WINRS

Windows Remote Shell

Syntax
      winrs [-/SWITCH[:VALUE]] COMMAND

Key
   COMMAND    Any string that can be executed as a command in the cmd.exe shell.

           (All switches accept both short form or long form. For example both -r and 
            -remote are valid.)

   -r[emote]:ENDPOINT        The target endpoint using a NetBIOS name or the standard
                             connection URL: [TRANSPORT://]TARGET[:PORT].
                             If not specified  -r:localhost is used.

   -un[encrypted]            Messages to the remote shell will not be encrypted. This is useful for
                             troubleshooting, or when the network traffic is already encrypted using
                             ipsec, or when physical security is enforced.
                             By default the messages are encrypted using Kerberos or NTLM keys.
                             This switch is ignored when HTTPS transport is selected. 

   -u[sername]:USERNAME      Username. If -username is specified, -password must be as well.
                             If not specified Winrs will negotiate authentication or prompt. 

   -p[assword]:PASSWORD      Password. If not specified winrs will prompt for it.

   -d[irectory]:PATH         The starting directory for remote shell.
                             If not specified the remote shell will start in %USERPROFILE%.

   -env[ironment]:STRING=VALUE
                             A single environment variable to be set when shell starts.
                             This allows changing default environment for the shell.
                             Multiple occurrences of this switch may be used.

   -noe[cho]                 Disable echo. This may be necessary to ensure that user's answers
                             to remote prompts are not displayed locally. By default echo is "on".

   -nop[rofile]              Do not load the user's profile. By default the server will attempt to load
                             the user profile. If the remote user is not a local administrator on the
                             target system then this option will be required.

   -comp[ression]            Turn on compression.  Older installations on remote machines may
                             not support compression so it is off by default.

   -[use]ssl                 Use an SSL connection when using a remote endpoint. Specifying this instead
                             of the transport "https:" will use the default WinRM default port. 

   -?                        Help

To terminate the remote command press Ctrl-C or Ctrl-Break, which will be sent to the remote shell. The second Ctrl-C will force termination of winrs.exe.
The URI alias to manage active shells is shell/cmd. The URI alias for WinRS configuration is winrm/config/winrs.

Examples

Configure Windows Remote Management on the server (DemoServer2), run this from an elevated CMD (or powershell) prompt:
C:\> winrm quickconfig

On a client you can then open a remote shell connected to DemoServer2 with:
winrs -r:DemoServer2 cmd

Batch file to quickly open a remote cmd shell:
[rshell.cmd]
@echo off
winrs -r:%1 cmd

Run a dir command on a remote machine:
C:\> winrs -r:DemoServer3 dir

Run an install package on a remote server:
C:\> winrs -r:Server25 msiexec.exe /i c:\install.msi /quiet

Run a powershell script on the remote box:

C:\> winrs /r:DemoServer2 powershell.exe -nologo -noprofile -command d:\test\test.ps1

Note that you can't open a full interactive remote powershell console, but as remoting functionality is built-in to Powershell 2.0 there isn't any need.

Connecting to the remote server 'myserver'

winrs -r:https://myserver.com command
winrs -r:myserver.com -usessl command
winrs -r:myserver command
winrs -r:http://127.0.0.1 command
winrs -r:http://169.51.2.101:80 -unencrypted command
winrs -r:https://[::FFFF:129.144.52.38] command
winrs -r:http://[1080:0:0:0:8:800:200C:417A]:80 command
winrs -r:https://myserver.com -t:600 -u:administrator -p:$%fgh7 ipconfig
winrs -r:myserver -env:PATH=^%PATH^%;c:\tools -env:TEMP=d:\temp config.cmd
winrs -r:myserver netdom join myserver /domain:testdomain /userd:johns /passwordd:$%fgh789

“Perhaps when distant people on other planets pick up some wavelength of ours all they hear is a continuous scream” ~ Iris Murdoch

Related:

WINRM - Windows Remote Management, manage active remote shells & WinRS configuration.
Powershell: New-PSSession - this cmdlet now takes on two different parameter sets: ComputerName and ConnectionURI.


© Copyright SS64.com 1999-2014
Some rights reserved