Using Powershell to manage Windows

Published by

Posted on November 07, 2014

Issue : We had a user using the max clients for Remote Desktop and was locking himself out. The issue we had was we were not able to remotely log into the server due to the max clients. Without KVM being setup , we had to get the server hard reset. This overtime can cause hardware problem without properly shutting down the server.

Solution: Being a advocate for Linux, I found that Windows has a enhance CLI called PowerShell . I was amazed after reading the documentation on technet that Powershell had a remote cmdlet. This will allow you to open a remote session to another system and manage it. With this option we are able to restart terminal service via the command line. This will free up the used cals. Below are some of the 10 min steps I used to get this up and running. I will post more Powershell commands as I come across them.

Local Machine setup:
Open Powershell as an admin user
Enable-PSRemoting -Force
winrm s winrm/config/client ‘@{TrustedHosts=”host”}’ – Set the hostname on both systems
Restart-Service WinRM

Remote Machine setup:
Open Powershell as an admin user
Run Enable-PSRemoting -Force
open ports HTTP = 5985 and HTTPS = 5986
winrm s winrm/config/client ‘@{TrustedHosts=”host”}’ – Set the hostname on both systems
Restart-Service WinRM

Testing
run Test-WsMan -ComputerName host < on the local machine to test the setup>

Validation
Check the trusted host variable has been set
winrm get winrm/config/client

Issues:
I was receiving access denied errors on the remote server. This was due to the way the second admin user was setup. So thanks to http://www.shirmanov.com/2011/04/winrm-access-is-denied-on-local.html I had to run the following registry change to correct the issue reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v LocalAccountTokenFilterPolicy /t REG_DWORD /d 1 /f

Running commands
Invoke-Command -ComputerName COMPUTER -ScriptBlock { COMMAND } -credential USERNAME

Connect to the remote system
Enter-PSSession -ComputerName COMPUTER -Credential USER

Resources
http://docs.nimsoft.com/prodhelp/en_US/Probes/Catalog/xendesktop/1.0/index.htm?toc.htm?2096344.html

http://blogs.msdn.com/b/wmi/archive/2009/07/22/new-default-ports-for-ws-management-and-powershell-remoting.aspx

Categories: Windows

Tags: