feb 2010 intro to remoteing part1
TRANSCRIPT
Introduction to PowerShell Remoting, Part 1
Matt Johnson, GSEC, [email protected]
What we are going to cover?
• An simple intro to remoting
• Remoting Prerequisites
• Basic Remoting using –ComputerName
• Setting up Remoting
A SIMPLE INTRO TO REMOTING
In Version 1.0
• In version 1.0, the only command available with –ComputerName was Get-WMIObject
• This made managing a remote PC complicated.
New in V2!
• Some cmdlets were updated with the –ComputerName parameter.– Get-Process– Get-Service– GetWinEvent– GetEventLog– Restart-Computer– Stop-Computer– Test-Connection
New in V2! Cont….
• Remote console via PS Sessions.– Kinda like SSH but much cooler (since it is
PowerShell)– You can run ANY command on the remote PC.– Can run interactively or via jobs
REMOTING PREREQUISITES
What you need
• Windows 7 and Windows Server 2008 R2 has the necessary bits
• Windows Vista, XP, Server 2003 and Server 2008 you will need the Windows Management Framework– Windows PowerShell 2.0, Windows Remote
Management (WinRM) 2.0, and Background Intelligent Transfer Service (BITS) 4.0
What version am I using?
• To check your PowerShell version, use the variable $PSVersionTable
Things to remember beforehand
• You MUST be in the Administrators group on the remote PC.
• Both the remote and local computers must be configured to use remoting.
• You must have PowerShell and the related bits installed on all machines
Things to remember Cont…
• On current versions of windows. The network type must be work or home. Public will not work.
• Any policies, ie group policies, on the remote pc are in effect in remote PowerShell sessions. Keep that in mind if something isn’t working as expected.
BASIC REMOTING USING –COMPUTERNAME
Commands with -ComputerName
Get-ProcessGet-ServiceGetWinEventGetEventLogRestart-ComputerStop-ComputerTest-Connection
Demo Time!
• Get-EventLog
• Get-Process
SETTING UP REMOTING
Enabling PowerShell Remoting
• Remember to be an Administrator!• Open a PowerShell Prompt on the machine
and type Enable-PSRemoting.
What is it doing?• Runs the Set-WSManQuickConfig cmdlet, which performs the following
tasks: – Starts the WinRM service. – Sets the startup type on the WinRM service to Automatic. – Creates a listener to accept requests on any IP address. – Enables a firewall exception for WS-Management communications.
• Enables all registered Windows PowerShell session configurations to receive instructions from a remote computer. – Registers the "Microsoft.PowerShell" session configuration, if it is not already
registered. – Registers the "Microsoft.PowerShell32" session configuration on 64-bit
computers, if it is not already registered. – Removes the "Deny Everyone" setting from the security descriptor for all the
registered session configurations. – Restarts the WinRM service to make the preceding changes effective.
Running x64?
• On x64 hardware, a 32-bit listener is installed.
Firewall Exception
Remoting is now enabled!
• What do you do next?– Configure PSRemoting– Run Scripts / Commands Remotely
In Two Months!
• Running Interactively with PS Remoting• Running Jobs with PS Remoting• WS-MAN Configuration
QUESTIONS?
Contact Info
• Matt Johnson• Phone: +1 (734) 931-0323• Web: http://www.mwjcomputing.com/• Blog: http://www.mwjcomputing.com/blog/• Twitter: http://twitter.com/mwjcomputing• Email: [email protected]
THANKS!