SID-500.COM

Home » Azure » Microsoft Azure: Connect to your VM from everywhere, any time and from every device with PowerShell Web Access

Microsoft Azure: Connect to your VM from everywhere, any time and from every device with PowerShell Web Access

Administering your Azure VM on your Samsung Galaxy or iPhone? Introduced with Windows Server 2012, PowerShell Web Access is a new Windows Server feature which enables you to administer your Windows Server via a web-based interface. Once installed, you can access PowerShell from any device, even from your Samsung Galaxy or iPhone. Cool stuff, ha?  Security concerns? Yes, but that doesn’t mean that we should not deal with it. It depends on how you handle it. Ok, let’s start.

In my article Windows Server 2012/2016: Installing and Configuring PowerShell Web Access (PSWA) I described hot to setup PSWA on a Windows Server 2016.  Now I am going to do the same on a virtual machine running in Azure. The motto is: Connect from everywhere, every time with any device.

Installing PowerShell Web Access on an Azure VM

At the beginning we have to install PowerShell Web Access. Login to your Azure Portal and click on Virtual Machines. Select your VM, right click and select Connect. Important note: If the button is grayed out, then you have to enable Remote Desktop in the Network Security Group (Inbound Rules) which I’ve described here: Microsoft Azure: How to create an Azure VM and connect via Remote Desktop. Let’s move on.

In your Azure Remote Desktop Session open Windows PowerShell. Enter the three lines below to install PowerShell Web Access.

Install-Windowsfeature WindowsPowerShellWebaccess -IncludeManagementTools

1.PNG

In this scenario the system should create a certificate. Note, that it will expire in 90 days.

Install-PswaWebApplication -UseTestCertificate

2.PNG

Finally we have to create an authorization rule.

Add-PswaAuthorizationRule -UserName * -ComputerName * -ConfigurationName *

1.PNG

* means access from any user and computer. In this article I keep it simple. In a real environment I would recommend to restrict access allowing only trustworthy users and computer to access PowerShell Web Access.

That’s it. Our next step is to create an Inbound Rule to allow access to PowerShell Web Access which means we have to allow https (443).

Create an Azure Inbound Rule for HTTPS

Access to PSWA is established via HTTPS. Therefore – if not already configured – we have to allow HTTPS access.

Go back to your Azure Portal. On the dashboard click on your Network Security Group.

4.PNG

Click Inbound Security Rules and Add.

5.PNG

Allow port 443. Take care of Source and Destination. In my scenario I will keep it simple. In a production environment you should think about who should be allowed to connect. You can restrict to specific IP-Addresses.

6.PNG

Ok, we are done. Click OK.

Connect to your PowerShell Web Access Session

Open whatever browser you want. Type

https://servername/pswa or

https://IPAddress/pswa.

Unbenannt.PNG

Provide your username, password and the name of the server you want to connect to.

Unbenannt.PNG

If everything worked out, you’re in!

Unbenannt.PNG

It’s obvious that it doesn’t matter what kind of browser or device you use. Well then, now you could take your smartphone or iPad and establish a connection to your server. PowerShell welcome to my iPad!

IMG_0090.PNG

To add a little bit of variety to my blog posts full of codes, today a photo of my sid-500 work place where I write my articles. Note the IPad. It’s running PowerShell 5.1 😉 Ok, ok not really, but a little bit …

Unbenannt.PNG

Have a nice weekend!


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

GET-AUTHOR

My name is Patrick Grünauer. Microsoft MVP. I am from Austria. On sid-500 I write about Windows, Cisco and IT-Security in English and German. Have fun while reading!

Categories

Patrick Gruenauer
Follow SID-500.COM on WordPress.com