This refers to Windows7.
1. Firewall settings
Open Wmi,remoteadmin
2. Modify PowerShell Execution policy
Set-executionpolicy remotesigned
3. Installing powershell3.0
View version Options
PS under $host
Dolly Mix
$psvertiontable
Check the WinRM version
WinRM ID
4. Create an administrator account at the command line of the right to join the Admins group
NET user test */add/comment: "Test User"/expires:never/fullname: "XX"
net localgroup Administrators Test/add
View users and groups, net user test
net localgroup Administrators
5. Name the NIC connection Lan0,lan1,lan-free, set the network environment to private network 6. Configure WinRM
Premise: Run under the command of right to raise
Managed side:
WinRM quickconfig
Two ways to execute instructions remotely
Winrm–r:computername command
ICM hostname {Powershell-command}
ICM is a shorthand for Invoke-command
Manage clients (not under PowerShell):
6.1 WinRM quickconfig //Configure WinRM service, firewall exception settings, start WinRM listener
To set up trusted clients
( Another way
# Enabled Trusted Hosts for universial Access
CD Wsman:
CD localhost\client
Set-item trustedhosts *-force
Restart-service WinRM
)
6.3 Determining WinRM in operation:get-service winrm
6.4 Enable-psremoting–force (not sure whether to execute, should be executed on the managed side)
See also: http://tech.ccidnet.com/art/302/20100701/2102911_1.html
Http://technet.microsoft.com/en-us/library/hh849694.aspx
When you execute the cmdlet, the following actions are performed, including:
1. Start or restart the WinRM service (if it is started).
2. Set the WinRM service type to start automatically.
3. Create a listener on the local computer to accept requests on any IP address.
4. Enable firewall Exceptions for Ws-management traffic (HTTP only), if you want to enable PS remote management, the network location cannot be set to public at this time because the Windows Firewall exception cannot be enabled when the network location is public.
5. Enables all registered PS thread configuration information.
The enable-psremoting cmdlet performs the following operations:
--Runs The Set-wsmanquickconfig cmdlet, which performs the following tasks:
-----starts the WinRM service.
-----Sets the startup type on the WinRM service to Automatic.
-----Creates a listener to accept requests on any IP address.
-----enables a firewall exception for ws-management communications.
-----registers the Microsoft.PowerShell and Microsoft.PowerShell.Workflow session configurations, if it they is not alre Ady registered.
-----registers the MICROSOFT.POWERSHELL32 session configuration on 64-bit computers, if it's not already registered.
-----enables all session configurations.
-----Changes the security descriptor of all session configurations to allow remote access.
-----Restarts the WinRM service to make the preceding changes effective.
By default, PowerShell remote Management uses 5985 (HTTP) and 5986 (HTTPS) ports
When you add the-force parameter to the Enable-psremoting cmdlet, execution will enable remote administration in a silent state, and PowerShell remote management cannot be enabled remotely.
If remote administration is enabled, you can use the following cmdlet to view:
PS c \ > Enter-pssession–computername localhost
The user will see the prompt as shown in 2:
6.5 winrs-r:remote-computer-name WhoAmI //test the WinRM connection, using WhoAmI directly with the native user name
Test ipconfig on remote managed side
Enter PowerShell,
The first 10 processes of this machine
Top 10 processes of the managed remote host
One-to-many management:
Invoke-command-computername Winserv-wfe, Sql-server2008-scriptblock {get-process}
Or
Invoke-command-computername (get-content c:\scripts\servers.txt)-scriptblock {get-process}
This approach is also known as diffuse or one-to-many remote management. The user can execute the same command on multiple hosts with a single command.
All commands and variables in the script block are run on the remote computer. If the user takes a similar-scriptblock {get-process–name $procName},powershell considers the $procname variable in the remote machine thread to have been defined. A user can pass a variable on the local computer to a remote thread by using the Invoke-command command.
2.2 Passing variables to remote threads
In the previous example, the user could pass the process name to look for as a variable. The ArgumentList parameter can help the user pass to the remote thread:
$procName = "PowerShell"
Invoke-command-computername (get-content c:\scripts\servers.txt) '-scriptblock {param ($Name) get-process-name $Name} –argumentlist $procName
The example above shows how to use the-argumentlist parameter to pass a local variable to a remote thread.