GPO: Enable-PSRemoting

1 minute read

Description:

Follow these steps to enable PowerShell remoting via GPO.

To Resolve:

  1. On the DC, create a new domain policy.

  2. Edit the newly created GPO.

  3. Navigate to: Computer Configuration\Policies\Administrative Templates\Windows Components\Windows Remote Management WinRM Service

  4. Open the “All remote server management..” policy and change it to enabled and set the filters for IPv4/6 to *
    • NOTE: After you ensure this works, go back and change this to your appropriate subnet instead - see here for more info.

    gpo-enable-psremoting-1

  5. Now we need to configure the firewall. Navigate to: Computer Configuration\Policies\Windows Settings\Security Settings\ Windows Firewall\Inbound Rules

  6. Right click => Create A New Rule => Predefined: Windows Remote Management => Keep defaults for next screens and finish.

    gpo-enable-psremoting-2

  7. Now, in the same tree that you are in, navigate up to “System Services” => Select “Windows Remote Management” Service => check “define this setting” and set it to automatic.

  8. Navigate back up to: Computer Configuration\Preferences\Control Panel Settings\Services.

  9. Right click - New - Service => General Tab: Startup= No Change, ServiceName= WinRM, ServiceAction (optional)= Start Service => Recovery tab => set all 3 dropdowns to “restart the service”

  10. Done. Run gpupdate on the domain controller and wait for it to be pushed to the clients.

References:

“PS Remoting Considerations”
“Enable Powershell Remoting via Group Policy “

Comments

You May Also Enjoy