Let’s see how it is possible to connect to the various Windows PCs connected in the local network from a single workstation that will act as an administration console.
Windows offers everything you need to check the status of PCs connected to the local network through the PowerShell window.
How to Manage PCs on the Local Network with PowerShell
And that systems need not be attested on the same domain and managed through Active Directory: the ability to manage the LAN connected PC Remote can also be used on machines belonging to the same workgroup ( workgroup ).
In this way, using your personal console, you will be able to check the configuration of the other PCs, the installed updates, change their operating parameters, run scripts, arrange for a restart and much more.
Before trying your hand at the systems you use in production, we suggest carrying out some tests using virtual machines connected to the local network as if they were physical systems ( Card setting with bridge in the case of the virtual network interface of the Virtualbox virtual machine ).
To manage the PCs in the local network remotely using only PowerShell the procedure is all in all quite simple but it is important to pay the utmost attention to each step.
We call servers the machines you want to configure via PowerShell: they can be Windows Server systems but also Windows 7, Windows 8.1 and Windows 10. With the term “server” we refer therefore simply to the machines that have to share their resources (they can therefore also be simple workstations).
To allow other PCs connected to the local network to connect to the Windows machine, simply type powershell in the search box of the operating system, right click on the Windows PowerShell item then select Run as administrator.
At this point, in the PowerShell window, you will need to type the following:
PowerShell will thus activate an HTTP server (in a future article we will see how to protect the flow of conversations using HTTPS) on the machine and configure the appropriate rules in Windows Firewall to accept incoming connections.
By default, the Windows firewall is configured to accept connection requests only and only on network interfaces configured as private or within a domain.
Typing Windows Firewall with advanced security in the operating system search box and then selecting Incoming connection rules , you will find the Windows Remote Management rules (HTTP-In) just enabled by PowerShell.
At this point the system administrator can use another Windows machine also connected to the local network to manage the previously configured servers.
To do this, just type Windows + R first , write services.msc to open the window of the services installed on the machine, search for Windows Remote Management (WS-Management) , click twice then choose Automatic (delayed start) as the Type of boot and finally click the Start button .
By opening a PowerShell window with administrator rights (as seen above), you will then have to type the following two commands:
WSMan Set-Item: \ localhost \ Client \ TrustedHosts -Value ” COMPUTER1, COMPUTER2, COMPUTER3 ” -Force
Enter-PSSession -ComputerName COMPUTER1 -Credential USERNAME
Instead of COMPUTER1, COMPUTER2, COMPUTER3 must be indicated, separated by commas, names or the private IP addresses of the PCs to be administered.
In the second command, instead of COMPUTER1 you must specify the system to which you want to connect while USERNAME must be replaced with an administrator account that exists on the server machine for which you know the corresponding password.
By typing in the password at the time of the request, after a few moments of waiting you will be prompted for the remote computer prompt. At this point, all the commands that will be given will be carried out on the remote machine connected to the local network: pay close attention.
With the cd and dir commands , for example, you can switch from one folder to another and check its contents.
Typing Get-HotFix will obtain the complete list of Microsoft updates present on the remote system; with Get-Service the list of services and their status; with Start-Job you can start a background task (for example a PowerShell script); with Restart-Computer -Force you can force the restart of the machine (with Stop-Computer -Force the shutdown).
Typing exit exits administration of the remote system.
Disable the Windows Remote Management Service on the client machine
In case, later, you want to disable the remote management service, just open a PowerShell prompt with administrative rights and use the following command:
Clear-Item -Path WSMan: \ localhost \ Client \ TrustedHosts -Force
Stop-Service WinRM -PassThru
Set-Service WinRM -StartupType Disabled -PassThru
The first command is optional and is used to delete all the hosts to which the connection has previously been authorized. You can avoid issuing this command (limiting yourself to the next two) in case you want to restart the Windows remote management service later to return to administering the server systems via PowerShell.
Completely uninstall the Windows Remote Management Service on the servers
Completely uninstalling the remote management service on server systems is slightly more tedious.
However, we have combined the commands to be issued from the open PowerShell window with administrator rights:
Remove-Item -Path WSMan: \ localhost \ listener \ listener * -Recurse
Stop-Service WinRM -PassThru
Set-Service WinRM – StartupType Disabled -PassThru
Set-NetFirewallRule -DisplayName ‘Windows Remote Management (HTTP-In)’ -Enabled False -PassThru | Select -Property DisplayName, Profile, Enabled
Set-ItemProperty -Path HKLM: \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ policies \ system -Name LocalAccountTokenFilterPolicy -Value 0