Upload
jonathanmedd
View
2.559
Download
0
Tags:
Embed Size (px)
Citation preview
POWERSHELL 2.0 REMOTING
UK POWERSHELL USER GROUP
Jonathan Medd
I have a dream...........
Ben Pearce, Microsoft PFE, gave me that dream in Oct 2008.......
......and now that dream has come true!PowerShell Remoting is here and I can manage my entire Windows estate from the comfort of my Home Cinema.
PowerShell 2.0 – New Cmdlets with Remoting Functionality PowerShell 1.0 only had Get-WmiObject -
Computername PowerShell 2.0 has 35 cmdlets with
ComputerName paramter Examples: Get-Service, Restart-Computer,
Write-EventLog Use protocols such as RPC & DCOM Find them with Get-Command | Where-
Object {$_.definition -match 'computername'}
Software Requirements for Full-Fat Remoting
Typically HTTP on port 5985, open for WinRM 2.0. HTTPS on (5986)
PowerShell 2.0 and WinRM 2.0 So either:
Windows Server 2008 R2 or Windows 7Windows Server 2003 or Windows XP and
later with the Windows Management Framework Installed which includes PowerShell 2.0 and WinRM 2.0
Enable-PSRemoting
Run as administrator Confirmation of changes
Additional Requirements if in Workgroup not Domain If OS is XP then set Network Access: Sharing and
Security Model for local accounts) to Classic. Then, for any Windows Operating System, including
Windows XP, you will need to add the names of the remote computer(s) into the TrustedHosts setting of WinRM
Set-Item WSMan:localhost\Client\TrustedHosts -value ServerName
Enable via Group Policy
Allow automatic configuration of listeners Computer Configuration\Policies\Administrative Templates\
Windows Components\Windows Remote Management\WinRM Service\
Manual Firewall Settings
Enable Windows Remote Management
Interactive PowerShell Remoting
Enter-PSSession –ComputerName Server01
Similar to Telnet / SSH Kerberos authentication by default,
encryption can be added with SSL Exit-PSSession when finished.
Session is torn down at this point
Interactive PowerShell Remoting Demo
If we stopped at this point even this interactive story would be great……..
30 years of catch-up on remote command line management
SSH is so 2007.....
Persistent PowerShell Remoting
Persistent PowerShell Remoting
Let’s create multiple sessions and store them in a variable $sessions
$sessions = New-PSSession –ComputerName (Get-Content Servers.txt)
Can be accessed by cmdlets like Enter-PSSession or Invoke-Command
Are maintained after the session has been used, until timeout period expired
Basic Session Options
New-PSSession Parameters: -Credential: e.g. Domain01\User01 -Name: a friendly name to refer to them
with -Port: alternate port number to use -ThrottleLimit: max number of outbound
sessions from this command, 32 by default Other parameters are available, check Get-
Help!
Advanced Session Options
New-PSSessionOption Parameters: -IdleTimeout: Default is 4 mins -OpenTimeout -OperationTimeout -NoCompression Other parameters are available, check
Get-Help! Used via New-PSSession -
SessionOption
Advanced Session Options Set at the Destination
Register-PSSessionConfiguration Create customised session
configurations to present to remote connections.
-StartupScript: most interesting parameter
Used via New-PSSession -ConfigurationName
Using Persistent Sessions
Invoke-Command –Session $sessions –ScriptBlock {Get-Culture}
Note the PSComputerName Property returned Invoke-Command –Session $sessions –
FilePath C:\Scripts\QueryServer.ps1 You can now run any existing script against
all your remote servers
If you’re using Windows and not retiring in the next
12 – 18 months, you need to learn PowerShell!
Implicit PowerShell Remoting
Use Management Tools from remote servers on your client workstation
No need to install modules locally Import-PSSession –Session $session
–Module ActiveDirectory All cmdlets from Active Directory
module now available on local workstation
Obligatory Cloud Slide
Exchange Online (BPOS) $LiveCred = Get-Credential $Session = New-PSSession -ConnectionUri
https://ps.outlook.com/powershell/ -Credential $LiveCred -Authentication Basic -AllowRedirection
Import-PSSession $Session A Cloud Service Provider can supply you
with the tools you need to manage their service with no local installation required
Links
Simple-Talk Article http://www.simple-talk.com/sysadmin/powershell/new-remoting-features-in-powershell-2.0/
Administrators Guide to PowerShell Remoting http://powershell.com/cs/media/p/4908.aspx
Layman’s Guide to PowerShell Remoting http://www.ravichaganti.com/blog/?p=1305