WINRM – Windows CMD Command
Notice: A non well formed numeric value encountered in /home/future4tech/public_html/wp-content/plugins/crayon-syntax-highlighter/crayon_formatter.class.php on line 118
Notice: A non well formed numeric value encountered in /home/future4tech/public_html/wp-content/plugins/crayon-syntax-highlighter/crayon_formatter.class.php on line 119
Windows Remote Management
Secure communication with local and remote computers using web services.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 |
Syntax winrm g[et] | s[et] | c[reate] | d[elete] | e[numerate] | i[nvoke] | id[entify] | quickconfig | configSDDL | helpmsg Retrieve instances of RESOURCE_URI: winrm get RESOURCE_URI [-SWITCH:VALUE [-SWITCH:VALUE] ...] winrm get winrm/config winrm get winrm/config/client winrm get winrm/config/service Modify settings in RESOURCE_URI: winrm set RESOURCE_URI [-SWITCH:VALUE [-SWITCH:VALUE] ...] [@{KEY="VALUE"[;KEY="VALUE"]}] [-file:VALUE] Spawn an instance of RESOURCE_URI: winrm create RESOURCE_URI [-SWITCH:VALUE [-SWITCH:VALUE] ...] [@{KEY="VALUE"[;KEY="VALUE"]}] [-file:VALUE] Control remote access to WinRM resources, launch a GUI to edit security settings. winrm configsddl RESOURCE_URI Enable this machine for remote management. winrm quickconfig [-quiet] [-transport:VALUE] This will start the WinRM service, set the service to auto start, create a listener and enable an http firewall exception for WS-Management traffic -q[uiet] Don’t prompt for confirmation. -transport:VALUE Perform quickconfig for either http or https. Default = http. List instances of RESOURCE_URI: winrm enumerate RESOURCE_URI [-ReturnType:Value] [-Shallow] [-BasePropertiesOnly] [-SWITCH:VALUE [-SWITCH:VALUE] ...] Remove an instance of RESOURCE_URI: winrm delete RESOURCE_URI [-SWITCH:VALUE [-SWITCH:VALUE] ...] Execute method specified by ACTION on target object specified by RESOURCE_URI winrm invoke ACTION RESOURCE_URI [-SWITCH:VALUE [-SWITCH:VALUE] ...] [@{KEY="VALUE"[;KEY="VALUE"]}] [-file:VALUE] Display error message associate with the error code. winrm helpmsg errorcode Key -a[uthentication]:VALUE The authentication mechanism to use when communicating with the remote machine. -defaultCreds Allow implicit credentials when Negotiate is used. Remote HTTPS operations for trusted machines. -dialect:VALUE Dialect of the filter expression for enumeration or fragment. Example: Use a WQL query -dialect Example: Use XPATH for filtering with enumeration or fragment get/set. -encoding:VALUE The encoding type when talking to remote machine (see -remote). Possible options are "utf-8" (the default) or "utf-16". -f[ormat]:FORMAT The format of output. FORMAT can be "xml", "pretty" (better formatted XML), or "text". -r[emote]:VALUE Specify the identifier of a remote endpoint/system. This can be a simple host name or a complete URL. -skipCAcheck The certificate issuer need not be a trusted root authority. Remote HTTPS operations for trusted machines. -skipCNcheck The certificate common name (CN) of the server need not match the hostname of the server. HTTPS operations for trusted machines. -skipRevocationcheck Do not check the revocation status of the server certificate. Remote HTTPS operations for trusted machines. -SPNPort Append port number to the Service Principal Name (SPN) of the remote server. Service principal name is used when Negotiate or Kerberos authentication mechanism is in use. -timeout:MS Timeout in milliseconds. Limits duration of corresponding operation. Default timeout can be configured by: winrm set winrm/config @{MaxTimeoutms="XXXXXX"} Where XXXXXX is an integer indicating milliseconds. -file:VALUE @{KEY="VALUE"[;KEY="VALUE"]} Input from an XML file or via key/value pairs. Applies to set, create, and invoke operations -fragment:VALUE Specify a section inside the instance XML that is to be updated or retrieved for the given operation. Example: Get the status of the spooler service winrm get wmicimv2/Win32_Service?name=spooler -fragment:Status/text() -options:{KEY="VALUE"[;KEY="VALUE"]} Key/value pairs for provider-specific options. Example: -options:{key1="value1";key2=$null} |
WinRM is the Microsoft implementation of WS-Management Protocol, a standard Simple Object Access Protocol (SOAP)-based, firewall-friendly protocol that allows hardware and operating systems, from different vendors, to interoperate.
To improve security, WinRM 2.0 uses HTTP/HTTPS ports 5985/5986 by default.
If the computer name is passed using r:<Computername> , then the default client port will be used (by default, 5985/5986).
If the computer name is passed as a URI, such as r:https://Mycomputer/wsman, then the IE default ports will be used (ports 80/443 by default).
Files:
C:\WINDOWS\system32\winrm.vbs
Examples
Configure Windows Remote Management on the server (DemoServer2), run this from an elevated CMD (or powershell) prompt:C:\> winrm quickconfig
On a client you can then open a remote shell connected to DemoServer2 with:
winrs -r:DemoServer2 cmd
Retrieve current configuration in XML format:
winrm get winrm/config -format:pretty
Retrieve spooler instance of Win32_Service class:
winrm get wmicimv2/Win32_Service?Name=spooler
Modify a configuration property of WinRM:winrm set winrm/config @{MaxEnvelopeSizekb="100"}
Disable a listener on this machine:winrm set winrm/config/Listener?Address=*+Transport=HTTPS @{Enabled="false"}
Add remote machine to the trusted hosts list (used if your computers aren’t on a domain):winrm set winrm/config/client '@{TrustedHosts="workstation64,server1"}'
Create instance of HTTP Listener on IPv6 address:winrm create winrm/config/Listener?Address=IP:3ffe:8311:ffff:f2c1::5e61+Transport=HTTP
Delete the HTTP listener on this machine for given IP address:winrm delete winrm/config/Listener?Address=IP:192.168.2.1+Transport=HTTP
Call StartService method on Spooler service:winrm invoke StartService wmicimv2/Win32_Service?Name=spooler
Call Create method of Win32_Process class with specified parameters:winrm invoke Create wmicimv2/Win32_Process @{CommandLine="notepad.exe";CurrentDirectory="C:\"}
Display error message associated with the error code 0x5:winrm helpmsg 0x5