PowerShell remoting

PowerShell remoting must be every administrators favourite feature. The fact that you can connect to to multiple machines and get your tasks done just makes life so much easier.

PowerShell remoting originally appeared in PowerShell v2. In v1 Get-WMIObject was the only cmdlet capable of connecting to a remote machine. Remoting used WSMAN for inter-machine connectivity. This has advantages and disadvantages. The advantages are that its router friendly the disadvantage that PowerShell remoting over WSMAN ties authentication to the Kerberos protocol used in Active Directory. This means that remoting is easy within the domain but become harder to work with outside of the domain environment. You should use certificates for authentication outside the domain. There are other ways but you should use certificates for WSMAN remoting authentication outside the domain.

Windows PowerShell v3-v5.1 saw many cmdlets have a computername parameter added – for instance the Process and Service cmdlets. In these cases DCOM/RPC is used for the connectivity. This can have problems with routers and firewalls. Individual cmdlet remoting has been removed in PowerShell v6/v7 so isn’t recommended.

PowerShell v6 saw the introduction of SSH based remoting for connecting to non-Windows machines – it also works Windows to Windows. WSMAN is available on Linux but isn’t fully supported and isn’t recommended. SSH isn’t easy to set up. Its getting better but still not as straight forward as WSMAN. Use SSH remoting for Windows – Linux. SSH is also great in a non-domain scenario.

Windows 10 / Server 2016 saw the introduction of PowerShell Direct (Windows PowerShell and PowerShell core both support PowerShell Direct). If your local machine is the Hyper-V host you can remote over the VMbus to virtual Windows machines on the host.

Lots of options for remoting. Recommendations:

Windows-Windows within the domain – use WSMAN

Windows-Linux (or vice versa) or Windows to Windows outside the domain use SSH

If your on the Hyper-V host use PowerShell direct for Windows VMs

This entry was posted in Powershell. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s