To start your own learning check out Microsoft Virtual Academy:
(http://www.microsoftvirtualacademy.com/training-courses/getting-started-with-powershell-3-0-jump-start?o=3276#?fbid=aVs9FfAH2DJ)
(rewritten based on my notes available here: https://drive.google.com/file/d/0B1fwreWrAZioQ28xTmx0d29HUzQ/edit?usp=sharing)
Module 6 "The PowerShell in the shell: remoting" consists of 3 video segments totaling ≈ 55 minutes along with a PowerPoint of 11 slides.
Overview:
- Remoting
- Security
- Enabling Remoting
- Remoting
- One-to-One
- One-to-Many
- PowerShell via web
Security
To start lets get the security stuff out of the way. PowerShell uses Kerboros to encrypt all transmissions from the terminal to the remote system. It can be further secured with the use of SSL. This allows for easier firewall management as it uses a single port.
Enable Remoting
Two ways to enable PowerShell remoting. First is to log on to each server/system and execute:
Enabling Remoting
This is time and energy consuming. The second way is more efficient and that is with use of GPOs. Check out the links below for more details:
How To Enable Powershell Remoting - Spiceworks - Martin9700
http://community.spiceworks.com/how_to/show/18512-how-to-enable-powershell-remoting
Enable and configure Windows PowerShell Remoting using Group Policy - blog.powershell.no
http://blog.powershell.no/2010/03/04/enable-and-configure-windows-powershell-remoting-using-group-policy/
Remoting
Once you have enabled PowerShell Remoting there are two ways to manage systems: one-to-one and one-to-many. As you may guess that is control system to remote systems. Depending on how many systems you are controlling will impact the way PowerShell interacts with them. Remember when remoting the work is completed on remote system and not on local/management system.
One-to-One
This process allows you to interact with the remote system similar to being directly logged on. To access remote system use:
Enter-PSSession -ComputerName [computername]
Example:
Enter-PSSession -ComputerName DC
Once you have access to the system you PowerShell prompt will change to resemble following: [computername]: PS C:\>. You can now run cmdlets as you would on local system. This is handy if you need full access to a system can't access directly.
One-to-Many
This process accesses multiple systems and returns results as objects. To execute use the following:
Invoke-Command -ComputerName [computernames seperated by comma] {cmdlet}
Example:
Invoke-Command -ComputerName dc,dc1 {Get-EventLog -LogName System -new 3}
PowerShell via web
Want to or need the ability to access PowerShell via the web? How about from mobile devices? Well they thought of this and have provided a solution for version 3 and higher.
To accomplish this we will install Windows PowerShell Web Access (pswa). This consists of roughly three commands to complete. It will install IIS and .Net 4.5 if not already installed. To start we first run:
Once completed you (and firewall configured correctly) you can browse to your new IIS site and access PowerShell through HTTPS.
Resources mentioned in module:
Secrets of PowerShell: Remoting
https://github.com/PowerShellOrg/ebooks/tree/master/Remoting
To accomplish this we will install Windows PowerShell Web Access (pswa). This consists of roughly three commands to complete. It will install IIS and .Net 4.5 if not already installed. To start we first run:
Install-WindowsFeature WindowsPowerShellWebAccess(Installs IIS and .Net 4.5)
Install-PSWAWebApplication(Sets up and cinfigures IIS for pswa)
Add-PSWAAuthrizationRule -ComputerName [name] -username [users] -configurations(More details available here:http://technet.microsoft.com/en-us/library/jj592890.aspx)
Once completed you (and firewall configured correctly) you can browse to your new IIS site and access PowerShell through HTTPS.
Resources mentioned in module:
Secrets of PowerShell: Remoting
No comments:
Post a Comment