These are the Documents to enable the PS remoting and after you can cross check by executing the invoke-command utility to cross check the winrm connectivity from source to target.

Documents for Enabling the PS Remoting

These are the below command to enable the PS remoting and after you can cross check by executing the invoke-command utility to cross check the winrm connectivity from source to target.

Enable remoting

  •  Powershelll: enable-psremoting -f

Configure RM

  • winrm quickconfig

Set execution policy

  • set-executionpolicy remotesigned (must login as administrator)
  •  enable-wsmancredssp server ((must login as administrator))
  •  set winrm/config/service/Auth @{Basic="true"}
  •  set winrm/config/service @{AllowUnencrypted="true"}
  •  set winrm/config/winrs @{MaxMemoryPerShellMB="1024"}
  •  give exception to windows firewall to winrm or stop the windows firewall service

 Below is the command to cross check whether if you are able to execute the command remotely

$username = "domain\username";
$password = ConvertTo-SecureString "password" -AsPlainText -Force;
$cred = new-object -typename System.Management.Automation.PSCredential -argumentlist $username, $password;
Invoke-command -computer <ipaddress> -credential $cred –Authentication CredSSP -ScriptBlock{HOstname}

Passing commands

We can pass multiple command in script block by separating the command by semi colon ";" for example

Invoke-command -computer <ipaddress> -credential $cred –Authentication CredSSP -ScriptBlock{Hostname;Get-PsDrive;}

Using variable

We can also save a command in a local variable, then use Invoke-Command to run the command against several remote computers:

PS C:\> $cmd = { get-eventlog -log "windows powershell" | where {$_.message -like "*certificate*"} }

PS C:\> invoke-command -computername DC1, DC2, DC3 -scriptblock $cmd

 Remote server management through WinRM

First, open the Group Policy Editor (I’m using a Windows Server 2012 R2 domain controller) and navigate to the following path:

Computer Configuration\Policies\Administrative Templates\Windows Components\Windows Remote Management (WinRM)\WinRM Service


As we can see in the following screenshot, the policy that we enable is called Allow remote server management through WinRM, and we should both enable the policy and set the IPv4/IPv6 filters to all (*).

Set WinRM service to automatic startup

We need to ensure that the WinRM service is set for automatic startup. Navigate to:

Computer Configuration\Policies\Windows Settings\Security Settings\System Services

Select the Windows Remote Management (WS-Management) service and set it for automatic startup.

Enabling PowerShell remoting in a workgroup

When our computers exist outside of an Active Directory domain, PowerShell remoting is certainly possible, but it is quite a bit more tedious to set up. One approach involves the use of digital certificates; the other, which we’ll use here, implements the TrustedHosts list.

The TrustedHosts list records the hostnames of any other systems that you want to grant remote access permissions to the local machine. First, you should verify that your workgroup computer’s TrustedHosts list is empty by running the following command:

Get-Item –Path WSMan:\localhost\Client\TrustedHosts

To grant another computer permission to establish a PowerShell remoting session with the localhost, run the following:

Set-Item –Path WSMan\localhost\Client\TrustedHosts –Value "computername"


Few things can go wrong here. If any of our NICs have a location set to “Public,” we’ll get a failure. One way around this problem is to set the problematic NIC to use the Private location profile; this shouldn’t be a problem assuming that you are secure inside your network perimeter.

Set-NetConnectionProfile –InterfaceIndex <nic_index> -NetworkCategory Private
Few Example for testing
$s = New-PSSession -ComputerName "DC1"
Invoke-Command -Session $s -ScriptBlock {$services = Get-Service}
Invoke-Command -Session $s -ScriptBlock {$services | Where-Object {$_.Status -eq "Stopped"}}
Remove-PSSession $s