What can Windows? WinRM and WinRS do for you?

Introduced
WinRM and WinRS updates are included in Windows Vista, Windows Server 2003 R2, Windows Server 2008 (and Server Core). These powerful command-line management tools provide system administrators with an improved way to remotely administer and execute programs on Windows machines.  However, they must be enabled and you will need to spend some time knowing their command line features. Fortunately, this article will provide all the tutorials you need to start using these tools today!

What is Windows Remote Management (WinRM)?
Windows Remote Management (WinRM) is a modern, easy-to-manage, remote-managed service in Windows Server 2003 R2, Windows Vista, and Windows Server 2008.  WinRM is the "server" component of the Remote administration application, and WINRS (Windows Remote shell) is the "client" of WinRM, which runs on the computer that manages the WinRM server remotely. However, we should note that two computers must be manually installed WinRS, and that WinRM be able to start and return information from the remote system.

WinRM is based on the Web service Management (ws-management) standard. This means that WinRM uses the HTTP protocol (port 80) and uses SOAP to request it to work. The advantage is that HTTP requests can be easily sent and received through a firewall. So it's good or bad: it makes it easier to manage a remote Windows PC over the Internet, or it's easier for a remote Windows attacker who malicious on the Internet. Other benefits of WinRM using HTTP are that if HTTP inbound traffic is allowed, no other ports must be open on the server and on the client.

WinRM is a new tool for system management and based on open standards APIs. So if you're not very interested in learning this tool before, actually in my mind it's actually "Microsoft's new standard for remote management" and it's well worth knowing.

You may already be familiar with the WMI database. If not, the WIM database contains a wide variety of information about the hardware and software on that computer. Almost every Windows hypervisor calls to the WMI database to perform any administrative tasks that need to be performed on that PC.

WinRM will use the WMI database to perform tasks for you or your system Management Pack, just like using a similar task for another programming interface using VBScript. As I mentioned earlier, the advantage of WinRM is that it uses port 80 (HTTP). And some special code even allows WinRM to share 80 inbound ports with IIS, which may be running on port 80 together.

WinRM supports a variety of authentication methods to prevent anyone on a positive connection from doing any administrative tasks on your PC client and server. However, as with any other port that is open, if authentication and encryption are placed at the right time, you have taken all reasonable security precautions.

Your system management software vendor may already be planning to call WinRM in the next version of their product, and by then you may have unknowingly used winrm through another application. With this CLI tool, you can easily pull information from the WMI database of any system management functionality you want to perform.

As you can see below, the WinRM command line interface includes many options. This WinRM help information shows that WinRM does not have "enable" or "listen" on the current system

Figure 1:WINRM Command-line Options

How do I enable and use WinRM?
If you are using Windows SERVER,WINRM is already installed but not enabled. This is a good safety precaution. The simple way to enable WinRM on your machine is to run it in CMD:

WinRM Enumerate Winrm/config/listener

If the return information is not available, WinRM does not run correctly. To configure WinRM to automatically start and allow remote access, use the WinRM quickconfig command as follows:

C:\users\administrator> WinRM quickconfig
WinRM is not a set up-to-allow remote access to the this machine for management.
The following changes must be made:
Create a WinRM listener on http://* to accept the Ws-man requests to any IP on the this machine.
Make these changes [y/n]? Y
WinRM has been updated for remote management.
Created a WinRM listener on http://*-to-accept Ws-man requests to any IP on this machine.
C:\users\administrator>
Once I configured the quickconfig, I reran the enumeration command with these results:
C:\users\administrator> WinRM e Winrm/config/listener
Listener
Address = *
Transport = HTTP
Port = 80
Hostname
Enabled = True
URLPrefix = Wsman
Certificatethumbprint
Listeningon = 10.253.15.98, 127.0.0.1,:: 1, fe80::5efe:10.253.15.98%11, fe80::9583:2148:e1ef:6444%10
C:\users\administrator>

From here, we can know that WinRM has been started.

By the way, if you want to disable WinRM at any time, you can use this command:

WinRM delete Winrm/config/listener? Ipadress=*+transport=http

In order to use WinRM, the host to which it is connected must be a member of the same domain as the WinRM host. If this is not the case, I recommend that you refer to the article "remotely managing your Server Core using WinRM and WinRS for different security scenarios.

What is WinRS and how do I use it?
WinRS is a Windows remote shell. With WinRS you can query Windows hosts that are running WinRM remotely. Keep in mind, however, that your host also needs to run WinRM to use WinRS.
As you can see from the diagram below, WinRS is a full-featured command-line tool that provides rich help information.

Figure 2:WINRM Command-line Options

The most common feature of WinRS is to execute commands on a remote computer. Of course, this communication uses the HTTP protocol/port 80 (default).
Here is an instance of executing WinRS on my local running WinRM machine. I run two commands-"ver" and "dir C:". Each command has the appropriate information to be returned.

Figure 3:winrs Command Demo

Summarize
WinRM and WinRS are very powerful new tools that Windows system administrators should be aware of. I would like to use WINRM/WINRS for remote management has great potential! You can install programs, change settings, or troubleshooting (as long as it's connected to the network). You can even go further and expand it and combine WinRS with scripts to perform those tasks in the list of computers. And keep in mind that whether you use these tools or not, your system management software will use them all in the near future.

What can Windows? WinRM and WinRS do for you?