Modify
Enable/Disable Remoting
Enable-PSRemoting -Force
Enables PowerShell remoting on the computer, configuring it to receive remote commands securely.
Disable-PSRemoting -Force
Disables PowerShell remoting, preventing the computer from receiving remote commands.
Set-WSManQuickConfig -Force
Configures the computer to use Windows Remote Management (WinRM) with default settings, including security settings.
Security Descriptor
Modifies the security descriptor of the default PowerShell session configuration, launching a UI to edit permissions.
Set-PSSessionConfiguration -Name Microsoft.PowerShell -ShowSecurityDescriptorUI
Authentication
Enables Basic authentication for the WinRM service.
winrm set winrm/config/service/Auth '@{Basic="true"}'
Enables Credential Security Support Provider (CredSSP) authentication for the WinRM client.
winrm set winrm/config/client/Auth '@{CredSSP="true"}'
Encrypted Traffic
Disables the allowance of unencrypted traffic for the WinRM service using PowerShell.
Set-Item -Path WSMan:\localhost\Service\AllowUnencrypted -Value $false
Toggle unencrypted communication for WinRM service and WinRM client, enforcing encrypted traffic:
Set-WSManInstance -ResourceURI winrm/config/service -ValueSet @{AllowUnencrypted="false"}
Set-WSManInstance -ResourceURI winrm/config/client -ValueSet @{AllowUnencrypted="false"}
Disables unencrypted traffic for WinRM at the registry level, enhancing security:
Set-ItemProperty HKLM:\Software\Policies\Microsoft\Windows\WinRM\Service -Name AllowUnencryptedTraffic -Value 0
Firewall
Creates a new firewall rule to allow inbound connections on port 5986 for WinRM over HTTPS, increasing security:
New-NetFirewallRule -DisplayName "WinRM HTTPS" -Direction Inbound -LocalPort 5986 -Protocol TCP -Action Allow
Removes firewall rules for WinRM HTTP traffic, enhancing security by disallowing unencrypted remote management traffic.
Remove-NetFirewallRule -DisplayName "Windows Remote Management (HTTP-In)"
Enables the firewall rule for inbound RDP connections, controlling access security:
Set-NetFirewallRule -DisplayName "Remote Desktop - User Mode (TCP-In)" -Enabled True
TrustedHosts
Adding a single item to TrustedHosts:
Set-Item WSMan:\\localhost\\Client\\TrustedHosts -Value "Server01"
Adding multiple items:
Set-Item WSMan:\\localhost\\Client\\TrustedHosts -Value "Server01,Server02,127.0.0.1"
Appends the Value instead of changing it:
Set-Item WSMan:\\localhost\\Client\\TrustedHosts -Value "Server03" -Concatenate
Configures the WinRM client to trust specific hosts, enhancing security by limiting remote connections.
Set-Item -Path WSMan:\localhost\Client\TrustedHosts -Value "hostname1,hostname2"
Last updated
Was this helpful?