Tuesday, 4 August 2020

powershell 11 remoting

Test-WSMan

switch to private network

Winrm quickconfig

Enable-PSRemoting -Force
#Disable-PSRemoting -Force

#set trusted hosts
Set-Item wsman:\localhost\client\trustedhosts *
Restart-Service WinRM

PS C:\WINDOWS\system32> winrm get winrm/config/service
Service
    RootSDDL = O:NSG:BAD:P(A;;GA;;;BA)(A;;GR;;;IU)S:P(AU;FA;GA;;;WD)(AU;SA;GXGW;;;WD)
    MaxConcurrentOperations = 4294967295
    MaxConcurrentOperationsPerUser = 1500
    EnumerationTimeoutms = 240000
    MaxConnections = 300
    MaxPacketRetrievalTimeSeconds = 120
    AllowUnencrypted = false
    Auth
        Basic = false
        Kerberos = true
        Negotiate = true
        Certificate = false
        CredSSP = false
        CbtHardeningLevel = Relaxed
    DefaultPorts
        HTTP = 5985
        HTTPS = 5986
    IPv4Filter = *
    IPv6Filter = *
    EnableCompatibilityHttpListener = false
    EnableCompatibilityHttpsListener = false
    CertificateThumbprint
    AllowRemoteAccess = true

PS C:\WINDOWS\system32> winrm get winrm/config/client
Client
    NetworkDelayms = 5000
    URLPrefix = wsman
    AllowUnencrypted = false
    Auth
        Basic = true
        Digest = true
        Kerberos = true
        Negotiate = true
        Certificate = true
        CredSSP = false
    DefaultPorts
        HTTP = 5985
        HTTPS = 5986
    TrustedHosts = *

PS C:\WINDOWS\system32> winrm enumerate winrm/config/listener
Listener
    Address = *
    Transport = HTTP
    Port = 5985
    Hostname
    Enabled = true
    URLPrefix = wsman
    CertificateThumbprint
    ListeningOn = 127.0.0.1, 169.254.1.87, 169.254.63.55, 169.254.93.133, 169.254.129.62, 192.168.0.18, ::1, fd00:f81d:f6e:3722:a:5c6d:5a6b:a296, fd00:f81d:f6e:3722:9d1:dc9d:fdb4:6d2a, fe80::9d1:dc9d:fdb4:6d2a%14, fe80::4c71:ae51:9233:5d85%20, fe80::78a0:dac3:315d:3f37%16, fe80::d0ac:283f:17fc:157%7, fe80::d4f4:7c23:a32:813e%3

PS C:\WINDOWS\system32> $env:computername
DESKTOP-2286VQK
PS C:\WINDOWS\system32> $env:userdomain
DESKTOP-2286VQK

#verify local device is listening on winrm port
PS C:\WINDOWS\system32> get-NetTCPConnection -localport 5985

LocalAddress                        LocalPort RemoteAddress                       RemotePort State       AppliedSetting
------------                        --------- -------------                       ---------- -----       --------------
::                                  5985      ::                                  0          Listen

#verity a remote device is listening on winrm port
PS C:\WINDOWS\system32> test-netconnection -computername 192.168.0.24 -port 5985

ComputerName     : 192.168.0.24
RemoteAddress    : 192.168.0.24
RemotePort       : 5985
InterfaceAlias   : Wi-Fi 2
SourceAddress    : 192.168.0.18
TcpTestSucceeded : True

$credential=get-credential
#sign in remote desktop
PS C:\WINDOWS\system32> test-wsman desktop-k1rh4m9 -authentication negotiate -credential $credential

wsmid           : http://schemas.dmtf.org/wbem/wsman/identity/1/wsmanidentity.xsd
ProtocolVersion : http://schemas.dmtf.org/wbem/wsman/1/wsman.xsd
ProductVendor   : Microsoft Corporation
ProductVersion  : OS: 10.0.17134 SP: 0.0 Stack: 3.0

PS C:\WINDOWS\system32> enter-pssession -computername desktop-k1rh4m9 -credential $credential
[desktop-k1rh4m9]: PS C:\Users\zchen\Documents> hostname
DESKTOP-K1RH4M9
[desktop-k1rh4m9]: PS C:\Users\zchen\Documents> get-service bits

Status   Name               DisplayName
------   ----               -----------
Stopped  bits               Background Intelligent Transfer Ser...

[desktop-k1rh4m9]: PS C:\Users\zchen\Documents> exit

PS C:\WINDOWS\system32> $session = new-pssession -computername desktop-k1rh4m9 -credential $credential
PS C:\WINDOWS\system32> $session

 Id Name            ComputerName    ComputerType    State         ConfigurationName     Availability
 -- ----            ------------    ------------    -----         -----------------     ------------
 10 WinRM10         desktop-k1rh4m9 RemoteMachine   Opened        Microsoft.PowerShell     Available

PS C:\WINDOWS\system32> invoke-command -session $session -scriptblock {hostname}
DESKTOP-K1RH4M9

$multisession = new-pssession -computername remote1, remote2, remote3 -credential $credential

#find # of cpus in remote computer
PS C:\WINDOWS\system32> invoke-command -session $session -scriptblock {(Get-CimInstance Win32_ComputerSystem).NumberOfLogicalProcessors}
8

#find percentage of available space in remote computer C drive
PS C:\WINDOWS\system32> Invoke-Command -Session $session -ScriptBlock {
>>     $driveData = Get-PSDrive c | select-object used, Free
>>     $total = $driveData.used + $driveData.free
>>     $calc = [math]::round($driveData.free / $total, 2)
>>     $perFree = $calc * 100
>>     return $perFree
>> }
84

S C:\WINDOWS\system32> $invokeSplate = @{
>>     computername = 'desktop-k1rh4m9' #desktop2, desktop3...
>>     credential = $credential
>>     errorVariable = 'connectErrors'
>>     errorAction = 'silentlyContinue'
>> }

S C:\WINDOWS\system32> $remoteResult = Invoke-Command @invokeSplate -scriptblock{
>>     $obj = [PSCustomObject]@{
>>         Name = $env:computername
>>         CPUs = "---"
>>         Memory = "---"
>>         FreeSpace = "---"
>>     }
>>
>>     $obj.CPUs = (Get-CimInstance Win32_ComputerSystem).NumberOfLogicalProcessors
>>     $obj.Memory = Get-CimInstance Win32_ComputerSystem `
>>         | Measure-Object -Property TotalPhysicalMemory -sum `
>>         | ForEach-Object {[math]::round($_.sum / 1024 / 1024)}
>>     $driveData = Get-PSDrive C | Select-Object used, Free
>>     $total = $driveData.used + $driveData.free
>>     $calc = [math]::round($driveData.free / $total, 2)
>>     $obj.FreeSpace = $calc * 100
>>     return $obj
>> }
PS C:\WINDOWS\system32> $remoteresult


Name           : DESKTOP-K1RH4M9
CPUs           : 8
Memory         : 16361
FreeSpace      : 84
PSComputerName : desktop-k1rh4m9
RunspaceId     : 02a90eab-cf61-4f80-9ea2-a2c0881a7a49

$remoteFailures = $connectErrors.CategoryInfo `
      | where-object {$_.reason -eq 'PSRemotingTransportException'} `
      | select-object TargetName, @{n = 'ErrorInfo'; E = {$_.reason}}

reference:
https://www.youtube.com/watch?v=qvJRaYlxI1w&t=2s

Run PowerShell Commands on Remote Computers
https://www.howtogeek.com/117192/how-to-run-powershell-commands-on-remote-computers/

Installation and Configuration for Windows Remote Management
https://docs.microsoft.com/en-us/windows/win32/winrm/installation-and-configuration-for-windows-remote-management#:~:text=To%20configure%20WinRM%20with%20default,command%20at%20a%20command%20prompt.

WinRM
https://www.youtube.com/watch?v=EmrHQggFW_s

Configure WINRM for HTTPS
https://support.microsoft.com/en-ca/help/2019527/how-to-configure-winrm-for-https

Set Up Remote Desktop
https://www.youtube.com/watch?v=Olgso_oXQa8

No comments:

Post a Comment