WINRM

Windows Remote Management

Secure communication with local and remote computers using web services.

Syntax
      winrm g[et] | s[et] | c[reate] | d[elete] | e[numerate] | 
            i[nvoke] |  id[entify] | quickconfig |  configSDDL |  helpmsg

   Retrieve instances of RESOURCE_URI:
      winrm get RESOURCE_URI [-SWITCH:VALUE [-SWITCH:VALUE] ...]

      winrm get winrm/config
      winrm get winrm/config/client
      winrm get winrm/config/service

   Modify settings in RESOURCE_URI: 
      winrm set RESOURCE_URI [-SWITCH:VALUE [-SWITCH:VALUE] ...]
         [@{KEY="VALUE"[;KEY="VALUE"]}]
            [-file:VALUE]

   Spawn an instance of RESOURCE_URI:
      winrm create RESOURCE_URI [-SWITCH:VALUE [-SWITCH:VALUE] ...]
         [@{KEY="VALUE"[;KEY="VALUE"]}]
            [-file:VALUE]

   Control remote access to WinRM resources, launch a GUI to edit security settings.
      winrm configsddl RESOURCE_URI

   Enable this machine for remote management.
      winrm quickconfig [-quiet] [-transport:VALUE]

      This will start the WinRM service, set the service to auto start, create
      a listener and enable an http firewall exception for WS-Management traffic

       -q[uiet]          Don’t prompt for confirmation.

       -transport:VALUE  Perform quickconfig for either http or https.  Default = http.

   List instances of RESOURCE_URI:
      winrm enumerate RESOURCE_URI [-ReturnType:Value] [-Shallow]
         [-BasePropertiesOnly] [-SWITCH:VALUE [-SWITCH:VALUE] ...]

   Remove an instance of RESOURCE_URI:
      winrm delete RESOURCE_URI [-SWITCH:VALUE [-SWITCH:VALUE] ...]

   Execute method specified by ACTION on target object specified by RESOURCE_URI
      winrm invoke ACTION RESOURCE_URI [-SWITCH:VALUE [-SWITCH:VALUE] ...]
         [@{KEY="VALUE"[;KEY="VALUE"]}]
            [-file:VALUE]

   Display error message associate with the error code.
      winrm helpmsg errorcode

Key

   -a[uthentication]:VALUE
                    The authentication mechanism to use when communicating
                    with the remote machine.

   -defaultCreds    Allow implicit credentials when Negotiate is used.
                    Remote HTTPS operations for trusted machines.

   -dialect:VALUE   Dialect of the filter expression for enumeration or fragment.
                    Example: Use a WQL query
                      -dialect:http://schemas.microsoft.com/wbem/wsman/1/WQL
                    Example: Use XPATH for filtering with enumeration or fragment get/set.
                      -dialect:https://www.w3.org/TR/1999/REC-xpath-19991116

   -encoding:VALUE  The encoding type when talking to remote machine (see -remote).
                    Possible options are "utf-8" (the default) or "utf-16".

   -f[ormat]:FORMAT The format of output. FORMAT can be "xml",
                    "pretty" (better formatted XML), or "text".

   -r[emote]:VALUE  Specify the identifier of a remote endpoint/system.
                    This can be a simple host name or a complete URL.

   -skipCAcheck     The certificate issuer need not be a trusted root authority.
                    Remote HTTPS operations for trusted machines.

   -skipCNcheck     The certificate common name (CN) of the server need not match
                    the hostname of the server. HTTPS operations for trusted machines.

   -skipRevocationcheck  Do not check the revocation status of the server certificate.
                    Remote HTTPS operations for trusted machines.

   -SPNPort         Append port number to the Service Principal Name (SPN) of the
                    remote server. 
                    Service principal name is used when Negotiate or Kerberos authentication
                    mechanism is in use.

   -timeout:MS      Timeout in milliseconds. Limits duration of corresponding operation.
                    Default timeout can be configured by:
                       winrm set winrm/config @{MaxTimeoutms="XXXXXX"}
                    Where XXXXXX is an integer indicating milliseconds.

   -file:VALUE

   @{KEY="VALUE"[;KEY="VALUE"]}
                    Input from an XML file or via key/value pairs.
                    Applies to set, create, and invoke operations

   -fragment:VALUE  Specify a section inside the instance XML that is to be updated or
                    retrieved for the given operation.
                     Example: Get the status of the spooler service
                       winrm get wmicimv2/Win32_Service?name=spooler -fragment:Status/text()
                     
                     -options:{KEY="VALUE"[;KEY="VALUE"]}

                     Key/value pairs for provider-specific options.
                     
                     Example:
                       -options:{key1="value1";key2=$null}

WinRM is the Microsoft implementation of WS-Management Protocol, a standard Simple Object Access Protocol (SOAP)-based, firewall-friendly protocol that allows hardware and operating systems, from different vendors, to interoperate.

To improve security, WinRM 2.0 uses HTTP/HTTPS ports 5985/5986 by default.

If the computer name is passed using r:<Computername> , then the default client port will be used (by default, 5985/5986).
If the computer name is passed as a URI, such as r:https://Mycomputer/wsman, then the IE default ports will be used (ports 80/443 by default).

Files:
C:\WINDOWS\system32\winrm.vbs

Examples

Configure Windows Remote Management on the server (DemoServer2), run this from an elevated CMD (or powershell) prompt:
C:\> winrm quickconfig

On a client you can then open a remote shell connected to DemoServer2 with:
winrs -r:DemoServer2 cmd

Retrieve current configuration in XML format:

winrm get winrm/config -format:pretty

Retrieve spooler instance of Win32_Service class:

winrm get wmicimv2/Win32_Service?Name=spooler

Modify a configuration property of WinRM:

winrm set winrm/config @{MaxEnvelopeSizekb="100"}

Disable a listener on this machine:

winrm set winrm/config/Listener?Address=*+Transport=HTTPS @{Enabled="false"}

Add remote machine to the trusted hosts list (used if your computers aren’t on a domain):

winrm set winrm/config/client '@{TrustedHosts="workstation64,server1"}'

Create instance of HTTP Listener on IPv6 address:

winrm create winrm/config/Listener?Address=IP:3ffe:8311:ffff:f2c1::5e61+Transport=HTTP

Delete the HTTP listener on this machine for given IP address:

winrm delete winrm/config/Listener?Address=IP:192.168.2.1+Transport=HTTP

Call StartService method on Spooler service:

winrm invoke StartService wmicimv2/Win32_Service?Name=spooler

Call Create method of Win32_Process class with specified parameters:

winrm invoke Create wmicimv2/Win32_Process @{CommandLine="notepad.exe";CurrentDirectory="C:\"}

Display error message associated with the error code 0x5:

winrm helpmsg 0x5

“Start where you are. Distant fields always look greener, but opportunity lies right where you are. Take advantage of every opportunity of service” ~ Robert Collier

Related commands

WINRS - Windows Remote Shell.
Equivalent PowerShell: Enable-PSRemoting - Configure the computer to receive remote commands.
Equivalent PowerShell: Enter-PSSession - Start an interactive session with a remote computer.


 
Copyright © 1999-2024 SS64.com
Some rights reserved