8

I was trying to establish a remote connection to another system and execute some basic commands.

Below are the steps that I have done :

  • Configured the remote machine to accept Shell commands - Enable-PSRemoting – Force
  • Tested the configuration on remote machine - Test-WsMan COMPUTERNAME.
  • Executed the following commands on the host machine :

1.Invoke-Command -ComputerName COMPUTERNAME -ScriptBlock { Get-ChildItem C:\ } -credential USERNAME.

2.Invoke-Command -ComputerName COMPUTERNAME -ScriptBlock { Get-ChildItem C:\ } -credential $Credentials.

3.Invoke-Command -ComputerName COMPUTERNAME -ScriptBlock { Get-ChildItem C:\ }

In all the cases, we were getting access denied error : 

Access is denied. For more information, see the about_Remote_Troubleshooting Help topic. + CategoryInfo   : OpenError: (:) [], PSRemotingTransportException 
+ FullyQualifiedErrorId : PSSessionStateBroken
Venkatakrishnan
  • 776
  • 11
  • 26
Ajmal Moideen
  • 170
  • 1
  • 6
  • 17

1 Answers1

7

From MSDN:

  1. Start Windows PowerShell as an administrator by right-clicking the Windows PowerShell shortcut and selecting Run As Administrator.

  2. The WinRM service is confi gured for manual startup by default. You must change the startup type to Automatic and start the service on each computer you want to work with. At the PowerShell prompt, you can verify that the WinRM service is running using the following command: get-service winrm The value of the Status property in the output should be “Running”.

  3. To configure Windows PowerShell for remoting, type the following command: Enable-PSRemoting –force

In many cases, you will be able to work with remote computers in other domains. However, if the remote computer is not in a trusted domain, the remote computer might not be able to authenticate your credentials. To enable authentication, you need to add the remote computer to the list of trusted hosts for the local computer in WinRM. To do so, type: winrm s winrm/config/client '@{TrustedHosts="RemoteComputer"}' Here, RemoteComputer should be the name of the remote computer, such as: winrm s winrm/config/client '@{TrustedHosts="CorpServer56"}'

You should check if the winrm is running. Also add your remote hosts to the trusted hosts list (or your local machine).

Hope that helps.

Moerwald
  • 10,448
  • 9
  • 43
  • 83
  • 4
    I was able to solve the issue. It looks like I had to modify the security configuration for Windows PowerShell remoting in the remote machine. I used the command Set-PSSessionConfiguration -ShowSecurityDescriptorUI -Name Microsoft.PowerShell to add the client user on the remote machine. I was then able to communicate from the client machine to remote machine, – Ajmal Moideen Jun 19 '17 at 09:35
  • Can you write down what you had to change to make it work. Would be interesting to know. – Moerwald Jun 19 '17 at 09:37
  • I was able to solve the issue. It looks like I had to modify the security configuration for Windows PowerShell remoting in the remote machine. I used the command Set-PSSessionConfiguration -ShowSecurityDescriptorUI -Name Microsoft.PowerShell to add the client user on the remote machine. I was then able to communicate from the client machine to remote machine, – Ajmal Moideen Jun 28 '17 at 04:05
  • 1
    Thank you @AjmalMoideen - this at least got me to my next error. -_- – Bonez024 Apr 29 '19 at 17:14
  • 1
    @AjmalMoideen OMG thank you! No one else on Google mentioned this!! – velkoon Jul 22 '21 at 18:00
  • 1
    The remote user may also need to be present in the `Remote Management Users` local group – Efren Feb 15 '22 at 03:53