New-CIMSessionOption (PowerShell 3.0+ )

Advanced options for New-CimSession.

Syntax
      New-CimSessionOption [-Protocol] {Dcom | Default | Wsman}
         [-Culture CultureInfo] [-UICulture CultureInfo] [CommonParameters]
    
      New-CimSessionOption [-Culture CultureInfo] [-EncodePortInServicePrincipalName] [-Encoding PacketEncoding] 
         [-HttpPrefix Uri] [-MaxEnvelopeSizeKB UInt32] [-NoEncryption] [-ProxyAuthentication PasswordAuthenticationMechanism]
            [-ProxyCertificateThumbprint String] [-ProxyCredential PSCredential] 
               [-ProxyType ProxyType] [-SkipCACheck] [-SkipCNCheck] [-SkipRevocationCheck] [-UICulture CultureInfo]
                  [-UseSSL] [CommonParameters]
    
      New-CimSessionOption [-Culture CultureInfo] [-Impersonation ImpersonationType] [-PacketIntegrity] 
         [-PacketPrivacy] [-UICulture CultureInfo] [CommonParameters]

Key
   -Culture CultureInfo
       Specifies the user interface culture to use for the CIM session. Specify the value for this parameter using 
       one of the following formats:

         Enter a culture name in languagecode2-country/regioncode2 format such as "EN-US". 
         A variable that contains a CultureInfo object. 
         A command that gets a CultureInfo object, such as Get-Culture.

   -EncodePortInServicePrincipalName
       Indicates that the Kerberos connection is connecting to a service whose service principal name (SPN) includes 
       the service port number. This type of connection is not common.

   -Encoding PacketEncoding
       The encoding used for the WsMan protocol:  psdx_paramvalues Default, Utf8, or Utf16.

   -HttpPrefix Uri
       The part of the HTTP URL after the computer name and port number. Changing this is not common.
       By default, the value of this parameter is /wsman.

   -Impersonation ImpersonationType
       Creates a DCOM session to Windows Management Instrumentation (WMI) using impersonation.

       Valid values for this parameter are: 

        -- Default: DCOM can choose the impersonation level using its normal security negotiation algorithm. 
        -- None: The client is anonymous to the server. The server process can impersonate the client, but the 
                 impersonation token does not contain any information and cannot be used. 

        -- Identify: Allows objects to query the credentials of the caller. 
        -- Impersonate: Allows objects to use the credentials of the caller. 
        -- Delegate: Allows objects to permit other objects to use the credentials of the caller.

        If Impersonation is not specified, the New-CimSession cmdlet uses the value of 3: Impersonate

   -MaxEnvelopeSizeKB UInt32
       The size limit of WsMan XML messages for either direction.

   -NoEncryption
       Turn off data encryption.

   -PacketIntegrity
       Use the Component Object Model (COM) PacketIntegrity functionality for the DCOM session created to WMI.
       By default all CIM sessions created using DCOM have -PacketIntegrity set to True.

   -PacketPrivacy
       Create a DCOM session to WMI using the COM PacketPrivacy.
       By default all CIM sessions created using DCOM have -PacketPrivacy set to True.

   -Protocol ProtocolType
       The protocol to use:    psdx_paramvaluesDCOM or WinRM.

   -ProxyAuthentication PasswordAuthenticationMechanism
       The authentication method to use for proxy resolution.
          psdx_paramvaluesDefault, Digest, Negotiate, Basic, Kerberos, NtlmDomain, or CredSsp.

   -ProxyCertificateThumbprint String
       The (x.509) digital public key certificate of a user account for proxy authentication. Enter the 
       certificate thumbprint of the certificate.

       Certificates are used in client certificate-based authentication. They can only be mapped to local user 
       accounts and they do not work with domain accounts.

       To get a certificate thumbprint, use the Get-Item or Get-ChildItem cmdlets in the wps_2 Cert: drive.

   -ProxyCredential PSCredential
       The credentials to use for proxy authentication. Enter one of the following: 

        -- A variable that contains a PSCredential object. 
        -- A command that gets a PSCredential object, such as Get-Credential

       If this option is not set, then you cannot specify any credentials.

   -ProxyType ProxyType
       The host name resolution mechanism to use.

        psdx_paramvaluesNone, WinHttp, Auto, or InternetExplorer.

       By default, the value of this parameter is InternetExplorer.

   -SkipCACheck
       Indicates that when connecting over HTTPS, the client does not validate that the server certificate is signed 
       by a trusted certification authority (CA).

       Use this parameter only when the remote computer is trusted using another mechanism, such as when the remote 
       computer is part of a network that is physically secure and isolated, or when the remote computer is listed as 
       a trusted host in a WinRM configuration.

   -SkipCNCheck
       Indicates that the certificate common name (CN) of the server does not need to match the hostname of the 
       server.

       Use this parameter only for remote operations that use the HTTPS protocol.
       Note: use this parameter only for trusted computers.

   -SkipRevocationCheck
       Indicates that the revocation check for server certificates is skipped.
       Note: use this parameter only for trusted computers.

   -UICulture CultureInfo
       Specifies the user interface culture to use for the CIM session. Specify the value for this parameter using 
       one of the following formats:

         - Enter a culture name in languagecode2-country/regioncode2 format such as "EN-US". 
   
         - A variable that contains a CultureInfo object. 

         - A command that gets a CultureInfo object, such as Get-Culture.

   -UseSSL
       Indicates that SSL should be used to establish a connection to the remote computer. By default, SSL is not used.

       WsMan encrypts all content that is transmitted over the network. This parameter lets you specify the 
       additional protection of HTTPS instead of HTTP. If SSL is not available on the port used for the connection 
       and you specify this parameter, then the command fails.

       It is recommended that you use this parameter only when the PacketPrivacy parameter is not specified.

Standard Aliases for New-CIMSessionOption: ncso

The New-CimSessionOption cmdlet creates an instance of a CIM session options object. You use a CIM session options object as input to the New-CimSession cmdlet to specify the options for a CIM session.

This cmdlet has two parameter sets, one for WsMan options and one for Distributed Component Object Model (DCOM) options. Depending on which parameters you use, the cmdlet returns either an instance of DCOM session options or returns WsMan session options.

Examples

Create a CIM session options object for DCOM and then create a new CIM session to Server64:

PS C:\> $so = New-CimSessionOption -Protocol DCOM
PS C:\> New-CimSession -ComputerName Server64 -SessionOption $so

Create a CIM session options object for WsMan, set the authentication mode to Kerberos and credentials via the $cred variable:

$session_options = @{
   ProxyAuthentication = 'Kerberos'
   ProxyCredential = $cred
   SkipCACheck = $True
   SkipCNCheck = $True
   UseSSL = $True
}
New-CimSessionOption @session_options

“Nothing that you do will ever feel good if you let people convince you that you have no choice” ~ Fiona Apple

Related PowerShell Cmdlets

New-CimSession - Create a CIM session.
Get-CimSession - Get current CIM session objects.
Get-CimInstance - Get a managed resource (storage, network, software etc).

 
Copyright © 1999-2024 SS64.com
Some rights reserved