PowerShell Remoting

A major drawback of PowerShell 1.0 was the lack of a method to execute commands on a remote machine. PowerShell 2.0 addresses this with a new feature named remoting, which is designed to enable command (or script) execution on remote machines. Using PowerShell remoting, commands can be issued either synchronously or asynchronously and even scheduled or throttled.

Before using PowerShell remoting, you will first need the appropriate permissions to connect to the remote machine, then execute PowerShell, and finally execute the desired command or scripts. Additionally, the remote machine will need to have both PowerShell 2.0 and Windows Remote Management (WinRM) installed, and PowerShell will need to be configured for remoting. Note that the commands executed via remoting will be subject to the remote machine’s execution policies, preferences, and profiles.

Powershell Remoting Requirements

Before using PowerShell remoting, both the local and remote computers must have the below:

  • PowerShell 2.0 or later
  • .NET Framework 2.0 or later
  • Windows Remote Management (WinRM) 2.0 (this is part of Windows 7 and Windows Server 2008 R2. For previous versions of Windows, an integrated installation package needs to be downloaded and installed – the PowerShell 2.0 download includes this.).

Configuring Remoting

On  Windows Server 2008 R2, both PowerShell and WinRM are installed by default, however for security reasons, both PowerShell remoting and WinRM are initially configured to not allow remote connections. There are several methods to configure remoting:

The simplest method to enable PowerShell remoting is to execute the Enable-PSRemoting cmdlet:
PS C:\> enable-pssremoting
Once this is executed, the below tasks are performed by the  cmdlet:

  • Runs the Set-WSManQuickConfig cmdlet, which in turn executes the belows  tasks:
    • Starts up the WinRM service.
    • Sets the WinRM service startup type on the  to Automatic.
    • Creates a listener to listen for and accept requests on an IP address.
    • Enables a firewall exception for WS-Management communications.
  • Enables all the registered  PowerShell session configurations to receive instructions from  remote computers.
  • Registers the “Microsoft.PowerShell” session configuration (unless it has  already been registered).
  • Registers the “Microsoft.PowerShell32” session configuration on 64-bit systems (unless it has  already been registered).
  • Removes  “Deny Everyone” setting from the security descriptor for all  registered session configurations.
  • Finally, restarts  WinRM  to make the above changes effective.

Note that the Enable-PSRemoting cmdlet needs to be executed as an Administrator (using the Run As Administrator option).

Using PowerShell Remoting

The power PowerShell remoting is that any the cmdlets/scripts you used in PowerShell 1.0 are available everywhere (provided PowerShell is installed on the server).
Continues…