Previous versions of PowerShell were very powerful,
but they lacked the ability to easily execute PowerShell scripts on
remote servers. One of the new features in Windows Server 2008 R2
PowerShell v2 is called remoting. This new remoting infrastructure enables any PowerShell command or script to be run on remote servers.
For this to occur, the
servers need to have Windows PowerShell v2 installed locally.
Additionally, remoting has to be enabled on the servers. This allows you
to run your PowerShell commands on remote servers, and you can even
write configuration scripts or a script that starts services, all from
your local computer.
What makes remoting a
powerful addition to Windows Server 2008 R2 server is that you do not
need really any major network infrastructure configuration. Once you
know the script or command you want to run, it is then just a matter of
executing the script on any number of computers without any knowledge of
the underlying network and how it functions. In the end, PowerShell
takes care of all the details of the network connection. Remoting allows
you to run any number of PowerShell commands on any number of computers
simultaneously.
The remoting functions are
all built on WMI remoting, and this allows you to both execute commands
on and work interactively with remote PowerShell sessions.
1. Enable PowerShell Remoting
Before you can use PowerShell
v2 remoting, you have to enable it on the Windows Server 2008 R2
servers you want to run remote PowerShell sessions on. In this brief
section, you will now see how to enable remoting on your Windows Server
2008 R2 server installations.
When you enable remoting on your server, it will do a few things for you:
Start or restart the WinRM service, if it is currently running
Set the WinRM service to start automatically
Create a listener to accept requests on any IP address
Enable the firewall exception for WS management traffic
To enable remoting, follow this procedure on either your Windows Server 2008 R2 full server or Server Core installation:
Open your PowerShell window in your administrator tools.
Run the following cmdlet:
Enable-PSRemoting
Press Y and hit Enter to continue the process; you will see a screen similar to Figure 1.
After you review the changes being made to your server, press Y and hit Enter to continue.
2. Run Remote Commands
In this section, you will
see how to use remoting to run your PowerShell commands. To do this, you
run the same commands that you would normally run locally. However, now
you will use the invoke command (ICM) to begin the process, followed by
your PowerShell cmdlet, and ending with the ComputerName parameter. The ComputerName parameter can except host names, fully qualified domain names (FQDNs), and IP addresses.
|
If you see the following error message (also pictured in Figure 2), it could be for a few reasons:
Enter-PSSession:
Connecting to remote server failed with the following error message :
The WinRM client cannot process the request. If the authentication
scheme is different from Kerberos, or if the client computer is not
joined to a domain, then HTTPS transport must be used or the destination
machine must be added to the TrustedHosts configuration setting. Use
winrm.cmd to configure TrustedHosts. You can get more information about
that by running the following command: winrm help config.
If you are using host names or
FQDNs and you have an error with name resolution, you will see this
error. One way you can verify whether you are having an issue with name
resolution is to insert the IP address of the system you want to run the
remote commands on. If the IP address works, this indicates you have a
name resolution error.
Another reason you could be
getting this error is if you can configure your WinRM trusted hosts. To
see what trusted hosts are currently configured, you can run this
command:
winrm Get winrm/config/client
To configure the trusted hosts, you can run the following command:
Set-Item WSMan:\localhost\Client\TrustedHosts <computername> -force
Note that if you use the * wildcard, this will enable remote connection for all computers.
|
Running commands is a matter
of using the parameters covered earlier. For example, if you wanted to
see all the running services on the remote server, your PowerShell
command would look like the following, and your results would look like Figure 3 for a server named WIN-NGKN55U121R. Notice that the PSComputerName column is now listed.
icm {Get-Service | Where {$_.Status -eq "Running"}} -ComputerName <computername>
As you can see, this command is identical with three changes:
The addition of the ICM at the beginning of the statement
The command is wrapped in {}
The command ends with the -computername parameter
Running your remote
commands on servers with remoting enabled will more than most likely
follow these guidelines. This allows you to quickly reuse your work and
apply your knowledge of how to work with PowerShell locally.
For example, you can assign
a variable to the previous command by using the following one. You see
the output variable (OV) used to save the results into a variable called
sv:
icm -Session $s {Get-Service | Where {$_.Status -eq "Running"}} -OV sv
As you can see, you can work these objects as you would any other objects. You can even get more information with the get-member command using the following:
$sv | Get-Member
Or you can continue to manipulate the objects with the following command:
$sv | Select * | Out-GridView
