How to enable PowerShell remoting to execute tasks remotely in SharePoint


Here’s a quick and short summary on enabling PowerShell Remoting(PSRemoting) so you can perform SharePoint administration by using powershell to run SharePoint commands on a SharePoint server from your local laptop or workstation.

Consider an environment with SharePoint server XYZ.contoso.com

Server-side Steps:

On server XYZ.contoso.com, open Windows powershell and run the following commands:

 $computer = “XYZ”

winrm quickconfig 

Enable-WSManCredSSP -Role Server 

Connect-WSMan -ComputerName $computer

Set-Item “WSMAN:\$computer\service\auth\credssp” -Value $true

 

Client-side Steps:

Enable Windows Remoting and CredSSP

On the local workstation or laptop from where you want to connect to the server XYZ, open Windows powershell and run the following commands:

winrm quickconfig

Enable-WSManCredSSP -Role client -DelegateComputer XYZ.contoso.com –Force

 

Enabling in registry

Open registry by going to Run ->  regedit. Add the following entry to registry:

Set-ItemProperty HKLM:\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults\AllowFreshCredentialsDomain -Name WSMan -Value “WSMAN/*.contoso.com”

Allowing Credential delegation via Group Policy

Now make following changes to Group Policy:

Go to Run -> gpedit.msc

Navigate to

Computer Configuration > Administrative Templates > System > Credentials Delegation

Double-click

Allow Delegating Fresh Credentials

Select               Enabled

Click                  Add servers to the list: Show

Add WSMAN/*contoso.com

Click                  OK

Click                  OK

Go to Run -> gpedit.msc

Navigate to

Computer Configuration > Administrative Templates > System > Credentials Delegation

Double-click

Allow Delegating Fresh Credentials with NTLM-only Server Authentication

Select               Enabled

Click                  Add servers to the list: Show

Add WSMAN/*contoso.com

Click                  OK

Click                  OK

GP

GP2

PS Remoting

Now we can test the powershell remote connection. On your local workstation where you enabled PS Remoting using the client side steps above, type:

Enter-PsSession -computer U1VMPRTNRPCS01.production.online.dell.com -Auth Credssp -Credential “domain\serviceaccount”

PSSession

You would see a popup window again prompting you for credentials. Once you enter, it should now change shell to XYZ.contoso.com. Enable SharePoint Snapin using:

 

[XYZ.contoso.com]: PS C:\WINDOWS\system32> Add-pssnapin microsoft.sharepoint.powershell

 

To test whether you can execute SharePoint commands, try any command like:

[XYZ.contoso.com]: PS C:\Users\<serviceaccount>\Documents> Get-SPSolution

PSSnapin

Now you can execute SharePoint commands using powershell. Once done just close the powershell window or type “exit” to return back to the shell of your machine.

Note: As a security practice disable Win remoting and Cred SSP on Production machines after use using following commands:

Disable-WSManCredSSP -Role Server

Set-Item “WSMAN:\$computer\service\auth\credssp” -Value $false

Happy PSRemoting!! 🙂

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s