How to PowerShell Remoting to non-domain Windows machines

Hey everyone!

Hope you are safe and doing great!

It might even be quite helpful to have the possibility to manage your machines remotely. When we talk about managing Windows machines you might be thinking about PowerShell remoting.

In this short guide, we will set up from scratch both - a client Windows machine and a server Windows machine for PowerShell remoting.

1. Setup a client Windows machine

1.1. Open PowerShell as Administrator
1.2. Setup the WinRM service

winrm quickconfig

1.3. Answer yes to all questions, it will help you with few things
1.3.1. Adding to autostart the WinRM on a machine boot

Start the WinRM service.
Set the WinRM service type to delayed auto start.

Make these changes [y/n]? y

1.3.2. Adding rules to a firewall

Enable the WinRM firewall exception.
Configure LocalAccountTokenFilterPolicy to grant administrative rights remotely to local users.

Make these changes [y/n]? y

1.4. Allow connecting to any PowerShell remoting server

winrm s winrm/config/client '@{TrustedHosts="*"}'

or

set winrm/config/client '@{TrustedHosts ="*"}'

2. Setup a server Windows machine

2.1. Open PowerShell as Administrator
2.2. Setup the WinRM service

winrm quickconfig

2.3. Answer yes to all questions, it will help you with few things
2.3.1. Adding to autostart the WinRM on a machine boot

Start the WinRM service.
Set the WinRM service type to delayed auto start.

Make these changes [y/n]? y

2.3.2. Adding rules to a firewall

Enable the WinRM firewall exception.
Configure LocalAccountTokenFilterPolicy to grant administrative rights remotely to local users.

Make these changes [y/n]? y

3. Connecting from a client to a server via PowerShell remoting

3.1. Open PowerShell
3.2. Establish the connection

Enter-PSSession $IPAddress -Credential $User

Replace:
$User within your server user
$IPAddress within your server IP address

Helpful Commands

1. Check WinRM listener service

winrm enumerate winrm/config/listener

2. Check WinRM services

winrm get winrm/config

3. Check WinRM service on a server via a client

Test-WSMan $IPAddress -Authentication Negotiate -Credential $User

4. Check network connectivity on a server via a client

Test-NetConnection $IPAddress -Port 5985

5. Establish connections to multiple servers

$multiSession = New-PSSession -ComputerName RemoteDevice1, RemoteDevice2, RemoteDevice3 -Credential $User

6. Store credentials in the variable and use it

$credentials = Get-Credential
Enter-PSSession $IPAddresses -Credential $credentials

7. Specify which PowerShell version to use on a server, for example version 7

 -ConfigurationName PowerShell.7

You are awesome!

That is it. Hope this short guide helped you and saved your time for the best.

Thank you for reading and see you soon.