Powershell Remoting

This topic contains 2 replies, has 2 voices, and was last updated by Profile photo of Stephen Jones Stephen Jones 2 years, 3 months ago.

  • Author
    Posts
  • #18313
    Profile photo of Stephen Jones
    Stephen Jones
    Participant

    Hello all,

    I'm new to powershell so please bear with me if this is an obvious question. I'm trying to enable powershell remoting on my local network and I have set the following GP items:
    1.Set the WinRM service to auto start:
    2.In the Group Policy Editor, navigate to Computer Configuration Policies Windows Settings Security Settings System Services.
    3.Double click Windows Remote Management (WS-Management) and set it to Automatic.
    1.Create the WinRM listener:

    c. In the Group Policy Editor, navigate to Computer Configuration Policies Administrative Templates Windows Components Windows Remote Management (WinRM) WinRM Service.

    d. Double click Allow automatic configuration of listeners and configure the IPv4 filter to *.
    1.Create a firewall exception for WinRM:

    e. In the Group Policy Editor, navigate to Computer Configuration Policies Windows Settings Security Settings Windows Firewall with Advanced Security.

    f. Create an Inbound Rule for WinRM for port 5985.

    The problem is that I am unable to enter-possession to any client unless I go to a machine first and run winrm quickconfig. I was trying to use GP to avoid touching all the machines but when I run the quickconfig, it states:

    WinRM already is setup to receive requests on this machine
    [b]WinRM is not setup to allow remote access to this machine for management[/b]
    The following changes must be made – enable the winRM firewall exception.

    Now when I type y I can enter-possession on that client but my question is why does this not work via gp? I can verify that my firewall exception is being passed along to the machines and I even specified the winrm service for the FW but for some reason, winrm will not allow the remote access.

  • #18314
    Profile photo of Don Jones
    Don Jones
    Keymaster

    Have you run through "Secrets of PowerShell Remoting" by any chance?

    The quick config cmdlet doesn't do everything, but the book might identify something you've missed.

  • #18318
    Profile photo of Stephen Jones
    Stephen Jones
    Participant

    Thanks for the response Don, I've looked at Enabling Remoting in the Secrets ebook (great ebook by the way) and the problem was my firewall rule. With security in mind I made the rule a bit too tight. I compared it to the prebuilt rule and made a few changes and it worked. Thanks again for the assistance.

You must be logged in to reply to this topic.