Windows Remote Management(WinRM)
Windows Remote Management (WinRM) is the Microsoft implementation of WS-Management firewall-friendly Protocol based on SOAP (Simple Object Access Protocol)over HTTP and HTTPS.
This used to obtain hardware and system data from an operating systems other than Windows. WinRM establishes a session with a remote computer through the SOAP-based WS-Management protocol rather than a connection through DCOM, as WMI does. Data returned to WS-Management protocol are formatted in XML rather than in objects.
Apart from WMI, WinRM utilizes the Intelligent Platform Management Interface (IPMI) driver for hardware management. The IPMI provider and driver enable you to control and diagnose remote server hardware through BMCs [Baseboard Management Controllers] even when the OS is not running or deployed. Effectively BMC is a chip connected to the processor board of a server; it has its own network adapter and hence can monitor the server in situations even when the server is malfunctioning.
Supported authentication mechanisms
Digest [Client Only]
command to run : winrm quickconfig -q
using this command service will start and set auto start and create a listener to accept requests on any IP address
To list all the WinRM listeners, run this command:
Winrm enumerate winrm/config/listener
You can also get the configuration information of the Service, Client and WinRS by running the following command:
Winrm get winrm/config
supported operations are
winrm OPERATION RESOURCE_URI [-SWITCH:VALUE [-SWITCH:VALUE] …]
For help on a specific operation:
winrm g[et] -? Retrieving management information.
winrm s[et] -? Modifying management information.
winrm c[reate] -? Creating new instances of management resources.
winrm d[elete] -? Remove an instance of a management resource.
winrm e[numerate] -? List all instances of a management resource.
winrm i[nvoke] -? Executes a method on a management resource.
winrm id[entify] -? Determines if a WS-Management implementation is
running on the remote machine.
winrm quickconfig -? Configures this machine to accept WS-Management
requests from other machines.
winrm configSDDL -? Modify an existing security descriptor for a URI.
winrm helpmsg -? Displays error message for the error code.
For help on related topics:
winrm help uris How to construct resource URIs.
winrm help aliases Abbreviations for URIs.
winrm help config Configuring WinRM client and service settings.
winrm help certmapping Configuring client certificate access.
winrm help remoting How to access remote machines.
winrm help auth Providing credentials for remote access.
winrm help input Providing input to create, set, and invoke.
winrm help switches Other switches such as formatting, options, etc.
winrm help proxy Providing proxy information.
winrm get wmicimv2/Win32_Service?Name=spooler
>winrm get wmicimv2/Win32_Service?Name=spooler
AcceptPause = false
AcceptStop = true
Caption = Print Spooler
CheckPoint = 0
CreationClassName = Win32_Service
Description = Loads files to memory for later printing
DesktopInteract = true
DisplayName = Print Spooler
ErrorControl = Normal
ExitCode = 0
InstallDate = null
Name = spooler
PathName = C:\windows\System32\spoolsv.exe
ProcessId = 1348
ServiceSpecificExitCode = 0
ServiceType = Own Process
Started = true
StartMode = Auto
StartName = LocalSystem
State = Running
Status = OK
SystemCreationClassName = Win32_ComputerSystem
SystemName = xyz
TagId = 0
WaitHint = 0
You can also use the WinRm get command to query the remote computer:
“Winrm get Winrm/config –r:remotemachinename”
Run this to query the service of remote computer:
“Winrm get wmicimv2/Win32_Service?Name=spooler –r:remotemachinename”
To reboot a remote machine:
“winrm invoke reboot wmicimv2/Win32_OperatingSystem -r:<some computer>”
Start a service on a remote machine
“winrm invoke startservice wmicimv2/Win32_Service?name=w32time -r:<some computer>”
Find below for few Good Vista WS-Man (WinRM) Commands
Using in powershell
winrm set winrm/config/client @ allowunencrypted= true
winrm set winrm/config/client @ trustedhosts= local
winrm set winrm/config/service @ allowunencrypted= true