Reputation: 21226
Can not connect to remote pc with powershell
I connect from one computer to another remote computer with powershell.
For this to work I did some configuration on both computer according to this video:
https://technet.microsoft.com/en-us/itmanagement/ff765030.aspx
But still I get an error message when I try to do this on the local computer:
enter-pssession -comp remotePC -credential domain\username
Then I enter the password and hit enter.
I get this error:
Connecting to remote server LocalPC failed with the following error message :
The WS-Management service cannot process the request. The
service is configured to not accept any remote shell requests. For more
CategoryInfo : OpenError: (LocalPC:String) [], PSRemotingTrans
portException + FullyQualifiedErrorId : RemoteSessionDisallowed,PSSessionStateBroken
The "Windows Remote Management"-Service is started on the remote PC.
I totally disabled the firewall for test purpose totally on the remote PC.
I did also enable-psremoting and Set-Item WSMan:\localhost\Client\TrustedHosts *
When I execute on the remote PC:
winrm config it says:
WinRM service is already running on this machine.
WinRM is already set up for remote management on this computer.
What else of that 1000 things do I still have to enable that I can connect to my remote pc with powershell?
UPDATE
PS C:\Windows\system32> winrm get winrm/config/service
Service
RootSDDL = O:NSG:BAD:P(A;;GA;;;BA)(A;;GR;;;IU)S:P(AU;FA;GA;;;WD)(AU;SA;GXGW;;
MaxConcurrentOperations = 4294967295
MaxConcurrentOperationsPerUser = 1500
EnumerationTimeoutms = 240000
MaxConnections = 300
MaxPacketRetrievalTimeSeconds = 120
AllowUnencrypted = false
Auth
Basic = false
Kerberos = true
Negotiate = true
Certificate = false
CredSSP = false
CbtHardeningLevel = Relaxed
DefaultPorts
HTTP = 5985
HTTPS = 5986
IPv4Filter = *
IPv6Filter = *
EnableCompatibilityHttpListener = false
EnableCompatibilityHttpsListener = false
CertificateThumbprint
AllowRemoteAccess = true
PS C:\Windows\system32> winrm e winrm/config/listener
Listener
Address = *
Transport = HTTP
Port = 5985
Hostname
Enabled = true
URLPrefix = wsman
CertificateThumbprint
ListeningOn = xx.xx.xx.xx, 127.0.0.1, ::1, fe80::4c2c:a8d0:6046:764d%11
UPDATE 2
PS C:\Windows\system32> dir WSMan:\localhost\Shell\
WSManConfig: Microsoft.WSMan.Management\WSMan::localhost\Shell
Type Name SourceOfValue Value
---- ---- ------------- -----
System.String AllowRemoteShellAccess GPO false
System.String IdleTimeout 7200000
System.String MaxConcurrentUsers 10
System.String MaxShellRunTime 2147483647
System.String MaxProcessesPerShell 25
System.String MaxMemoryPerShellMB 1024
System.String MaxShellsPerUser 30
Upvotes: 3
Views: 6010
Answers (1)
Reputation: 22132
As you can see from dir WSMan:\localhost\Shell\ output:
Type Name SourceOfValue Value
---- ---- ------------- -----
System.String AllowRemoteShellAccess GPO false
WS-Management configuration property AllowRemoteShellAccess have value false with source GPO. That means: group policy applied to target computer does disallow remote shell access.
Upvotes: 1
Related Questions
- WinRM connectivity issue?
- PowerShell says "execution of scripts is disabled on this system."
- Setting Windows PowerShell environment variables
- How to run a PowerShell script
- Determine installed PowerShell version
- WinRM fails: The client cannot connect to the destination specified in the request
- New-PSSession to localhost fails
- WSMan and Basic authorization