Skip to content

Setting up Powershell Remoting

Jump to bottom Edit New page
FreFre edited this page Nov 6, 2012 · 6 revisions

Original source: http://www.powershellcommunity.org/Forums/tabid/54/aft/3916/Default.aspx

On the Remote Server:

  • Download SelfSSL

  • Generate Certificate:

    C:\Program Files (x86)\IIS Resources\SelfSSL>selfssl.exe /N:CN=10.20.66.10 /V:3600 /T /Q

  • Export Trusted Root CA Cert (from a command-prompt launch certmgr.msc)

  • Copy the exported file to the PowerShell Server.

On the machine performing the deployment

  • Import the copied cert file into the "Trusted Root CA"

On the Remote Server again:

  • Create the WinRM HTTPS Listener. Be sure to issue this command from a cmd command-prompt and not powershell, the syntax doesn't work.

    • Replace the Hostname value with whatever you issued the certificate to in step 1.
    • Replace the CertificateThumprint value with the actual certificates thumprint (view certificate details).

    C:>winrm create winrm/config/Listener?Address=*+Transport=HTTPS @{Hostname="10.20.66.10";CertificateThumbprint="4f 4c a6 d6 6f b1 5b 88 72 b0 fc 0d 48 a0 4c 9b 0d 93 2a 49"}

  • Ensure the client is allowing connections: (In Command Prompt:)

    C:>winrm set winrm/config/client @{TrustedHosts="*"}

  • Make sure there is a firewall exception for the port on which you configured WinRM. The default is 5986

  • Allow scripts to run in Powershell, run the following command

Set-ExecutionPolicy RemoteSigned

On the machine issuing the deployment

Establish a persistant session to the remote server:

$s = New-PSSession 10.20.66.10 -Credential RADMIN -UseSSL
Add a custom footer
Add a custom sidebar
Clone this wiki locally