CODEWITHSUNDEEP
windowspowershellwinrm
ThyRaju
ThyRaju

Reputation: 425

Allowing WinRM in the Windows Firewall

I am using windows 7 machine, installed windows power shell. How to ensure that the Windows Firewall is configured to allow Windows Remote Management connections from the workstation. For example: netsh advfirewall firewall set rule name="Windows Remote Management (HTTP-In)" profile=public protocol=tcp localport=5985 remoteip=localsubnet new remoteip=any

I'm following above command, but not able to configure it.

Upvotes: 6

Views: 73588

Answers (3)

Lachie White
Lachie White

Reputation: 1261

Enable-PSRemoting -force Is what you are looking for!

winrm quickconfigis good precaution to take as well, starts WinRM Service and sets the service to auto-start.

However if you are looking to do this to all Windows 7 machines you can enable it via Group Policy

Upvotes: 14

NeoTheNerd
NeoTheNerd

Reputation: 656

I used this a few years ago to connect to a remote server and update WinRM before joining it to the domain. (the $server variable is part of a foreach statement). This part of my script updates -:

  1. Windows Firewall from Public to Private
  2. Windows Firewall to allow remote WMI Access
  3. Trusted Hosts is not domain-joined and therefore must be added to the TrustedHosts list
  4. Windows Firewall to allow RDP
  5. Enable RDP : 1 = Disable ; 0 = Enable
$RequestingServer = $env:COMPUTERNAME
#Local Server Admin Account
[STRING] $LocalUser = "Administrator" #Obviously Change Account
[STRING] $LocalPassword = "Password01" #Obviously Change Password
$LocalSecurePassword = $LocalPassword | ConvertTo-SecureString -AsPlainText -Force
$LocalCredentials = New-Object System.Management.Automation.PSCredential -ArgumentList $LocalUser, $LocalSecurePassword

                #Update Windows Firewall Remotely
                $LocalSession = New-PSSession -Computername $Server -Credential $LocalCredentials
                Invoke-Command -Session $LocalSession -ScriptBlock {
                
                $AddServer = $Using:RequestingServer
                
                #Update Windows Firewall from Public to Private
                Get-NetConnectionProfile | Set-NetConnectionProfile -NetworkCategory Private
                #Update Windows Firewall to allow remote WMI Access
                netsh advfirewall firewall set rule group="Windows Management Instrumentation (WMI)" new enable=yes
                #Update Trusted Hosts is not domain-joined and therefore must be added to the TrustedHosts list 
                Set-Item wsman:\localhost\Client\TrustedHosts -Value $AddServer -Force
                #Update Windows Firewall to allow RDP
                Enable-NetFirewallRule -DisplayGroup "Remote Desktop"
                #Enable RDP : 1 = Disable ; 0 = Enable
                Set-ItemProperty -Path "HKLM:\System\CurrentControlSet\Control\Terminal Server" -Name "fDenyTSConnections" -Value 0
                }

Upvotes: 0

Changming Sun
Changming Sun

Reputation: 935

It depends on which protocol you use.

The following one works for me:

Set-NetFirewallRule -Name "WINRM-HTTP-In-TCP-PUBLIC" -RemoteAddress Any

Source: https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_remote_troubleshooting?view=powershell-7.2#how-to-enable-remoting-on-public-networks

Upvotes: 1

Related Questions