Start by exporting the registry keys on a known working computer. Use Regedit to export the following keys:
- HKLM\SOFTWARE\Policies\Microsoft\Windows\winrm\service
- HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN
Edit each of the exported .reg exported registry files and combine the key information. Your goal is copying this combined file into the target computers' c:\windows\system32 folder so it can be imported on that computer. Save the file into a network shared location.
Now we need to copy the file onto the target computer. It must go into the same folder as reg.exe -- which is the c:\windows\system32 folder. I unsuccessfully tried numerous ways of getting reg.exe to import via a network share. The only way it would work was to have the registry import file in the same location as the exe.
start-bitstransfer \\server\share\wsman.reg \\$computername\c$\windows\system32 -credential $creds
Next we call on the WinRM service to do our bidding. First we ask it to start reg.exe process to import the registry file then we'll restart the WinRM service.
invoke-wmimethod -name Create -enableallprivileges:$true -computername $ComputerName -credential $creds -Class Win32_Process -argumentlist "reg.exe import c:\windows\system32\wsman.reg"
invoke-wmimethod -name Create -enableallprivileges:$true -computername $ComputerName -credential $creds -Class Win32_Process -argumentlist "net stop WinRM"
invoke-wmimethod -name Create -enableallprivileges:$true -computername $ComputerName -credential $creds -Class Win32_Process -argumentlist "net start WinRM"
Now test your PSRemoting ability by using:
invoke-computer -computer $computer -credential $creds -scriptblock {get-date}
You've now enabled PSRemoting on the target computer.
No comments:
Post a Comment