Manage windows in a workgroup environment.

This refers to Windows7.

1. Firewall settings

Open Wmi,remoteadmin

2. Modify PowerShell Execution policy

Set-executionpolicy remotesigned

3. Installing powershell3.0

View version Options

PS under $host

Dolly Mix

$psvertiontable

Check the WinRM version

WinRM ID

4. Create an administrator account at the command line of the right to join the Admins group

NET user test */add/comment: "Test User"/expires:never/fullname: "XX"

net localgroup Administrators Test/add

View users and groups, net user test

net localgroup Administrators

5. Name the NIC connection Lan0,lan1,lan-free, set the network environment to private network 6. Configure WinRM

Premise: Run under the command of right to raise

Managed side:

WinRM quickconfig

Two ways to execute instructions remotely

Winrm–r:computername command

ICM hostname {Powershell-command}

ICM is a shorthand for Invoke-command

Manage clients (not under PowerShell):

6.1 WinRM quickconfig   //Configure WinRM service, firewall exception settings, start WinRM listener

To set up trusted clients

( Another way

# Enabled Trusted Hosts for universial Access

CD Wsman:

CD localhost\client

Set-item trustedhosts *-force

Restart-service WinRM

)

6.3 Determining WinRM in operation:get-service winrm

6.4 Enable-psremoting–force (not sure whether to execute, should be executed on the managed side)

See also: http://tech.ccidnet.com/art/302/20100701/2102911_1.html

Http://technet.microsoft.com/en-us/library/hh849694.aspx

When you execute the cmdlet, the following actions are performed, including:

1. Start or restart the WinRM service (if it is started).

2. Set the WinRM service type to start automatically.

3. Create a listener on the local computer to accept requests on any IP address.

4. Enable firewall Exceptions for Ws-management traffic (HTTP only), if you want to enable PS remote management, the network location cannot be set to public at this time because the Windows Firewall exception cannot be enabled when the network location is public.

5. Enables all registered PS thread configuration information.

The enable-psremoting cmdlet performs the following operations:

--Runs The Set-wsmanquickconfig cmdlet, which performs the following tasks:

-----starts the WinRM service.

-----Sets the startup type on the WinRM service to Automatic.

-----Creates a listener to accept requests on any IP address.

-----enables a firewall exception for ws-management communications.

-----registers the Microsoft.PowerShell and Microsoft.PowerShell.Workflow session configurations, if it they is not alre Ady registered.

-----registers the MICROSOFT.POWERSHELL32 session configuration on 64-bit computers, if it's not already registered.

-----enables all session configurations.

-----Changes the security descriptor of all session configurations to allow remote access.

-----Restarts the WinRM service to make the preceding changes effective.

By default, PowerShell remote Management uses 5985 (HTTP) and 5986 (HTTPS) ports

When you add the-force parameter to the Enable-psremoting cmdlet, execution will enable remote administration in a silent state, and PowerShell remote management cannot be enabled remotely.

If remote administration is enabled, you can use the following cmdlet to view:

PS c \ > Enter-pssession–computername localhost

The user will see the prompt as shown in 2:

6.5 winrs-r:remote-computer-name WhoAmI   //test the WinRM connection, using WhoAmI directly with the native user name

Test ipconfig on remote managed side

Enter PowerShell,

The first 10 processes of this machine

Top 10 processes of the managed remote host

One-to-many management:

Invoke-command-computername Winserv-wfe, Sql-server2008-scriptblock {get-process}

Or

Invoke-command-computername (get-content c:\scripts\servers.txt)-scriptblock {get-process}

This approach is also known as diffuse or one-to-many remote management. The user can execute the same command on multiple hosts with a single command.

All commands and variables in the script block are run on the remote computer. If the user takes a similar-scriptblock {get-process–name $procName},powershell considers the $procname variable in the remote machine thread to have been defined. A user can pass a variable on the local computer to a remote thread by using the Invoke-command command.

2.2 Passing variables to remote threads

In the previous example, the user could pass the process name to look for as a variable. The ArgumentList parameter can help the user pass to the remote thread:

$procName = "PowerShell"

Invoke-command-computername (get-content c:\scripts\servers.txt) '-scriptblock {param ($Name) get-process-name $Name} –argumentlist $procName

The example above shows how to use the-argumentlist parameter to pass a local variable to a remote thread.