In Linux , we can use secure SSH to facilitate remote management. But under Windows, in addition to the insecure Telnet, another command line original management method has been provided since Windows Server 2008, that is, WinRM based on PowerShell.
Here is how to use WinRM, the client and server must be in the same domain or the same local area network
surroundings:
Virtual machine win7
win7
1. Configure the WinRM (windows remote management) network setting on Windows7 as the working network, you can also skip the check, there is a summary of the problem at the bottom
C:\Windows\system32> winrm quickconfig
//或者进入powershell
ps>enable-psremoting2. Turn on the firewall command or turn off the firewall directly:
C:\Windows\system32>netsh advfirewall firewall set rule group="Windows 远程管理" new enable=yes
3. Use PowerShell to connect to the remote server:
PS C:\Users\Administrator> enter-pssession -computer server name or IP
//There are many errors in this article. There is an error summary at the bottom of the article. If it shows "connection refused", you can use the following complete connection. The following is a partial error.
Enter-PSSession: Failed to connect to the remote server, the error message is as follows: WinRM client cannot process the request. If the authentication scheme is different from Kerberos, or the client computer is not joined to the domain, then HTTPS transmission must be used or the target computer must be added to the TrustedHosts configuration setting. Use winrm.cmd to configure TrustedHosts. Please note that the computers in the TrustedHosts list may not be authenticated. More information about this can be obtained by running the following command: wi nrm help config. For more information, see the about_Remote_Troubleshooting help topic. Location line: 1 characters: 16 + Enter-PSSession <<<<? 192.168.3.1 -Credential abc\administrator + CategoryInfo: InvalidArgument: (192.168.3.1:String) [Enter-PSSession], PSRemotingTransportException + FullyQualifiedErrorId: CreateRemoteRunspaceFailed
Add a TrustedHosts table, which is equivalent to a trust list.
The server executes the following commands, the client needs to have administrator rights to execute, add the hosts with IP 192.168.3.* to the trust list
Set-Item wsman:\localhost\Client\TrustedHosts -value 192.168.115.*
Finally use the following to fully connect, and then enter the password.
Enter-PSSession 192.168.3.1 -Credential abc\administrator
The command can complete the connection, if there is no domain, just write the user name.
To disable WinRM at any time, you can use this command:
winrm delete winrm/config/listener?IPAdress=*+Transport=HTTP
Exit the connection
exit-pssession
summary of a problem:
Question 1:
s\Administrator> enter-pssession -computer 192.168.115.130
ssion: The connection to the remote server 192.168.115.130 failed with the following error message: WinRM client cannot process the request. If the authenticator ros is different, or the client computer is not joined to the domain, the HTTPS transmission must be used or the target computer must be added to the TrustedHosts configuration setting winrm.cmd to configure TrustedHosts. Please note that the computers in the TrustedHosts list may not be authenticated. More information can be obtained by running the following command: winrm help config. For more information, see the about_Remote_Troubleshooting help topic. Line: 1 character: 1 session -computer 192.168.115.130 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ goryInfo: InvalidArgument: (192.168.115.130:String) [Enter-PSSession], PSRemotingTransportException yQualifiedErrorId: CreateRemoteRunspaceFailed
To solve it, execute on the client:
Set-Item wsman:\localhost\Client\TrustedHosts -value 192.168.3.*
///or
Set-Item WSMan:\localhost\client\trustedhosts * -Force
Question 2
PS C:\Users\Administrator> enter-pssession -computer 192.168.115.130
enter-pssession: The connection to the remote server 192.168.115.130 fails and the following error message is displayed: Access is denied. For more information, please refer to the about_Remo te_Troubleshooting help topic. Location line: 1 character: 1 + enter-pssession -computer 192.168.115.130 + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~ + CategoryInfo: InvalidArgument: (192.168.115.130:String) [Enter-PSSession], PSRemotingTransportException + FullyQualifiedErrorId: CreateRemoteRunspaceFailed
//solve
Enter-PSSession 192.168.3.1 -Credential abc\administrator //主机名\用户名
Question 3
PS C:\windows\system32> Enable-PSRemoting -Force
WinRM is set up on this computer to receive requests. Set-WSManQuickConfig: <f:WSManFault xmlns:f="http://schemas.microsoft.com/wbem/wsman/1/wsmanfault" Code="2150859113" M achine="localhost"><f:Message><f :ProviderFault provider="Config provider" path="%systemroot%\system32\WsmSvc.dll"><f:WS ManFault xmlns:f="http://schemas.microsoft.com/wbem/wsman/1/wsmanfault" Code="2150859113" Machine="lele"><f:Message> Since one of the network connection types on this computer is set to public, the WinRM firewall exception will not work. Change the network connection type to domain or private and try again. </f:Message></f:WSManFault></f:ProviderFault></f:Message></f:WSManFault> Location line: 69 characters: 17 + Set-WSManQuickConfig -force + ~~~~~ ~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo: InvalidOperation: (:) [Set-WSManQuickConfig], InvalidOperationException + FullyQualifiedErrorId: WsManError,
//Solve, skip checking network
Enable-PSRemoting -Force -SkipNetworkProfileCheck
Question 4:
PS C:\Users\Administrator> enter-pssession -computer 10.211.8.173
enter-pssession: Connecting to the remote server 10.211.8.173 failed with the following error message: The client cannot connect to the target specified in the request. Please verify that the service on the target is running and accepting requests. For the WS management service running on the target (usually IIS or WinRM), please consult the logs and documentation. If the target is the WinRM service, run the following command on the target to analyze and configure the WinRM service: "winrm quickconfig". For more information, please refer to the about_Remo te_Troubleshooting help topic. Location line: 1 character: 1 + enter-pssession -computer 10.211.8.173 + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~ + CategoryInfo: InvalidArgument: (10.211.8.173:String) [Enter-PSSession], PSRemotingTransportException + FullyQualifiedErrorId: CreateRemoteRunspaceFailed
/solve
///Server execution
PS C:\Users\Administrator>enable-psremoting