Notifications

846 views

Description

As windows discovery uses PowerShell remote execution framework to automatically handle remote execution of scripts on target devices. And to handle issue related to powershell remote execution below is the steps to check if the target machine have Powershell remoting is enabled and working.

 

Common Errors: "Failed to launch process powershell -ExecutionPolicy ByPass -NonInteractive -WindowStyle Hidden -command "

Release or Environment

Madrid 3 and Later Versions

Resolution

  1. The first step to enable PowerShell Remoting on the server to which you want to make remote connections is to open PowerShell with administrative privileges.
        1.    
        2.  
  2. In the PowerShell window, type the following cmdlet and then hit Enter: "Enable-PSRemoting -Force"

        •  
  3. This command starts the WinRM service, sets it to start automatically with your system, and creates a firewall rule that allows incoming connections. The -Force part of the cmdlet tells PowerShell to perform these actions without prompting you for each step.
  4. And to add a host to <trust zone> which needs to connect remotely, you can type the following cmdlet in PowerShell (again, you’ll need to run it as Administrator) : "Set-Item wsman:\localhost\client\trustedhosts *"
  5. The asterisk is a wildcard symbol for all hosts. If instead, you want to restrict servers that can connect, you can replace the asterisk with a comma-separated list of IP addresses or Hostnames.
  6. After running that command, you’ll need to restart the WinRM service so your new settings take effect. Type the following cmdlet and then hit Enter: "Restart-Service WinRM".
  7. It’s time to test the connection, From the MID Server execute the following cmdlet into PowerShell and then hit Enter: "Test-WsMan <Target IP>" and This simple command tests whether the WinRM service is running on the remote Host. If it completes successfully, you’ll see information about the remote Host's WinRM service in the window—signifying that WinRM is enabled and your <Target Host> can communicate. If the command fails, you’ll see an error message instead.
  8. To Execute a Single Remote Command on the remote system, use the Invoke-Command cmdlet using the following syntax:  "Invoke-Command -ComputerName COMPUTER -ScriptBlock { COMMAND } -credential USERNAME".
  9. Here’s an example. I want to view the contents of the C:\ directory on a remote host with the IP address want to use a username “xxxxx,” so I would use the following command:                                                                                                                                                                                                    "Invoke-Command -ComputerName <TargetIP> -ScriptBlock { Get-ChildItem C:\ } -credential domain\username"
  10. If you have several cmdlets you want to run on the remote HOST, instead of repeatedly typing the Invoke-Command cmdlet and the remote IP address, you can start a remote session instead. Just type the following cmdlet and then hit Enter:                                                            "Enter-PSSession -ComputerName <Target IP> -Credential Domain\USER"
 

 

 

 

Additional Information

Article Information

Last Updated:2020-02-13 23:40:18
Published:2020-02-07