Here comes some instructions, howto Enable Powershell Remoting in a Windows Domain.

Step 1 – Set Powershell Execute Policy:

By Default the powershell allow only code-signed powershell script. To be able to change this settings to RemoteSigned (Enable Local scripts to run without to be signed. Scripts that is downloaded from the internet, must be signed.) you can do following:

  1. Create an new GPO ex: Set Computer Settings – Enable Powershell Remoting
  2. Right-click on new gpo and choose Edit
  3. Expand and goto ”Computer Configuration > Polices > Administrative Templates > Windows Components > Windows PowerShell
  4. Right-Click on Setting: Turn On Script Execution and choose Edit
  5. Turn on Policy setting, click on Radio-option Enable
  6. On Select Menu Execution Policy, Choose Allow local scripts and remote signed scripts
  7. Click Button OK

Step 2 – Allow remote Server Management through WinRM:

Enabling Powershell Remoting on every servers and clients in your environment you can do it from group policy.

  1. Right-Click on same GPO you just created Set Computer Settings – Enable Powershell Remoting and choose Edit
  2. Expand and goto ”Computer Configuration > Polices > Administrative Templates > Windows Components > Windows Remote Management (WinRM) > WinRM Service
  3. Right-Click on Setting: Allow remote server managment through WinRM and choose Edit
  4. Turn on Policy setting, click on Radio-option Enable
  5. On Options :
    1. IPv4 filter: * or specific ip-adress scope the service will be enable for
    2. IPv6 filter: * or specific ip-adress scope the service will be enable for
  6. Click Button OK

Step 3 – Turn on Service Windows Remote Management (WS-Management):

By Default Service ”Windows Remote Managment” is not turned on.  To turn on to every server and clients you have in your the windows environment, you can do it by a group policy.

  1. Right-Click on same GPO you just created Set Computer Settings – Enable Powershell Remoting and choose Edit
  2. Expand and goto ”Computer Configuration > Polices > Windows Settings > Security Settings > System Services
  3. Right-Click on Setting: Windows Remote Management (WS-Management) and choose Properties
  4. Click option and Select:  Define this policy setting
  5. Select Radio-option: Automatic
  6. Click Button OK

Step 4: Allow Windows Remote Managment through Windows Firewall:

Do this step If you have Windows Firewall Group Policy:

  1. Create an new GPO ex: Set Computer Settings – Configure Firewall
  2. Right-click on new gpo and choose Edit
  3. Expand and goto ”Computer Configuration > Polices > Windows Settings > Security Settings > Windows Firewall > Windows Firewall
  4. Right-Click on setting: Inbound Rules and choose New Rule
  5. Select Radio-Option: Predefined
  6. Choose in Select Menu: Windows Remote Managment (HTTP-In)
  7. Click Next until End of wizard.
  8. Right-click on the new Rule: Windows Remote Managment (HTTP-In)  and choose Properties
  9. Goto Tab:  Advanced and uncheck option Public.
  10. Goto Tab: Scope and add select radio-option These Ip adresses: Under Remote IP adress.
  11. Click on Add button
  12. Select Radio-Option: This IP adresses range
  13. In From Input option: ex: 192.168.1.100
  14. In To Input option: ex: 192.168.1.254
  15. Click on Button OK
  16. Click on Button Apply and then OK

Step 5 – Do a Group Policy Update:

  1. Start command prompt in admin context, and type following: Gpoupdate /force
  2. Press Enter.
  3. Or wait to next restart of your clients and servers.

About Emil

Deploymentspecialist med en gedigen teknisk grund och erfarenhet från flera olika arbetsgivare och uppdrag.

Kommentera

E-postadressen publiceras inte. Obligatoriska fält är märkta *

Post Navigation