Connect to the WinRM service (Remote Management) on a remote computer.
Syntax
Connect-WSMan [-ApplicationName string] [-ComputerName string]
[-Authentication AuthMechanism] [-Credential PSCredential]
[-CertificateThumbprint String] [-OptionSet Hashtable]
[-Port int] [-UseSSL] [-SessionOption hashtable] [CommonParameters]
Connect-WSMan [-ConnectionURI Uri]
[-Authentication Authentication] [-Credential PSCredential]
[-CertificateThumbprint String] [-OptionSet Hashtable]
[-Port int] [-SessionOption hashtable] [CommonParameters]
Key
-ApplicationName string
The application name in the connection. The default Application Name is "WSMAN"
The complete identifier for the remote endpoint is in the following format:
transport://server:port/ApplicationName
For example:
http://server64:8080/WSMAN
IIS will forward requests with this endpoint to the specified application.
This default setting of "WSMAN" is appropriate for most uses. This parameter
is designed to be used when numerous computers establish remote connections to
one computer that is running PowerShell.
In this case, IIS hosts Web Services for Management (WS-Management) for efficiency.
-Authentication AuthMechanism
The authentication mechanism to be used at the server. Possible values are:
- Basic Send username and password in clear text.
- Default Use the authentication method implemented by WS-Management protocol. This is the default.
- Digest Challenge-response scheme using a server-specified data string for the challenge.
- Kerberos Authenticate by using Kerberos certificates.
- Negotiate Challenge-response that negotiates an authentication scheme.
e.g. Kerberos protocol or NTLM.
- CredSSP Use Credential Security Service Provider (CredSSP) authentication, delegate
credentials to a remote computer. This increases the security risk, if the remote
computer is compromised, the credentials could be used to control the network session.
-CertificateThumbprint String
The digital public key certificate (X509) of a user account that has permission to perform this
action. Enter the certificate thumbprint of the certificate. Certificates are used in client
certificate-based authentication. They can be mapped only to local user accounts;
they do not work with domain accounts. To get a certificate thumbprint, use the Get-Item or
Get-ChildItem command in the PowerShell Cert: drive.
-ComputerName string
The computer against which you want to run the management operation.
A fully qualified domain name, NetBIOS name, or an IP address.
Use the local computer name, localhost, or a dot (.) to specify the local computer.
The local computer is the default. When the remote computer is in a different domain,
use a fully qualified domain name. You can pipe a value for ComputerName.
-ConnectionURI Uri
The connection endpoint. The format of this string is:
Transport://Server:Port/ApplicationName.
The following string is a properly formatted value for this parameter:
http://Server01:8080/WSMAN. The URI must be fully qualified.
-Credential PSCredential
A user account that has permission to perform this action. default=current user.
e.g. "User64", "Domain01\User64", or "User64@Domain.com". Or a PSCredential object, such as
returned by the Get-Credential cmdlet. When you type a user name, you will be prompted for a password.
-OptionSet hashtable
Pass a set of switches to the service to modify or refine the nature of the request.
These are similar to switches used in command-line shells in that they are service specific.
Any number of options can be specified.
The following example demonstrates the syntax that passes the values 1, 2, and 3 for
the a, b, and c parameters:
-OptionSet @{a=1;b=2;c=3}
-Port int32
The port to use when the client connects to the WinRM service.
When the transport is HTTP, the default port is 80.
When the transport is HTTPS, the default port is 443.
When you use HTTPS as the transport, the value of the -ComputerName parameter must match the server’s
certificate common name (CN). However, if the SkipCNCheck parameter is specified as
part of the SessionOption parameter, then the certificate common name of the server does not have
to match the host name of the server. The SkipCNCheck parameter should be used only for trusted
computers.
-SessionOption hashtable
Define a set of extended options for the WS-Management session.
Enter a SessionOption object that you create by using New-WSManSessionOption.
-UseSSL
Use the Secure Sockets Layer (SSL) protocol to establish a connection to the remote computer.
By default, SSL is not used.
WS-Management encrypts all PowerShell content that is transmitted over the network.
The UseSSL parameter lets you specify the additional protection of HTTPS instead of HTTP.
This will fail if SSL is not available on the port that is used for the connection.
Connect-WSMan establishes a persistent connection to the remote computer.
You can connect to the WinRM service on a remote computer before or after you change to the WS-Management provider.
The remote computer will appear in the root directory of the WS-Management provider.
Create a connection to the remote computer, PC64:
PS C:\> Connect-WSMan -computer PC64
PS C:\Users\testuser> cd wsman:
PS WSMan:\>
PS WSMan:\> dir
Create a connection to the remote system server64 using the Administrator account credentials and with a connection time out of 10 seconds (10,000 milliseconds):
PS C:\> $cred = Get-Credential Administrator
PS C:\> $tout = New-WSManSessionOption -operationtimeout 10000
PS C:\> Connect-WSMan -computer server64 -credential $cred -sessionoption $tout
PS C:\Users\testuser> cd wsman:
PS WSMan:\>
PS WSMan:\> dir
“From now on, I’ll connect the dots my own way” ~ Bill Watterson
Disconnect-WSMan - Disconnect from the WinRM service on a remote computer.
New-WSManSessionOption - Options for WSMan commands.
Invoke-Command - Run a single command on local or remote computer.
Enter-PSSession - Start an interactive session with a remote computer.
Test-WSMan - Test whether the WinRM service is running.
psExec - Execute process remotely.