Follow these steps to enable PowerShell remoting via GPO.
On the DC, create a new domain policy.
Edit the newly created GPO.
Computer Configuration\Policies\Administrative Templates\Windows Components\Windows Remote Management WinRM Service
- Open the “All remote server management..” policy and change it to
enabledand set the filters for IPv4/6 to
- NOTE: After you ensure this works, go back and change this to your appropriate subnet instead - see here for more info.
Now we need to configure the firewall. Navigate to: Computer Configuration\Policies\Windows Settings\Security Settings\ Windows Firewall\Inbound Rules
Right click => Create A New Rule => Predefined: Windows Remote Management => Keep defaults for next screens and finish.
Now, in the same tree that you are in, navigate up to “System Services” => Select “Windows Remote Management” Service => check “define this setting” and set it to
Navigate back up to:
Computer Configuration\Preferences\Control Panel Settings\Services.
Right click - New - Service => General Tab: Startup= No Change, ServiceName= WinRM, ServiceAction (optional)= Start Service => Recovery tab => set all 3 dropdowns to “restart the service”
- Done. Run gpupdate on the domain controller and wait for it to be pushed to the clients.