I am planning to connect remotely from local server (A) to remote server (B) using PowerShell.
After examining various things on my own, it was stated on other sites that it was necessary to execute "Enable-PSRemoting".

The following is the PowerShell console screen of another site.

PowerShell console screen

WinRM quick configuration
When you run the Set-WSManQuickConfig command, WinRM
The service enables remote management of this computer, which has a significant security impact.
This command includes the following actions:

  1. Check if the WinRM service is running. If the WinRM service is not running, start the service.
  2. Set the startup type of WinRM service to automatic.
  3. Create a listener that accepts requests from any IP address. By default, the transport is HTTP.
  4. Enable firewall exception for WS-Management traffic.
    Do I want to enable remote management of this computer by WinRM service?
    [Y] Yes (Y) [N] No (N) [S] Suspend (S) [?] Help (Default"Y"):

Here are the questions.

1. Which part of which setting is changed by executing "Enable-PSRemoting"?
Is it possible to check before it is changed and after it is changed?

2.I think that the server that executes "Enable-PSRemoting" is the remote server (B).

Thanks for your cooperation.

  • Answer # 1

    Lists the results of a simple survey.
    I am not very familiar with it, so I cannot guarantee the accuracy of the content.

    Which part of which setting is changed by executing "Enable-PSRemoting"?

    If you look at the following pages, it is basically the same as the description whenEnable-PSRemotingis executed, but there are some details written in it.



    For the time being,Enable-PSRemoting


    Whether WinRM service is running
      Set WinRM service startup type to automatic

    You can check with the following command.

    Get-Service -Name WinRM
    Status Name DisplayName
    ------ ---- -----------
    Running WinRM Windows Remote Management (WS-Manag ...

    Create a listener that accepts requests even by IP address

    It seems to be created in the following location.

    Get-ChildItem -LiteralPath WSMan: \ localhost \ Listener
    WSManConfig: Microsoft.WSMan.Management \ WSMan :: localhost \ Listener
    Type Keys Name
    ---- ---- ----
    Container {Transport = HTTP, Address = *} Listener _ *******

    Enable firewall exception for WS-Management traffic

    The following settings are considered.

    Get-NetFirewallRule -Name WINRM-HTTP *
    Name: WINRM-HTTP-In-TCP-NoScope
    DisplayName: Windows remote management (HTTP reception)
    Description: Reception rules for Windows remote management by WS-Management. [TCP 5985]
    DisplayGroup: Windows remote management
    Group: @ FirewallAPI.dll, -30267Enabled: True
    Profile: Domain, Private
    Platform: {}
    Direction: Inbound
    Action: Allow
    EdgeTraversalPolicy: Block
    LooseSourceMapping: False
    LocalOnlyMapping: False
    PrimaryStatus: OK
    Status: The rule was successfully parsed from the store. (65536)
    EnforcementStatus: NotApplicable
    PolicyStoreSource: PersistentStore
    PolicyStoreSourceType: Local
    Reference:Disable-PSRemoting Executing

    Disable-PSRemotingseems to invalidate the settings, but the following settings do not seem to be restored.


    Warning: Disabling session configuration does not revert all changes made by the Enable-PSRemoting or Enable-PSSessionConfiguration cmdlets. You may need to undo changes manually by following these steps:


    Stop or disable the WinRM service.


    Remove the listener that accepts requests using the IP address.


    Disable firewall exception for WS-Management communication.


    Returns the value of LocalAccountTokenFilterPolicy back to 0. This restricts remote access to members of the Administrators group on this computer.


    I think that it is the above for 1, 2 and 3, but 4 seems to be the following registry settings.

    # https://technet.microsoft.com/en-us/library/hh847845.aspx?f=255&MSPPError=-2147217396
    Get-ItemProperty -Name LocalAccountTokenFilterPolicy -LiteralPath HKLM: \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Policies \ System
    I think that the server that executes "Enable-PSRemoting" is a remote server (B).

    Basically, it should be recognized.

    Reference site




    Preparation for Enable-PSRemoting to operate remote PC with PowerShell-tech.guitarrapc.cóm