Enter-PSsession: Run PowerShell Remote Commands

Enter-PSsession is an important PowerShell cmdlet that allows admins to create connections to remote computers or servers and is a great way to administer these remotely. Let’s get a good overview of Enter-PSsession and see how you can use it.

What is Enter-PSSession?

Enter-PSSession is a cmdlet that initiates an interactive session with a remote system. It uses the Windows Remote Management (WinRM) service to connect with the target remote computer.

A sysadmin might use their user account to execute commands on a Windows Server using the Enter-PSsession cmdlet as this allows them to execute PowerShell commands as if they were in the console of the server.

To run the command at the PS C prompt:

Enter-PSSession

As you can see below, it will prompt you for the computer name you want to connect to for remote PowerShell commands.

Starting a new pssession

To start a session, you would usually use the Enter-PSSession ComputerName command, where ComputerName is the name or IP address of the remote server. The command prompt changes with a successful connection, and you will see the name of the remote computer in the prompt

Enter-PSSession mycomputer.domain.com

If the command fails and an error message displays, you need to make sure that the WinRM service is running on the local and remote computers and that the Windows Firewall allows the connection request. You can make sure the WinRM service is enabled by running the Enable-PSRemoting command in the PowerShell console.

Enabling PowerShell remote management.

Taking Advantage of New-PSSession

New-PSSession is another cmdlet you will use along with the Enter-PSSession cmdlet. It creates one or more PowerShell sessions (PSSessions) on a local or remote computer. With the New-PSSession command, you can create connections that are persistent, and this allows for multiple commands to be executed in the session.

For an example, a user might create a session on a remote server with New-PSSession, perform various tasks during the interactive session, then exit with Exit-PSSession, and then the session will be left for use. The New-PSSession command lets you to manage multiple remote computers at the same time.

Making the Most of Invoke-Command

The Enter-PSSession command is perfect for one-off sessions, and the Invoke-Command cmdlet is the go-to command for commands on multiple remote computers. It enables you to run a command or script on a local or remote computer. Invoke-Command will be will allow you to run commands if you need to execute the same set of commands on several remote servers.

Invoke-Command

PowerShell Remoting and Session Configurations

PowerShell remoting leans on the WinRM service, which uses the WS-Management protocol. Usually, this service is tuned into port 5985 for HTTP connections and port 5986 for HTTPS ones. If you need to use a different port, you can change the Port parameter in your commands.

Session configuration is another critical aspect to consider. A session configuration is a group of settings defining the PowerShell sessions’ environment. This includes which user accounts can connect, which commands they can run, and various other preferences.

Ensuring Security in PowerShell Remoting

PowerShell remoting is secure. It uses the WinRM service, which itself relies on the Secure Sockets Layer (SSL) for an HTTPS connection. The WinRM service encrypts all PowerShell remoting traffic. But what if your remote server only supports an HTTP connection? In that case, you can use a digital public key certificate to encrypt credentials and any other important data.

If you’re managing remote machines, remember you’re responsible for remote access. Ensure your user account has the right privileges to execute commands on the remote server.

Configuring the WinRM Service and Permissions

WinRM service is key to PowerShell remoting. Before you start remote sessions with Enter-PSSession, you need to make sure that the WinRM service is set up correctly and that the remote computer has the right permissions.

Enabling the WinRM Service

The first step to configure the WinRM service is to enable it. On the remote computer, open the PowerShell console as an administrator and run the following command:

Enable-PSRemoting -Force

This command starts the WinRM service and sets it to start automatically with the system. It also configures the Windows Firewall to allow the necessary connections.

Setting up HTTPS Transport

For secure remote sessions with HTTPS, you need to get the WinRM service ready for secure connections. This means installing a server authentication certificate on the remote computer. With the certificate set, you then run the following command:

winrm quickconfig -transport:https

This command configures WinRM to use the HTTPS transport and sets the default port to 5986.

Setting up WinRM Permissions

To grant a user account permission to access a remote computer through PowerShell remoting, you need to add the user to the remote computer’s local Remote Management Users group. Open a command prompt on the remote computer as an administrator and run the following command, replacing <username> with the name of the user account:

net localgroup "Remote Management Users" /add <username>

Adjusting Session Configurations

Session configurations define the environment for a PowerShell session. To change the session configuration, you can use the Set-PSSessionConfiguration cmdlet. For example, the following command allows up to 100 concurrent connections from a single user:

Set-PSSessionConfiguration -Name Microsoft.PowerShell -MaximumReceivedDataSizePerCommandMB 100

By correctly configuring the WinRM service and permissions, you can ensure that your PowerShell remoting sessions function as expected. Remember, always carefully manage these settings to avoid potential security risks.

Enter-PSSession: Domain vs. Non-domain Joined

When working with PowerShell remoting, the context of your environment plays a crucial role in your operations. Specifically, whether your computers are domain-joined or non-domain-joined can significantly influence your usage of Enter-PSSession.

Domain-Joined Computers

In a domain environment, where the remote server and the local computer belong to the same Active Directory (AD) domain or trusting domains, setting up PowerShell remoting with Enter-PSSession is relatively straightforward. The cmdlet leverages the security infrastructure of the domain, allowing for secure credential passing and easier management.

You initiate an interactive session with a domain-joined remote computer using the Enter-PSSession ComputerName command, where ComputerName is the remote server’s fully qualified domain name (FQDN). A successful connection request leads to an interactive session, allowing the execution of multiple commands on the remote system.

If you’re working with multiple domain-joined computers, you can execute the same command across all machines simultaneously with Invoke-Command.

Non-Domain Joined Computers

Managing non-domain joined (workgroup) computers presents a different set of challenges. Without the domain infrastructure, the Enter-PSSession command might encounter authentication issues since the credential parameter doesn’t have a common authority for verification.

To establish a PowerShell remoting session with a non-domain joined computer, the WinRM service on the remote machine should be configured to allow connections from a user account on the local machine. This configuration is done by adding the local machine’s user account to the remote computer’s list of trusted hosts.

This process can involve editing the WinRM service’s settings directly or adjusting the Windows Firewall to allow the necessary traffic. Once completed, you can start an interactive session using the Enter-PSSession cmdlet, just like with a domain-joined computer.

Troubleshooting Common Errors

You might encounter an error message or two during your journey with PowerShell remoting. The error could be anything from a network port issue to the WinRM service not being enabled. Understanding these common errors and how to troubleshoot them is vital for any PowerShell user.

One common issue is the following error message: The WinRM client cannot process the request when running Enter-PSSession. This error usually means the remote computer is not set up for PowerShell remoting. Running Enable-PSRemoting in PowerShell as an administrator on the remote computer often resolves the issue.

Disconnecting and Ending Sessions

After establishing an interactive session with Enter-PSSession, you may want to disconnect instead of terminating the session, especially if you plan to reenter the session later. The Disconnect-PSSession cmdlet allows you to do this. When you’re ready to reestablish the connection, use Connect-PSSession.

To end a session, use the Exit-PSSession cmdlet. This terminates the interactive session and returns you to the local PowerShell session.

Basic Enter-PSSession Commands

Learning the basics of Enter-PSSession is the first step toward effective PowerShell remoting. Here are some fundamental commands you can use:

Starting a Session

To start an interactive session with a remote computer, you use the Enter-PSSession cmdlet followed by the -ComputerName parameter and the name of the computer you want to connect to.

Enter-PSSession -ComputerName Server01

Using a Different Port

If you’re connecting to a remote computer through an alternate port setting, specify the port number using the -Port parameter.

Enter-PSSession -ComputerName Server01 -Port 5986

Connecting Using Credentials

The- Credential parameter allows you to specify a username if you need to connect to a remote computer using a different user account.

$cred = Get-Credential Enter-PSSession -ComputerName Server01 -Credential $cred

The Get-Credential cmdlet prompts you for the username and password.

Connecting Using a Session

Instead of connecting to a remote computer directly, you can connect to a session on the remote computer using the -Session parameter.

$sess = New-PSSession -ComputerName Server01 Enter-PSSession -Session $sess

Exiting a Session

When you’re done with your tasks on the remote computer, you can use the Exit-PSSession cmdlet to terminate the session.

Exit-PSSession

Running Commands

Once inside an Enter-PSSession interactive session, you can execute any PowerShell command as if you’re on the remote computer. For instance:

Get-Process

The command above retrieves the list of running processes on the remote computer.

By familiarizing yourself with these basic Enter-PSSession commands, you’re well on your way to leveraging the power of PowerShell remoting in your administrative tasks.

What have we learned with PSSession?

PowerShell remoting uses commands like Enter-PSSession, New-PSSession, and Invoke-Command to help manage remote computers more effectively. Once you know how to use these commands and fix common problems, you’re on your way to mastering PowerShell remoting. Just make sure to stay safe, by checking user accounts and keeping sensitive data transfers secure.

Other posts you may like

• Windows Server Core 2019 Management Fundamentals
• Access local drives in an RDP session
• Basic Windows Server Automation with Ansible
• Logging off remote desktop kills user processes
• Fix WinRM Negotiate Authentication Error