August 26, 2014 at 8:59 am #18313
I'm new to powershell so please bear with me if this is an obvious question. I'm trying to enable powershell remoting on my local network and I have set the following GP items:
1.Set the WinRM service to auto start:
2.In the Group Policy Editor, navigate to Computer Configuration Policies Windows Settings Security Settings System Services.
3.Double click Windows Remote Management (WS-Management) and set it to Automatic.
1.Create the WinRM listener:
c. In the Group Policy Editor, navigate to Computer Configuration Policies Administrative Templates Windows Components Windows Remote Management (WinRM) WinRM Service.
d. Double click Allow automatic configuration of listeners and configure the IPv4 filter to *.
1.Create a firewall exception for WinRM:
e. In the Group Policy Editor, navigate to Computer Configuration Policies Windows Settings Security Settings Windows Firewall with Advanced Security.
f. Create an Inbound Rule for WinRM for port 5985.
The problem is that I am unable to enter-possession to any client unless I go to a machine first and run winrm quickconfig. I was trying to use GP to avoid touching all the machines but when I run the quickconfig, it states:
WinRM already is setup to receive requests on this machine
[b]WinRM is not setup to allow remote access to this machine for management[/b]
The following changes must be made – enable the winRM firewall exception.
Now when I type y I can enter-possession on that client but my question is why does this not work via gp? I can verify that my firewall exception is being passed along to the machines and I even specified the winrm service for the FW but for some reason, winrm will not allow the remote access.
August 26, 2014 at 9:13 am #18314
Have you run through "Secrets of PowerShell Remoting" by any chance?
The quick config cmdlet doesn't do everything, but the book might identify something you've missed.
August 26, 2014 at 11:47 am #18318
Thanks for the response Don, I've looked at Enabling Remoting in the Secrets ebook (great ebook by the way) and the problem was my firewall rule. With security in mind I made the rule a bit too tight. I compared it to the prebuilt rule and made a few changes and it worked. Thanks again for the assistance.
You must be logged in to reply to this topic.