Ezine 202 PowerShell Remoting with TrustedHosts
The ability to create a remote connection is the most important difference between PowerShell v 1.0 and 2.0. However, setting up remoting for the first time, is one of the most difficult tasks in PowerShell. But no worries, I will lead through the steps and anticipate some of the potential problems with WinRm and TrustedHosts.
Topics for PowerShell 2.0 Remote Connection
- This Week’s Secret
- This Week’s Mission – To Enable Remoting in PowerShell v 2.0
- Goal – To Set TrustedHosts
- Download Your Free WMI Monitor
♣
This Week’s Secret
PowerShell 1.0 is easier to learn than v 2.0, largely because there are few cmdlets and certainly no ability to create a remote session. However, for those who mastered the basics of v 1.0, this inability to run scripts against another machine soon becomes a severe limitation. Furthermore, once you have a working knowledge of PowerShell, then setting up remoting is not so hard after all. It’s almost as though PowerShell 2.0 has this built in hurdle, you won’t be able to use remoting until your good enough to find, and then control, the TrustedHosts configuration.
This Week’s Mission – To Enable Remoting in PowerShell v 2.0
I have divided our mission into four sections, this breakdown is particularly handy for troubleshooting.
- Install WinRm
- Enable PowerShell Remoting
- Set TrustedHosts *
- Create a Remote Session with PSSession
Goal – To Install the WinRm service and understand the corresponding WSMan namespace / provider.
The problem in explaining how to install WinRm is that each operating system has a different requirement. Windows 7 and Windows Server 2008 R2 already have WinRm, so there is no need worry about installing this service. However, for Vista, XP and Windows Server 2008 you need to download the files from Microsoft and install WinRm. Any doubts on what your machine already has installed either check the Services mmc, or better still use PowerShell and try: get-Service winrm.
Goal – To Enable PowerShell Remoting
Launch PowerShell v 2.0 as an administrator then try this:
Enable-PSRemoting
Note that unlike PSSession commands, this function only has one ‘S’ – PSRemoting. Actually, the underling cmdlet is Enable-PSSessionConfiguration. Running Enable-PSRemoting cmdlet achieves the following:
Starts the WinRM service and sets the startup type to Automatic. Enables a firewall exception for WS-Management communications. Creates a listener to accept requests on any IP address.
Goal – To Check TrustedHosts for * (All)
First let us digress and check for PowerShell ‘providers’.
Get-PsProvider
The point of the other command is to show the existence of the WSMan namespace which maps to WinRm. Next we can check its config settings in general and TrustedHosts in particular.
# PowerShell 2.0
cd wsman:
cd localhost\client
dir
Please note: cd wsman fails, we need that colon.
Crucial Goal – Set TrustedHosts *
Important, this will not work unless you are in the localhost\client folder of the WSMan namespace, see above instruction.
# PowerShell 2.0
set-Item TrustedHosts *
# Please remove the # from the next line
# restart-Service winrm
Note 1: For PowerShell to recognise the new TrustedHosts settings you need to restart the WinRm service. It’s satisfying to use PowerShell itself to achieve this with restart-Service winrm
Note 2: A rare plural. All the PowerShell cmdlets are singular, but TrustedHosts is plural.
Note 3: If this command gives trouble, revert to DOS! Run winrm -? in a CMD box As Administrator, specifically:
winrm get winrm/config/client
Note 4: Once the euphoria of success wears off you may want to limit * and substitute the names of servers on your network.
Final Goal – To Complete Our Mission and Create a PowerShell Remote Session
# PowerShell 2.0
Enter-PSSession IpAddress or FQDM
# When you have finished remove # from:
# Exit-PSSession
Enter-PSSession requires a fully.quallified.domain.name e.g. BigServer.domain.local Plain BigServer would NOT work, however the IP address is always good in this situation.
Where Next?
Once remoting is working then there is no barrier to employing PowerShell to manage network computers, you can now run scripts against other machines. Many cmdlets support the -computerName parameter, but remoting also enables you to use the PSSession family of cmdlets and also invoke-Command.
WMI Monitor Details
Here is another chance to download this free WMI Monitor. It enables to you to measure the real-time performance of any modern Microsoft operating system. Your FREE WMI Monitor will deliver a desktop dashboard that monitors any Windows server and offers built-in templates plus community customizable templates. Take the guess work out of which WMI counters to use for applications like Microsoft Active Directory, Exchange mailboxes or SharePoint.
WMI Monitor Highlights:
- Monitor real-time performance metrics on any Windows computer or application.
- Leverage a large selection of pre-built and community generated application templates.
- Modify or design your own application templates with the built-in WMI browser.
- Use the WMI Monitor to familiarise yourself with classes that can be then used for PowerShell scripting.
- Download Your Free WMI Monitor
- See a review of WMI Monitor
Summary of PowerShell Remoting
The secret of getting PowerShell remoting to work, is to understand the pre-requisites. Install WinRm, run the Enable-PSRemoting to setup remoting, check the TrustedHosts*. As for the actual Enter-PSSession, remember to specify the fully qualified hostname, else use the IPAddress.
Guy Recommends: Tools4ever’s UMRA
Tired of writing scripts? The User Management Resource Administrator solution by Tools4ever offers an alternative to time-consuming manual processes.
It features 100% auto provisioning, Helpdesk Delegation, Connectors to more than 130 systems/applications, Workflow Management, Self Service and many other benefits. Click on the link for more information onUMRA.
If you like this page then please share it with your friends
See more Microsoft PowerShell tutorials
• PowerShell Home • Real life tasks • Invoke-Command • PowerShell Windows 7
• Remote PowerShell • PowerShell WSMan • -Online • PowerShell WinRm • Test-Connection
• Jobs -AsJob • Receive-Job • Get-Job • Receive-Job • Free WMI Monitor
Please email me if you have a better example script. Also please report any factual mistakes, grammatical errors or broken links, I will be happy to correct the fault.
