Site icon RDR-IT

Manage Windows Server remotely in PowerShell with PSSession

Introduction

In this tutorial, we will see how to remotely administer a Windows server in PowerShell (Powershell remoting) with PSSession.

PSSession is the prefix of several Powershell commands that allow connection and management of it.

All the commands in this tutorial are to be done with a PowerShell command prompt

Prerequisites

On the server where you want to connect, remote management must be enabled.

By default, remote management is enabled by default since Windows 2012.

Connect to a server

With the current user:

Enter-PSSession -ComputerName LAB-FIC

By specifying the user:

Enter-PSSession -ComputerName LAB-FIC -Credential LABAdministrateur

An identification window opens where you must indicate the password of the account passed as a parameter.

Once logged into the console, the name of the server in square brackets appears first.

[LAB-FIC]: PS C:Usersadministrateur.LABDocuments>

Now all the DOS and PowerShell commands will be executed on the remote server.

Example: View installed roles and features.

[LAB-FIC]: PS C:Usersadministrateur.LABDocuments> Get-WindowsFeature | Where Installed

Display Name                                            Name                       Install State
------------                                            ----                       -------------
[X] Services de fichiers et de stockage                 FileAndStorage-Services        Installed
    [X] Services de fichiers et iSCSI                   File-Services                  Installed
        [X] Serveur de fichiers                         FS-FileServer                  Installed
    [X] Services de stockage                            Storage-Services               Installed
[X] Fonctionnalités de .NET Framework 4.6               NET-Framework-45-Fea...        Installed
    [X] .NET Framework 4.6                     NET-Framework-45-Core          Installed
    [X] Services WCF                                    NET-WCF-Services45             Installed
        [X] Partage de port TCP                         NET-WCF-TCP-PortShar...        Installed
[X] Fonctionnalités de Windows Defender                 Windows-Defender-Fea...        Installed
    [X] Windows Defender                                Windows-Defender               Installed
    [X] Interface utilisateur graphique de Windows D... Windows-Defender-Gui           Installed
[X] Prise en charge WoW64                               WoW64-Support                  Installed
[X] Support de partage de fichiers SMB 1.0/CIFS         FS-SMB1                        Installed
[X] Windows PowerShell                                  PowerShellRoot                 Installed
    [X] Windows PowerShell 5.1                          PowerShell                     Installed
    [X] Windows PowerShell ISE                          PowerShell-ISE                 Installed

Disconnect

To disconnect from the server, enter the following command:

Exit-PSSession

Lists of commands * -PSSession

From a command prompt enter:

Get-Command -Noun PSSession

CommandType     Name                                               Version    Source
-----------     ----                                               -------    ------
Cmdlet          Connect-PSSession                                  3.0.0.0    Microsoft.PowerShell.Core
Cmdlet          Disconnect-PSSession                               3.0.0.0    Microsoft.PowerShell.Core
Cmdlet          Enter-PSSession                                    3.0.0.0    Microsoft.PowerShell.Core
Cmdlet          Exit-PSSession                                     3.0.0.0    Microsoft.PowerShell.Core
Cmdlet          Export-PSSession                                   3.1.0.0    Microsoft.PowerShell.Utility
Cmdlet          Get-PSSession                                      3.0.0.0    Microsoft.PowerShell.Core
Cmdlet          Import-PSSession                                   3.1.0.0    Microsoft.PowerShell.Utility
Cmdlet          New-PSSession                                      3.0.0.0    Microsoft.PowerShell.Core
Cmdlet          Receive-PSSession                                  3.0.0.0    Microsoft.PowerShell.Core
Cmdlet          Remove-PSSession                                   3.0.0.0    Microsoft.PowerShell.Core

Show help:

Get-Help *-PSSession

ame                              Category  Module                    Synopsis
----                              --------  ------                    --------
Connect-PSSession                 Cmdlet    Microsoft.PowerShell.Core Reconnects to disconnected sessions.
Disconnect-PSSession              Cmdlet    Microsoft.PowerShell.Core Disconnects from a session.
Enter-PSSession                   Cmdlet    Microsoft.PowerShell.Core Starts an interactive session with a remote co...
Exit-PSSession                    Cmdlet    Microsoft.PowerShell.Core Ends an interactive session with a remote comp...
Get-PSSession                     Cmdlet    Microsoft.PowerShell.Core Gets the Windows PowerShell sessions on local ...
New-PSSession                     Cmdlet    Microsoft.PowerShell.Core Creates a persistent connection to a local or ...
Receive-PSSession                 Cmdlet    Microsoft.PowerShell.Core Gets results of commands in disconnected sessi...
Remove-PSSession                  Cmdlet    Microsoft.PowerShell.Core Closes one or more Windows PowerShell sessions...
Export-PSSession                  Cmdlet    Microsoft.PowerShell.U... Imports commands from another session and save...
Import-PSSession                  Cmdlet    Microsoft.PowerShell.U... Imports commands from another session into the...

Troubleshooting

Check the WinRM service

Get-Service WinRM

Status   Name               DisplayName
------   ----               -----------
Running  WinRM              Gestion à distance de Windows (Gest...

Enable remote management in PowerShell

Enable-PSRemoting

View WinRM configuration

winrm get winrm/config
Config
    MaxEnvelopeSizekb = 500
    MaxTimeoutms = 60000
    MaxBatchItems = 32000
    MaxProviderRequests = 4294967295
    Client
        NetworkDelayms = 5000
        URLPrefix = wsman
        AllowUnencrypted = false
        Auth
            Basic = true
            Digest = true
            Kerberos = true
            Negotiate = true
            Certificate = true
            CredSSP = false
        DefaultPorts
            HTTP = 5985
            HTTPS = 5986
        TrustedHosts = *
    Service
        RootSDDL = O:NSG:BAD:P(A;;GA;;;BA)(A;;GR;;;IU)S:P(AU;FA;GA;;;WD)(AU;SA;GXGW;;;WD)
        MaxConcurrentOperations = 4294967295
        MaxConcurrentOperationsPerUser = 1500
        EnumerationTimeoutms = 240000
        MaxConnections = 300
        MaxPacketRetrievalTimeSeconds = 120
        AllowUnencrypted = false
        Auth
            Basic = false
            Kerberos = true
            Negotiate = true
            Certificate = false
            CredSSP = false
            CbtHardeningLevel = Relaxed
        DefaultPorts
            HTTP = 5985
            HTTPS = 5986
        IPv4Filter = *
        IPv6Filter = *
        EnableCompatibilityHttpListener = false
        EnableCompatibilityHttpsListener = false
        CertificateThumbprint
        AllowRemoteAccess = true
    Winrs
        AllowRemoteShellAccess = true
        IdleTimeout = 7200000
        MaxConcurrentUsers = 2147483647
        MaxShellRunTime = 2147483647
        MaxProcessesPerShell = 2147483647
        MaxMemoryPerShellMB = 1024
        MaxShellsPerUser = 2147483647

Allow administration from any remote host

Set-Item WSMan:localhostClientTrustedHosts *

This command is useful for non-domain hosts because even if Remote Management is enabled, no hosts are allowed to connect.

Exit mobile version