SID-500

Home » PowerShell » PowerShell Remoting: How to connect to Remote Hosts in a Domain- and in a Non-Domain Environment (Trusted Hosts)

PowerShell Remoting: How to connect to Remote Hosts in a Domain- and in a Non-Domain Environment (Trusted Hosts)

In this article I will show how to connect to remote hosts and how to configure the list of Trusted Hosts. Because with the introduction of Windows Server Core and Nanoserver, the significance of Windows PowerShell Remoting has increased.

For remoting, you can also use Remote Desktop, as described in my article: How to enable Remote Desktop and establish a Remote Desktop Session (Windows 10 / Windows Server). But this article is all about PowerShell Remoting.

Enter-PSSession

I am logged on to a client computer as a domain administrator. Now i try to connect to server spagr02, which is located in the same domain than me. spagr02 is running Windows Server 2016. In Windows Server 2012 / 2016 Remote Management is enabled by default. In Windows Server 2008 run winrm qc to enable Remote Management.

Enter-PSSession -ComputerName spagr02

1

It works like a charm. In a domain environment.

The list of Trusted Hosts with IPv4

If the computers are not in a shared domain, authentication information must be supplied with the -credential parameter, and both computers must trust each other. Keyword: TrustedHosts!

We have to configure Trusted Hosts on both computers. They have to trust each other for establishing a remote connection.

Set-Item wsman:\localhost\client\TrustedHosts -Value 192.168.0.103 -Force

6.PNG

Then try to connect to the remote host by using the Credential parameter.

Enter-PSSession -ComputerName HostName -Credential nano500\administrator

7.PNG

The list of Trusted Hosts with IPv6

To configure Trusted Hosts with IPv6 we have to place the IPv6 Link-Local Address in brackets.

Set-Item wsman:\localhost\client\TrustedHosts -Value [fe80::bc11:fa91:8674:99ba] -Force
Enter-PSSession -ComputerName fe80::bc11:fa91:8674:99ba -Credential nano500\administrator

1.PNG

Safety is over-estimated – Configure * 😉

The list of trusted hosts can also be set to *. Then all computers can establish a remote session to the host.

Set-Item wsman:\localhost\client\TrustedHosts -Value * -Force

Further thoughts

Most of the PowerShell Cmdlets support the parameter -ComputerName. For checking installed Software on remote remote hosts, it´s easier to run a One-Liner with the parameter -ComputerName, instead of establishing a remote session: Windows Server: List all installed Roles and Features using PowerShell

If you don’t like SSH, use the PowerShell built-in remote feature, which I have described in my article: PowerShell: Use SSH to connect to remote hosts (Posh-SSH)


6 Comments

  1. […] For more information about PowerShell Remote Session see my article How to configure Trusted Hosts for PowerShell Remote Sessions. […]

    Like

  2. […] For installing Windows Server Roles and Features you can also establish a PowerShell Remote Session, which i described in this article: How to configure Trusted Hosts for PowerShell Remote Sessions. […]

    Like

  3. […] To do the same on a remote host simply add the command Invoke-Command and the parameter computername. Make sure, that both hosts are in the same domain. If they don´t share the same domain you have to configure them as Trusted Hosts. More about Trusted Hosts in  my article: How to configure Trusted Hosts for PowerShell Remote Sessions. […]

    Like

  4. […] If you like the Windows PowerShell built-in feature “PowerShell Remoting” more, then have a look at my article: PowerShell Remoting: How to connect to Remote Hosts in a Domain- and in a Non-Domain Environment (Tr… […]

    Like

  5. […] PowerShell Remoting: How to connect to Remote Hosts in a Domain- and in a Non-Domain Environment (Tr… […]

    Like

  6. […] More about PowerShell remoting and Trusted Hosts in my article PowerShell Remoting: How to connect to Remote Hosts in a Domain- and in a Non-Domain Environment (Tr… […]

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Categories

WHOIS

My name is Patrick Grünauer (pewa2303). I am from Austria. On sid-500 I write about Windows, Cisco and IT-Security in English and German. Have fun while reading!

Patrick Gruenauer
Follow SID-500 on WordPress.com