How to configure winrs for localhost?

Question

On executing commands on localhost I get Access Denied error as follows

PS C:\Windows\System32> winrs -r:localhost dir


Winrs error:Access is denied. PS C:\Windows\System32>

Followig is my configuration

PS C:\Windows\System32> winrm enumerate winrm/config/listener
Listener
    Address = *
    Transport = HTTP
    Port = 80
    Hostname
    Enabled = true
    URLPrefix = wsman
    CertificateThumbprint
    ListeningOn = 127.0.0.1, 192.168.1.3, ::1, 2001:0:4137:9e50:20d3:3b94:3f57:fefc, fe80::5efe:192.168.1.3%11, fe80::20
d3:3b94:3f57:fefc%12, fe80::adea:d512:c3d3:8b08%10

PS C:\Windows\System32> winrm get winrm/config
Config
    MaxEnvelopeSizekb = 150
    MaxTimeoutms = 60000
    MaxBatchItems = 20
    MaxProviderRequests = 25
    Client
        NetworkDelayms = 5000
        URLPrefix = wsman
        AllowUnencrypted = false
        Auth
            Basic = true
            Digest = true
            Kerberos = true
            Negotiate = true
            Certificate = true
        DefaultPorts
            HTTP = 80
            HTTPS = 443
        TrustedHosts = *
    Service
        RootSDDL = O:NSG:BAD:P(A;;GA;;;BA)(A;;GR;;;ER)S:P(AU;FA;GA;;;WD)(AU;SA;GWGX;;;WD)
        MaxConcurrentOperations = 100
        EnumerationTimeoutms = 60000
        MaxConnections = 25
        AllowUnencrypted = false
        Auth
            Basic = true
            Kerberos = true
            Negotiate = true
            Certificate = false
        DefaultPorts
            HTTP = 80
            HTTPS = 443
        IPv4Filter = *
        IPv6Filter = *
    Winrs
        AllowRemoteShellAccess = true
        IdleTimeout = 900000
        MaxConcurrentUsers = 5
        MaxShellRunTime = 2147483647
        MaxProcessesPerShell = 5
        MaxMemoryPerShellMB = 80
        MaxShellsPerUser = 2

What should I do to make it work?

I have Windows Vist Starter Edition I'm using PowerShell CTP 3

Answer 1

Since you are running Vista Starter Edition your system cannot be part of a domain. This has implications for WinRM (and PowerShell Remoting) - the following is from Powershell's internal help:

ps> get-help about_remote_faq | more

Down towards the end this has the following to say:

CAN I TEST REMOTING ON A SINGLE COMPUTER (NOT IN A DOMAIN)?

Yes. Windows PowerShell remoting is available even when the local
computer is not in a domain. You can use the remoting features to
connect to sessions and to create sessions on the same computer. The
features work the same as they do when you connect to a remote computer.

To run remote commands on a computer in a workgroup, change the
following Windows settings on the computer.

-- Windows Vista:

Create the following registry entry, and then set its value to 1:
LocalAccountTokenFilterPolicy in
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System

You can use the following Windows PowerShell command to add this entry:

new-itemproperty `
-path HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System `
-name LocalAccountTokenFilterPolicy -propertyType DWord -value 1

Answer 2

What OS? What version of WinRM? I see the default ports are 80 and 443, so that means you're likely using WinRM 1.1 or WinRM 2.0 CTP1 or CTP2.

If you're using XP and have IIS enabled, there was a problem with WinRM. I'm not sure if that's been fixed yet. The workaround was to simply stop the IIS service and see that WinRM then started working. A more permanent fix was to change the WinRM server port from 80 to something else.

Edit: OK right, it was in the RC that the ports changed from 80 and 443 perhaps. CTP3 still used those common ports.