Welcome to MSDN Blogs Sign in | Join | Help

Remoting with PowerShell QuickStart

PowerShell V2 introduces a new capability which allows you to remotely manage machines in your organization. I will give a basic overview of PowerShell remoting here and follow it up with some adavanced topics later. Are you ready for the fun..

A remote interaction involves 2 endpoints – Client and a Server. The same computer or system can act both as a client and as a server.

Configuration

To enable an endpoint for PowerShell remoting you need to do the following:

Step 1: Install PowerShell CTP2 of PowerShell V2

Step2: Install CTP of WinRM

Step 3: Configure WinRM for PowerShell remoting. This can be done from a PowerShell Console using the following steps

(a)    Open PowerShell console in elevated prompt

(b)   Run $pshome\configure-wsman.ps1 script.

The above script will prepare your machine for remoting. This script will enable an endpoint both to act as a client and as well as a server.

PowerShell depends on WinRM for transport of data between endpoints. WinRM implements WS-Management a SOAP-based protocol for the management of servers etc. The good thing about this protocol is it is based on HTTP. So all the packets are going on Port 80 (by default) and you don’t need to open any other port for PowerShell remoting.

Using the Power

The beauty of PowerShell remoting is that all the cmdlets/scripts you have from V1 work as is everywhere (as long as PowerShell is installed on the server). So you develop your cmdlet/scripts once and you can remotely execute them with PowerShell as is without making any changes. The only dependency being the cmdlet/script you want to execute should be accessible on the remote box.

Let me show you some examples:

PS C:\> #my current machine

PS C:\> $env:computername

KRISCV-JHOOM

PS C:\> icm kriscv-lh { $env:computername }

KRISCV-LH

PS C:\>

The above example gives a glimpse of powershell remoting. Here I ran “$env:computername” locally and then on a remote machine from my local machine. I showed a new command “icm” here. “icm” is an alias for invoke-command cmdlet. This cmdlet takes the following pattern:

 

Invoke-command <ExecutionContext>  { <script block to run in the context>}

 

In my above “kriscv-lh” is the execution context. In this case it is a destination computer name.  So, essentially I have asked invoke-command to run the script “{$env:computername}” on the remote machine. This is the cmdlet you should use for remoting in CTP2 of Powershell V2. This cmdlet internally creates a connection with the machine “kriscv-lh”, runs the command on the machine, gets the output from the remote machine to the local machine, displays the output and then closes the connection.

 

You can pretty much do anything on the remote machine as you would on the local machine. Administrator of the remote machine however has the complete control of restricting you.

 

The following example shows you a way of finding free disk space on the remote machine:

 

PS C:\> $env:computername

KRISCV-JHOOM

PS C:\> icm kriscv-lh {gwmi win32_logicaldisk | select deviceid,freespace}

 

deviceid                 freespace                ComputerName             RunspaceId

--------                          ---------                ------------                           ----------

A:                                                               kriscv-lh                         8ce689c2-87a2-4e38-83...

C:                       44054937600                 kriscv-lh                          8ce689c2-87a2-4e38-83...

D:                                                              kriscv-lh                          8ce689c2-87a2-4e38-83...

 

Estentially whatever you have learned with V1 of PowerShell can be used with PowerShell remoting.  Lets convert the above example to show the freespace in GB instead of bytes:

 

PS C:\> icm kriscv-lh {gwmi win32_logicaldisk | select deviceid,freespace} | select deviceid,@{Name=

"freespace(GB)";Expression={$_.freespace/1gb}},computername

 

deviceid                                             freespace(GB)           ComputerName

--------                                                     -------------                 ------------

A:                                                                               0               kriscv-lh

C:                                                   41.0060882568359              kriscv-lh

D:                                                                               0               kriscv-lh

 

Notice what I have done here. The command in bold above is run on the remote machine kriscv-lh and the rest of the pipeline is run on the local box ie.,”select-object” cmdlet is run on the local machine. PowerShell remoting ensures objects are written onto the pipeline and hence you can leverage the complete power of PowerShell by working directly with an object.

 

You can apply the same concept to multiple machines. The following examples gets the free disk space from multiple machines:

 

PS C:\> icm kriscv-lh,kriscv-jhoom {gwmi win32_logicaldisk | select deviceid,freespace} | select dev

iceid,@{Name="freespace(GB)";Expression={$_.freespace/1gb}},computername

 

deviceid                                             freespace(GB)       ComputerName

--------                                                      -------------                  ------------

C:                                                182.064617156982       kriscv-jhoom

D:                                                136.152328491211      kriscv-jhoom

E:                                                7.60776519775391       kriscv-jhoom

F:                                                1.76084136962891       kriscv-jhoom

G:                                                                           0        kriscv-jhoom

A:                                                                           0        kriscv-lh

C:                                               41.0063934326172       kriscv-lh

D:                                                                           0        kriscv-lh

 

Notice I am running the command on 2 machines and running select-object cmdlet on the local box to filter the data.

 

There are so many things I want to talk about this CTP which I will do in the coming weeks. For the time being install the CTP, try out our new features and most importantly, if possible, give us your feedback.

 

Have a great weekend!!

 

Thanks

Krishna Vutukuri[MSFT]

Windows PowerShell Development

This posting is provided “AS IS” with no warranties.

Published Saturday, May 10, 2008 3:01 AM by PowerShellTeam
Filed under:

Comment Notification

If you would like to receive an email when updates are made to this post, please register here

Subscribe to this post's comments using RSS

Comments

# re: Remoting with PowerShell QuickStart

Is there WinRM CTP for windows 2003 or XP?

Saturday, May 10, 2008 2:28 AM by Soliko

# re: Remoting with PowerShell QuickStart

> Is there WinRM CTP for windows 2003 or XP?

Sadly no, not at this time.  

Yes - we know exactly how painful this is.  We just couldn't make the schedules line up.  

Jeffrey Snover [MSFT]

Windows Management Partner Architect

Visit the Windows PowerShell Team blog at:    http://blogs.msdn.com/PowerShell

Visit the Windows PowerShell ScriptCenter at:  http://www.microsoft.com/technet/scriptcenter/hubs/msh.mspx

Saturday, May 10, 2008 9:46 AM by PowerShellTeam

# re: Remoting with PowerShell QuickStart

BTW - you can easily clean up the output by simply casting the expression to an [INT] (notice that I put the expression inside () so that we cast the RESULTS of the expression and not the FIRST ELEMENT.

Change:

icm kriscv-lh {gwmi win32_logicaldisk | select deviceid,freespace} | select deviceid,@{Name="freespace(GB)";Expression={$_.freespace/1gb}},computername

TO

icm kriscv-lh {gwmi win32_logicaldisk | select deviceid,freespace} | select deviceid,@{Name="freespace(GB)";Expression={[INT]$($_.freespace/1gb)}},computername

And things clean up very nicely.

10,000 thanks to Krishna for going out of his way to do this write up.  Take a look at the published time!

Jeffrey Snover [MSFT]

Windows Management Partner Architect

Visit the Windows PowerShell Team blog at:    http://blogs.msdn.com/PowerShell

Visit the Windows PowerShell ScriptCenter at:  http://www.microsoft.com/technet/scriptcenter/hubs/msh.mspx

Saturday, May 10, 2008 9:57 AM by PowerShellTeam

# re: Remoting with PowerShell QuickStart

Oooooh! Your security team is going to have run keeping the hackers at bay on this one! ;-)

But seriously (as I'm really not a security wonk), why can't you make it so that I could run a script on the remote machine that exists only on my local machine?  Forcing the remote machine to have the script is a rather large burden, no?  Need I detail why?

Saturday, May 10, 2008 7:19 PM by Mike Schinkel

# re: Remoting with PowerShell QuickStart

> But seriously (as I'm really not a security wonk), why can't you make it so that I could run a script on the remote machine that exists only on my local machine?

Ask and ye shall receive.  :-)

It does!  First let's start with the basics.  We'll ship "secure by default".  That means that you will have to make a decision to allow remote computers to manage a machine.  Next, when you configure remoting, you'll have a number of configuration options which give you fine control over what the remote machines can do.  In particular, there are 3 language MODES: FULL, DATA, NONE.  

FULL is obvious - there are no language restrictions.

DATA limits the language to those elements that do not allow side-effects on the system.

NONE means you can enter commands but no language elements.

For each of these, you'll be able to configure what CMDLETS, SCRIPTS, Native applications, providers, and variables that are available to the remote machine.  

jps

Sunday, May 11, 2008 11:31 AM by PowerShellTeam

# re: Remoting with PowerShell QuickStart

Ok, so maybe I'm doing something wrong, but the winrm configuration isn't working:

PS C:\Windows\System32> . $pshome\configure-wsman.ps1

VERBOSE: Configuring WinRM

WSManFault

   Message = Access is denied.

Error number:  -2147024891 0x80070005

Access is denied.

CheckError : Error restoring default WSMan configuration. Exiting

At C:\Windows\system32\WindowsPowerShell\v1.0\\wsmanutils.ps1:97 char:19

+         CheckError <<<<  $ErrorMessages["Restore"]

WSManFault

   Message = Access is denied.

... and more of the same.  this is with an elevated version of powershell...

Monday, May 12, 2008 6:43 AM by Ilya Haykinson

# re: Remoting with PowerShell QuickStart

>   Message = Access is denied.

1) Are you running with elevated Privs?

2) Do you have Admin Rights?

jps

Monday, May 12, 2008 8:55 AM by PowerShellTeam

# re: Remoting with PowerShell QuickStart

Can you check if WinRM is running?

PS F:\> get-service winrm

Status   Name               DisplayName

------   ----               -----------

Stopped  WinRM              Windows Remote Management (WS-Manag...

PS F:\> start-service winrm                                               PS F:\> get-service winrm                                                                                                                           Status   Name               DisplayName                                   ------   ----               -----------                                   Running  WinRM              Windows Remote Management (WS-Manag...                                                                                                                                                            

Tuesday, May 13, 2008 9:44 PM by PowerShellTeam

# re: Remoting with PowerShell QuickStart

I noted the comment above about 2003 and XP.  Are you committed to providing remoting on 2003 and XP in the final version?  We're really keen to see this.

Sunday, May 18, 2008 4:15 PM by Simon Garratt

# re: Remoting with PowerShell QuickStart

> Are you committed to providing remoting on 2003 and XP in the final version?

Never trust anything that looks like a commitment made in a blog. Seriously.  If you ever see anything that looks like a commitment in this blog - it has to be understood as a PERSONAL commitment not a corporate commitment.

For example, I could say that I'm personally committed to making this go downlevel but that is VERY differen than saying that the company is committed to doing so.

Here is what I said in the blog entry:

http://blogs.msdn.com/powershell/archive/2008/04/24/how-could-you-top-ctp1.aspx

One big caveat to share with you around remoting.  The good news is that we've made a lot of progress on remoting and it is shaping up nicely.  The bad news is that (FOR THIS CTP) remoting is only going to work FROM and TO Vista and WS08 boxes (CRINGE!).  I know that is a big hit and it means that many of you will not be able to test out remoting for us.  Apologizes.  There are a zillion details behind this so without going into them, all I can say is 1) we know exactly how BIG of a deal this is 2) we worked like heck to try and make it happen 3) the facts we were faced did not allow it to happen.

Just to be clear, this applies to the upcoming CTP and we are working very hard to make it available on downlevel machines in subsequent public releases.

Jeffrey Snover [MSFT]

Windows Management Partner Architect

Visit the Windows PowerShell Team blog at:    http://blogs.msdn.com/PowerShell

Visit the Windows PowerShell ScriptCenter at:  http://www.microsoft.com/technet/scriptcenter/hubs/msh.mspx

Sunday, May 18, 2008 7:52 PM by PowerShellTeam

# re: Remoting with PowerShell QuickStart

Hello,

When I run Receive-PSJob -job $job I got error like below. How do I do for fix this problem please advice? I use WinXP + SP2.

PS C:\> $job = Start-PSJob -command "Get-Process"

PS C:\> Receive-PSJob -job $job

Receive-PSJob : [localhost] The WS-Management service does not support the requ

est.

At line:1 char:14

+ Receive-PSJob <<<<  -job $job

PS C:\> Get-Service winrm

Status   Name               DisplayName

------   ----               -----------

Running  WinRM              Windows Remote Management (WS-Manag...

PS C:\> $job

SessionId       Name            State           HasMoreData     Command

---------       ----            -----           -----------     -------

1                               Failed          False           Get-Process

Thursday, June 12, 2008 3:44 AM by Paiboon

# re: Remoting with PowerShell QuickStart

You need to install the CTP of WSMan 2.0, but they are currently supported on Vista-SP1 and WS08 only.

Thursday, June 12, 2008 1:37 PM by PowerShellTeam

# re: Remoting with PowerShell QuickStart

What is the current status of remoting on WinXP and WinServer 2003?  I'd love to use PS for a proof on concept.  Thanks.

Wednesday, August 06, 2008 6:57 PM by DaveP

# re: Remoting with PowerShell QuickStart

Can you share some information on Powershell Remoting and Exchange 2007 administration?

Friday, October 17, 2008 11:08 AM by Sanjay

# re: Remoting with PowerShell QuickStart

I've been trying to use the Remoting capabilities within a C# application but it seems my assembly System.Management.Automation.dll doesn't contain

"System.Management.Automation.Remoting"

Any ideas?

Thanks in advance!

Adam

Saturday, October 25, 2008 10:19 PM by Adam

# re: Remoting with PowerShell QuickStart -- XP etc

I noticed WinRM is out for WinXP, but I imagine that doesn't necessarily mean that PS2 CTP2 now magically supports remoting.  I actually get pretty far w/the WS-management script, except I get this one error:

CheckError : Configuring PowerShell plugin failed

At C:\WINDOWS\system32\WindowsPowerShell\v1.0\\wsmanutils.ps1:155 char:16

+      CheckError <<<<  "Configuring PowerShell plugin failed"

Note v2.0 is installed, it's just in the v1.0 directory

Thursday, December 04, 2008 11:40 AM by Josh Smith

# re: Remoting with PowerShell QuickStart -- XP etc

I noticed WinRM is out for WinXP, but I imagine that doesn't necessarily mean that PS2 CTP2 now magically supports remoting.  I actually get pretty far w/the WS-management script, except I get this one error:

CheckError : Configuring PowerShell plugin failed

At C:\WINDOWS\system32\WindowsPowerShell\v1.0\\wsmanutils.ps1:155 char:16

+      CheckError <<<<  "Configuring PowerShell plugin failed"

Note v2.0 is installed, it's just in the v1.0 directory

Thursday, December 04, 2008 3:32 PM by Josh Smith

# re: Remoting with PowerShell QuickStart

You need to install the CTP of WSMan 2.0, but they are currently supported on Vista-SP1 and WS08 only.

Thursday, December 04, 2008 6:16 PM by PowerBloger

# re: Remoting with PowerShell QuickStart

Hi - I'm really having a lot of trouble understanding/confirming the exact system requirements needed to use PS remoting. I've looked around quite a bit on various blog sites - most everyone else seems to be able to run remoting commands with no issue.

My problem is that I am running both WS2008 and Win7, with the versions of PS 2 installed via the base OS install, and I am unable to use any remoting commands. I have done "winrm quickconfig" and the "configure-wsman1" scripts but no PS command seems to want to admit to knowing anything about remoting, they all give me errors saying that they do not know anything about '-computername', etc. The below output is from my WS2008 machine.

Is there a document or site somewhere that specifies *EXACTLY* what versions of the OS and PS you need to do remoting, and *EXACTLY* what steps need to be taken to set it up?

Many thanks

PS C:\Windows\System32\WindowsPowerShell\v1.0> $host.version

Major  Minor  Build  Revision

-----  -----  -----  --------

2      0      -1     -1

PS C:\Windows\System32\WindowsPowerShell\v1.0> $psversiontable

Name                           Value

----                           -----

CLRVersion                     2.0.50727.3506

BuildVersion                   6.1.6936.0

PSVersion                      2.0

PSCompatibleVersions           {1.0, 2.0}

PS C:\Windows\System32\WindowsPowerShell\v1.0> winrm id

IdentifyResponse

   ProtocolVersion = http://schemas.dmtf.org/wbem/wsman/1/wsman.xsd

   ProductVendor = Microsoft Corporation

   ProductVersion = OS: 6.1.6936 SP: 0.0 Stack: 2.0

PS C:\Windows\System32\WindowsPowerShell\v1.0> invoke-expression -computername foo

Invoke-Expression : A parameter cannot be found that matches parameter name 'computername'.

At line:1 char:32

PS C:\Windows\System32\WindowsPowerShell\v1.0> new-runspace

The term 'new-runspace' is not recognized as a cmdlet, function, operable program, or script file. Verify the term and try again.

Saturday, December 13, 2008 3:22 AM by BobK

# re: Remoting with PowerShell QuickStart

Hmm. Looks like I stumped the panel. Can anyone at least recommend another site where I can try reposting?

Friday, December 19, 2008 4:12 AM by BobK

# PowerShell V2: CTP3 now available!

Sea Tea Pea Three Whee! Go get it ! The bits in the overview I want to call out (because I've seen others

Tuesday, December 23, 2008 8:57 AM by James Manning's blog

# re: Remoting with PowerShell QuickStart

Please help - similar problem to somebody above.

I'll give as much detail as possible.  I have upgraded to vista home professional & am trying to get powershell 2 to run background jobs. But I just can not do it.

I am first trying to get CTP2 working as if you jump straight to CTP3 you do not have the configure-Wsman.ps1 script !

Anyway - I've installed WinRM CTP3 on vista (x86) & powershell.  I've tried all the suggestions to change the registry(DWORD stuff), stop UAD etc.  I have even restored the "hidden" administrator id.  But still, when trying to configure winRM I get ....

PS C:\Users\Administrator> get-service winrm

Status   Name               DisplayName

------   ----               -----------

Stopped  WinRM              Windows Remote Management (WS-Manag...

PS C:\Users\Administrator> start-service winrm

PS C:\Users\Administrator> & $pshome\Configure-Wsman.ps1

Configuring WSMan

WSManFault

   Message = Access is denied.

Error number:  -2147024891 0x80070005

Access is denied.

Error restoring default WSMan configuration. Exiting

PS C:\Users\Administrator>

Please can somebody help

Cheers

Will

Saturday, February 28, 2009 1:05 PM by Will Ludgate

# re: Remoting with PowerShell QuickStart

@Will

Basically you need to check three things:

1. PowerShell console runs elevated.

2. Password of your administrator account is not empty.

3. Local account token filter policy is enabled:

new-itemproperty -path HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System -name LocalAccountTokenFilterPolicy -propertyType DWord -value 1

Also, in CTP3 you need to use Enable-PSRemoting command for remoting configuration. Configure-WSMan script is deprecated.

Hope this helps,

Vladimir Averkin

Windows PowerShell team

Monday, March 02, 2009 12:15 PM by PowerShellTeam

# re: Remoting with PowerShell QuickStart

Any chance we could get these old posts updated AT THE TOP with something like [[THIS WAS A CTP POST -- IT'S PROBABLY WRONG NOW]] so that people don't have to come all the way to the bottom (or into IRC or USENET) to figure out why configure-wsman.ps1 doesn't work anymore?

Tuesday, December 01, 2009 12:30 PM by Joel "Jaykul" Bennett

# re: Remoting with PowerShell QuickStart

Question about how to import modules on a remote server. I'm trying to remotely stop an IIS website with the following command but it doesnt seem to work (although it doesnt report an error either).

powershell -command "icm hydrogen {import-module webadministration | stop-webitem iis:\sites\mysite}"

Any thought on why this doesnt work?

CT

Monday, December 21, 2009 8:02 PM by Tadlock Enterprises

# re: Remoting with PowerShell QuickStart

Installed powershell 2 with winrm using windows core manageability pack. Winrm gives the following error:

WSManFault

  Message = Access is denied.

Error number:  -2147024891 0x80070005

When I install the WS-Man 1.1 package without powershell winrm works fine. Unfortunately winrm only packages are not available for Vista/Windows 7.

I am running on elevated priviledges in an admin account. I have this problem in XP, Vista and Windows 7.

I read through your blog about configure-wsman.ps1 but the script is not available in RTM relase.

Any ideas on how to fix this problem?

Monday, February 08, 2010 8:49 AM by VJ

Leave a Comment

(required) 
required 
(required) 

  
Enter Code Here: Required
 
Page view tracker