Enabling PowerShell Remoting

by Apr 1, 2014

If you'd like to use PowerShell Remoting to execute commands and scripts on another machine, then you need to enable Remoting on the target side with full Admin privileges:

On the client side, you do not need to do anything special when you are in the same domain and are using a domain account.

If you want to access a target computer without Kerberos authentication (target is in another domain, or you want to use IP addresses or not fully qualified DNS names), then you need to do this once with full Admin privileges:

By setting trusted hosts to “*”, PowerShell will allow you to contact any IP or machine name you want, and if the connection cannot be secured by Kerberos, NTLM authentication is used. So this setting is not affecting who can contact a machine (use firewall rules for this). It is simply telling PowerShell that you are willing to use the (less secure) NTLM authentication when Kerberos is unavailable. NTLM is less secure because it cannot tell whether the target computer is really the computer you want to reach. While Kerberos does a mutual authentication, NTLM does not. Your credentials directly go to the machine you specify. An attacker could have replaced the machine with his own and taken the machine IP address, for example, and you would not notice with NTLM.

Note: Run Disable-PSRemoting only if you enabled remoting just to change the trusted hosts list and want to turn this off again afterwards. Do not disable remoting if it was turned on before and possibly is in use by someone else.

Once Remoting is in place, you can visit remote systems using Enter-PSSession, and you can run commands and scripts on these machines using Invoke-Command.

Twitter This Tip! ReTweet this Tip!