Administering your Azure VM on your Samsung Galaxy or iPhone? Introduced with Windows Server 2012, PowerShell Web Access is a new Windows Server feature which enables you to administer your Windows Server via a web-based interface. Once installed, you can access PowerShell from any device, even from your Samsung Galaxy or iPhone. Cool stuff, ha? Security concerns? Yes, but that doesn’t mean that we should not deal with it. It depends on how you handle it. Ok, let’s start.
In my article Windows Server 2012/2016: Installing and Configuring PowerShell Web Access (PSWA) I described hot to setup PSWA on a Windows Server 2016. Now I am going to do the same on a virtual machine running in Azure. The motto is: Connect from everywhere, every time with any device.
Installing PowerShell Web Access on an Azure VM
At the beginning we have to install PowerShell Web Access. Login to your Azure Portal and click on Virtual Machines. Select your VM, right click and select Connect. Important note: If the button is grayed out, then you have to enable Remote Desktop in the Network Security Group (Inbound Rules) which I’ve described here: Microsoft Azure: How to create an Azure VM and connect via Remote Desktop. Let’s move on.
In your Azure Remote Desktop Session open Windows PowerShell. Enter the three lines below to install PowerShell Web Access.
Install-Windowsfeature WindowsPowerShellWebaccess -IncludeManagementTools
In this scenario the system should create a certificate. Note, that it will expire in 90 days.
Finally we have to create an authorization rule.
Add-PswaAuthorizationRule -UserName * -ComputerName * -ConfigurationName *
* means access from any user and computer. In this article I keep it simple. In a real environment I would recommend to restrict access allowing only trustworthy users and computer to access PowerShell Web Access.
That’s it. Our next step is to create an Inbound Rule to allow access to PowerShell Web Access which means we have to allow https (443).
Create an Azure Inbound Rule for HTTPS
Access to PSWA is established via HTTPS. Therefore – if not already configured – we have to allow HTTPS access.
Go back to your Azure Portal. On the dashboard click on your Network Security Group.
Click Inbound Security Rules and Add.
Allow port 443. Take care of Source and Destination. In my scenario I will keep it simple. In a production environment you should think about who should be allowed to connect. You can restrict to specific IP-Addresses.
Ok, we are done. Click OK.
Connect to your PowerShell Web Access Session
Open whatever browser you want. Type
Provide your username, password and the name of the server you want to connect to.
If everything worked out, you’re in!
It’s obvious that it doesn’t matter what kind of browser or device you use. Well then, now you could take your smartphone or iPad and establish a connection to your server. PowerShell welcome to my iPad!
To add a little bit of variety to my blog posts full of codes, today a photo of my sid-500 work place where I write my articles. Note the IPad. It’s running PowerShell 5.1 😉 Ok, ok not really, but a little bit …
Have a nice weekend!