Modify

Enable/Disable Remoting

Enable-PSRemoting -Force

Enables PowerShell remoting on the computer, configuring it to receive remote commands securely.

Disable-PSRemoting -Force

Disables PowerShell remoting, preventing the computer from receiving remote commands.

Set-WSManQuickConfig -Force

Configures the computer to use Windows Remote Management (WinRM) with default settings, including security settings.

Security Descriptor

Modifies the security descriptor of the default PowerShell session configuration, launching a UI to edit permissions.

Set-PSSessionConfiguration -Name Microsoft.PowerShell -ShowSecurityDescriptorUI

Authentication

Enables Basic authentication for the WinRM service.

winrm set winrm/config/service/Auth '@{Basic="true"}'

Enables Credential Security Support Provider (CredSSP) authentication for the WinRM client.

winrm set winrm/config/client/Auth '@{CredSSP="true"}'

Encrypted Traffic

Disables the allowance of unencrypted traffic for the WinRM service using PowerShell.

Set-Item -Path WSMan:\localhost\Service\AllowUnencrypted -Value $false

Toggle unencrypted communication for WinRM service and WinRM client, enforcing encrypted traffic:

Set-WSManInstance -ResourceURI winrm/config/service -ValueSet @{AllowUnencrypted="false"}
Set-WSManInstance -ResourceURI winrm/config/client -ValueSet @{AllowUnencrypted="false"}

Disables unencrypted traffic for WinRM at the registry level, enhancing security:

Set-ItemProperty HKLM:\Software\Policies\Microsoft\Windows\WinRM\Service -Name AllowUnencryptedTraffic -Value 0

Firewall

Creates a new firewall rule to allow inbound connections on port 5986 for WinRM over HTTPS, increasing security:

New-NetFirewallRule -DisplayName "WinRM HTTPS" -Direction Inbound -LocalPort 5986 -Protocol TCP -Action Allow

Removes firewall rules for WinRM HTTP traffic, enhancing security by disallowing unencrypted remote management traffic.

Remove-NetFirewallRule -DisplayName "Windows Remote Management (HTTP-In)"

Enables the firewall rule for inbound RDP connections, controlling access security:

Set-NetFirewallRule -DisplayName "Remote Desktop - User Mode (TCP-In)" -Enabled True

TrustedHosts

Adding a single item to TrustedHosts:

Set-Item WSMan:\\localhost\\Client\\TrustedHosts -Value "Server01"

Adding multiple items:

Set-Item WSMan:\\localhost\\Client\\TrustedHosts -Value "Server01,Server02,127.0.0.1"

Appends the Value instead of changing it:

Set-Item WSMan:\\localhost\\Client\\TrustedHosts -Value "Server03" -Concatenate

Configures the WinRM client to trust specific hosts, enhancing security by limiting remote connections.

Set-Item -Path WSMan:\localhost\Client\TrustedHosts -Value "hostname1,hostname2"

Last updated

Was this helpful?