PowerShell Remoting is not enabled by default for Windows clients (such as Windows 10, Windows 8, etc.) and for earlier versions of Windows Server (such as Windows Server 2012, Windows Server 2008 and R2, etc.). From Windows Server 2012 R2 and then on Windows Server 2016, PowerShell Remoting is enabled by default.
If you are going to enable PowerShell Remoting on a machine that you have physical access to or through Remote Desktop, then you can do it by following the next steps by running the corresponding PowerShell command. Alternatively, if you are going to enable it for a group of machines, then it would be best to set up PowerShell Remoting through Group Policy.
Enable PowerShell Remoting using PowerShell
With the Enable-PSRemoting command, you can enable remote management of a Windows Server. You should run it in a PowerShell window with administrator privileges. You will also need to confirm all the prompts that will appear to you.
Enable-PSRemoting |
Alternatively, use the -Force switch to skip the prompts.
Enable-PSRemoting -Force |
This method only works for non-public networks, that is, for network types that may be either Private or Domain.
However, if the network type is Public, you either need to change it to Private / Domain or use the -SkipNetworkProfileCheck switch to bypass this checkup and the error.
Enable-PSRemoting -SkipNetworkProfileCheck -Force |
When you run the command to enable PowerShell Remoting then it automatically starts a series of actions, ie it initiates and sets up the WinRM service, creates the default listeners, creates all the necessary firewall rules and finally creates the default endpoints.
Activation is immediate and does not require a restart of the machine. Also, PowerShell Remoting is a machine configuration that means it will be enabled for all users.
Previously, the same procedure was done through the command line and in particular the winrm quickconfig command. But it would be better to prefer PowerShell.
Check PowerShell Remoting is enabled
When you run the Test-WSMan command on a local computer then you can see if PowerShell Remoting is enabled or not. Of course, you can run the command for another computer by using the -ComputerName parameter.
Test-WSMan -ComputerName SRV1 |
With this command, you can check whether a remote machine, either a client or a server, is ready to connect through the WSMan (Web Services Management) protocol. You can determine whether an SSL (HTTPS) connection or a specific port or a specific credential will be used to check if one of them is working.
Test-WSMan -ComputerName SRV2 -Credential Company\Administrator |
This way you can check whether the specific credentials you are experiencing can communicate with your computer through PowerShell Remoting. By default, if you do not declare credentials, PowerShell Remoting uses those of the user who is already logged in. So, if you see the corresponding error message, it means that the user account you have entered does not have access to PowerShell Remoting on the corresponding computer.
Test-WSMan -ComputerName SRV2 -Credential Company\Administrator -Authentication Default |
Also, check to see that WinRM service is enabled and running the Get-Service WinRM command.
To check if the WinRM service is active on different computers, use the following command.
Get-Service WinRM -ComputerName SRV1,SRV2,SRV3 | Select MachineName,Name,Status,StartupType |
These were some of the first steps you will need to know to enable PowerShell Remoting but also check if it is active or not on one or more machines. Of course, as mentioned earlier, you do not have to run the command on each machine since you can automate the process using the Group Policy.
Great Post. It was really helpful for me to troubleshoot the issue.
On our servers, the parameter name is “StartType” rather than “StartupType”.