows server 2008 R2 and need to enable by running an enable-psremoting command on individual servers, we have others option to Enable Powershell Remoting on multiple servers remotely, methods are
Enable Powershell Remoting with PSEXEC (Remotely)
We can open psexec from CMD and connect each server and run enable-psremoting -force or run below command with different server name
psexec \\[Server name] -u [User name] -p [password] -h -d powershell.exe “enable-psremoting -force”
Please replace “\\[Server name]” with an IP address, or even “@C:\[path]\serverlist.txt” to automatically enable psRemoting on a big list of computers on your environment
Enable Powershell Remoting with schedule task
We have to create the batch file or ps1 file with enable-psremoting –force command and created a schedule task using the schtasks command pointing to created patch file or ps1 file
Scheduled a task to run the script (batch file or ps1 file) and enable the Powershell Remoting
Enable Powershell Remoting with Server Manager
- Open Server Manager
- On Server Manager home page, click Configure Server Manager Remote Management.
- Next,
- Select Enable Remote Management of This Server from Other Computers.
- Ok
Enable Powershell Remoting via Group Policy
- Create a new GPO, or edit an existing GPO
- Browse to: Policies > Administrative Templates > Windows Components > Windows Remote Management (WinRM) > WinRM Service
- Open the Allow Automatic Configuration of Listeners Policy, select Enabled, and then define the IPv4 filter and IPv6 filter as *(Server 2008 and earlier).
- Open the Allow Remote Server management through WinRM Policy, select Enabled, and then define the IPv4 filter and IPv6 filter as *(Server 2008 R2 and later).
- Click OK.
For Firewall Rules
- Browse to: Computer Configuration> Policies> Windows Settings> Security Settings> Windows Firewall with Advanced Security> Windows Firewall with Advanced Security> and then Inbound Rules.
- Right-click Inbound Rules, and then click New Rule.
- In the New Inbound Rule Wizard, on the Rule Type page, select Predefined.
- On the Predefined pull-down menu, select Remote Event Log Management. Click Next.
- On the Predefined Rules page, click Next to accept the new rules.
- On the Action page, select Allow the Connection, and then click Finish. Allow the Connection is the default selection.
- Repeat above steps to create inbound rules for the Remote Service Management and Windows Firewall Remote Management
If you are using Windows server 2012 then no need to do any of above configuration to enable powershell remoting, Yes it’s enabled by default, start using the feature without any extra effort