Monday, January 6, 2014

Microsoft Virtual Academy: PowerShell M06

Well it has been a hectic holiday period but back to work, I am behind on getting my notes converted into posts.  We should be finishing up this series by the end of Jan.

To start your own learning check out Microsoft Virtual Academy:
(http://www.microsoftvirtualacademy.com/training-courses/getting-started-with-powershell-3-0-jump-start?o=3276#?fbid=aVs9FfAH2DJ)
(rewritten based on my notes available here: https://drive.google.com/file/d/0B1fwreWrAZioQ28xTmx0d29HUzQ/edit?usp=sharing)

Module 6 "The PowerShell in the shell: remoting" consists of 3 video segments totaling ≈ 55 minutes along with a PowerPoint of 11 slides.

Overview:
  • Remoting
    • Security
    • Enabling Remoting
    • Remoting
      • One-to-One
      • One-to-Many
  • PowerShell via web
Security

    To start lets get the security stuff out of the way.  PowerShell uses Kerboros to encrypt all transmissions from the terminal to the remote system. It can be further secured with the use of SSL.  This allows for easier firewall management as it uses a single port.  

Enable Remoting

    Two ways to enable PowerShell remoting.  First is to log on to each server/system and execute:

Enabling Remoting

   This is time and energy consuming.  The second way is more efficient and that is with use of GPOs.  Check out the links below for more details:

How To Enable Powershell Remoting - Spiceworks - Martin9700
      http://community.spiceworks.com/how_to/show/18512-how-to-enable-powershell-remoting


Enable and configure Windows PowerShell Remoting using Group Policy - blog.powershell.no
     http://blog.powershell.no/2010/03/04/enable-and-configure-windows-powershell-remoting-using-group-policy/

Remoting

    Once you have enabled PowerShell Remoting there are two ways to manage systems: one-to-one and one-to-many. As you may guess that is control system to remote systems.  Depending on how many systems you are controlling will impact the way PowerShell interacts with them.  Remember when remoting the work is completed on remote system and not on local/management system.

One-to-One
   This process allows you to interact with the remote system similar to being directly logged on. To access remote system use:

Enter-PSSession -ComputerName [computername]

Example:
Enter-PSSession -ComputerName DC


Once you have access to the system you PowerShell prompt will change to resemble following: [computername]: PS C:\>.  You can now run cmdlets as you would on local system.  This is handy if you need full access to a system can't access directly.

One-to-Many
   This process accesses multiple systems and returns results as objects.  To execute use the following:
      
Invoke-Command -ComputerName [computernames seperated by comma] {cmdlet} 

Example:
Invoke-Command -ComputerName dc,dc1 {Get-EventLog -LogName System  -new 3}



PowerShell via web
   Want to or need the ability to access PowerShell via the web?  How about from mobile devices?  Well they thought of this and have provided a solution for version 3 and higher.

   To accomplish this we will install Windows PowerShell Web Access (pswa).  This consists of roughly three commands to complete.   It will install IIS and .Net 4.5 if not already installed.  To start we first run:

Install-WindowsFeature WindowsPowerShellWebAccess
         (Installs IIS and .Net 4.5)

Install-PSWAWebApplication
          (Sets up and cinfigures IIS for pswa)

Add-PSWAAuthrizationRule -ComputerName [name] -username [users] -configurations
          (More details available here:http://technet.microsoft.com/en-us/library/jj592890.aspx)

   Once completed you (and firewall configured correctly) you can browse to your new IIS site and access PowerShell through HTTPS.

Resources mentioned in module:
   Secrets of PowerShell: Remoting
       https://github.com/PowerShellOrg/ebooks/tree/master/Remoting

No comments:

Post a Comment