Windows PowerShell is ubiquitous across the Microsoft ecosystem. You can configure both Windows and Windows Servers and use PowerShell to configure Microsoft Exchange, Microsoft Teams, Azure Active Directory, and more. Therefore, using Windows PowerShell to perform management tasks on both local and remote computers makes sense because you can transfer those skills to other management and administration situations.
Many cmdlets in Windows PowerShell can be used with a -ComputerName parameter; doing so makes using the command remotely no more complex than specifying the name of the computer you want to run the command against. For example, you can run the following command to determine the IP configuration of a computer named LON-CL1.
Get-NetIPConfiguration -computername LON-CL1
However, not all cmdlets accept the -ComputerName parameter, and for these, you must enable and configure Windows PowerShell remoting and effectively run the command on the device itself. Windows PowerShell remoting enables you to connect to one or several remote computers, execute one or more cmdlets or scripts on those remote computers, and return the results to your local computer.
Although Windows PowerShell remoting is enabled by default on Windows Server, you must manually enable it on Windows 11 and earlier versions of Windows. To do this, complete the following procedures:
If necessary, you will need to start the Windows Remote Management service. You must also enable Windows Remote Management through the Windows Defender Firewall.
You can do this by running the winrm quickconfig command at an elevated Command Prompt. When prompted, select Y and Enter twice, as shown in Figure 1-24.
FIGURE 1-24 Enabling Windows Remote Management
Note WinRM Quickconfig and the Public Network Location Profile
If one of your network connections is assigned the Public network location profile, this command fails, and you must manually configure the Windows Defender Firewall exceptions. Alternatively, you can run the enable- PSremoting -force cmdlet from an elevated Windows PowerShell window to enable Windows PowerShell remoting.
Windows Remote Management uses HTTP. By default, both Windows Remote Management and Windows PowerShell remoting uses TCP port 5985 for incoming unencrypted communications and TCP port 5986 for incoming encrypted communications.
Once you run the winrm quickconfig command, the WinRM service is switched on. The same effect can be achieved by issuing the Enable- PSRemoting –Force command. Note this is a one-time command; it will change the WinRM service startup type to automatic and add exceptions for WinRM ports (TCP 5985 and 5986) to the Microsoft Defender Firewall’s list of exceptions.
To check that the WinRM settings on the computer are configured correctly, run the command:
winrm e winrm/config/listener
The command displays the current WinRM listener settings and shows the service enabled, as shown in Figure 1-25. If you want to list the complete configuration of the WinRM service, you can use this command.
FIGURE 1-25 Checking WinRM Settings
winrm get winrm/config