Header Ads

Header ADS

Cheat Sheet: Enable PowerShell Remoting

Test for PS Remoting

Run the command from an administrative machine:
Enter-PSSession -ComputerName LAB-CLI-01

Enable PS Remoting

1. Run the following commands from LAB-CLI-01. The -Force parameter is optional; just follow the prompts to view what changes are being performed.
Enable-PSRemoting [-Force]

2. Add the support teams (AD Groups) to the local Administrators group.

3. Then run the next to command to grant support teams (AD Groups) to the ability to perform remote PS commands/scripts. It will prompt you a window to complete the task - add Read|Write|Execute permissions: Set-PSSessionConfiguration -Name Microsoft.Powershell -ShowSecurityDescriptorUI

4. Validate with Enter-PSSession -ComputerName $TargetComputer or Invoke-Command -ComputerName $TargetComputer -ScriptBlock {script_block}

Optional: Allow Inboud Traffic for WMI

Validate:
Get-NetFirewallRule | Where-Object DisplayName -like "*Windows Management Instrumentation*" | Select-Object DisplayName, Name, Enabled

Enable Firewall Rules associtated
Get-NetFirewallRule Where-Object DisplayName -like "*Windows Management Instrumentation*" | Set-NetFirewallRule -Enabled True -Verbos

Optional: Add Trusted Hosts

Perform the following command below to establish a trust between a target PSSessionHost and a non-domain joined machine: Set-Item WSMAN:\localhost\Client\TrustedHosts -Value "LAB-SVR-01" (or *)

Validate with Get-Item WSMAN:\localhost\Client\TrustedHosts

Updates

Updated: Jan 6, 2020
Initially Published: Sept 9, 2019




Powered by Blogger.