Created
February 26, 2018 05:55
-
-
Save deoren/c5853ba279e4e63530ab1194bb2289eb to your computer and use it in GitHub Desktop.
Enable WinRM Service
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #------------------------------------------------------------------------------------ | |
| #\|-|-|/\|-|-|/\|-|-|/\|-|-|/\|-|-|/\|-|-|/\|-|-|/\|-|-|/\|-|-|/\|-|-|/\|-|-|/\|-|-|/ | |
| #/|-|-|\/|-|-|\/|-|-|\/|-|-|\/|-|-|\/|-|-|\/|-|-|\/|-|-|\/|-|-|\/|-|-|\/|-|-|\/|-|-|\ | |
| #------------------------------------------------------------------------------------ | |
| #|\-- | |
| #|-\-Author: Chris Rakowitz | |
| #|--\Purpose: Allows for Enabling and Disabling of the Windows Remote Managment | |
| #|--/ Service. | |
| #|-/-Date: October 10, 2015 | |
| #|/--Updated: June 21, 2016 (1.01) | |
| #|\-- [+] WinRM now enabled using native PowerShell commands instead of | |
| #|-\- PSEXEC. | |
| #|-/- June 22, 2016 (1.02) | |
| #|/-- [+] Now properly enables/disables rules for Windows 8.1. | |
| #|\-- [+] Creates WSMAN Listener manually using registry. | |
| #|-\- [+] Creates Windows Firewall Exceptions. | |
| #|--\ [+] Enable Windows Remote Management. | |
| #|--/ [-] Script no longer relies on PSEXEC at all to configure WinRM. | |
| #|-/-Version: 1.02 | |
| #|/-- | |
| #------------------------------------------------------------------------------------ | |
| #\|-|-|/\|-|-|/\|-|-|/\|-|-|/\|-|-|/\|-|-|/\|-|-|/\|-|-|/\|-|-|/\|-|-|/\|-|-|/\|-|-|/ | |
| #/|-|-|\/|-|-|\/|-|-|\/|-|-|\/|-|-|\/|-|-|\/|-|-|\/|-|-|\/|-|-|\/|-|-|\/|-|-|\/|-|-|\ | |
| #------------------------------------------------------------------------------------ | |
| <# | |
| .SYNOPSIS | |
| Enables or Disables the Windows Remote Management services on a target | |
| computer. Performs the same actions as winrm.cmd quickconfig. | |
| .PARAMETER $ComputerName | |
| Accepts a single computer name or IP Address. Also accepts a | |
| comma-separated list or a path to a text file list as input. | |
| Leaving this parameter blank will result in the script running on | |
| the local machine. | |
| .PARAMETER $Mode | |
| Valid Options are Enable or Disable. This tells the script | |
| what option to perform. | |
| .EXAMPLE | |
| Manage-WindowsRM.ps1 -Mode Enable | |
| Enables the Windows Remote Management services on the Local | |
| computer. | |
| .EXAMPLE | |
| Manage-WindowsRM.ps1 -Mode Enable -ComputerName TEST-1234 | |
| Enables Windows Remote Management services on the computer TEST-1234. | |
| .EXAMPLE | |
| Manage-WindowRM.PS1 -Mode Disable -ComputerName "C:\My\List.txt" | |
| Will disable the Windows Remote Management services on all the computers | |
| in the list provided. | |
| .EXAMPLE | |
| Manage-WindowsRM.ps1 -Mode Enable -ComputerName Test-1, Test-2, Test-3 | |
| Enable the Windows Remote Management services on the computers Test-1, | |
| Test-2 and Test-3. | |
| .NOTES | |
| This is required to be run as a local administrator or as a Domain | |
| account that has Administrator rights on the target computer or | |
| computers. | |
| #> | |
| [cmdletbinding()] | |
| param | |
| ( | |
| [Parameter(Mandatory=$True)] $Mode, | |
| [Parameter(Mandatory=$False)] [string[]]$ComputerName = $env:computername | |
| ) | |
| # Tell Powershell to ignore any errors that may fill up the screen. | |
| #$ErrorActionPreference = 'silentlycontinue' | |
| If($ComputerName -Like "*.txt") | |
| { | |
| $CompList = Get-Content ([regex]::matches($ComputerName,'[^\"]+') | %{$_.value}) | |
| } | |
| Else | |
| { | |
| $CompList = $ComputerName | |
| } | |
| Foreach($Computer in $CompList) | |
| { | |
| # Enable the Windows RM Service and Enable Firewall Inbound Rules. | |
| # Creates WinRM Listener Manually in the Registry. WinRM will detect these | |
| # settings when it is started. | |
| # The Remote Registry service is enabled to allow for the Listener to be created | |
| # in the Registry. | |
| If($Mode -Like "Enable") | |
| { | |
| $CompOS = (Get-WMIObject -Class Win32_OperatingSystem -ComputerName $Computer).caption | |
| Write-Host "Enabling Remote Management" -Foreground green -Background black | |
| # Enable the Remote Registry service on the target computer. This allows keys to read/modified. | |
| # Create the WinRM Listener manually here. Once the WinRM Service is enabled it will read this key. | |
| Write-Host "Enabling Remote Registry and Creating WinRM Listener" ` | |
| -Foreground yellow -Background black | |
| Set-Service -ComputerName $Computer -StartUpType Manual -Status Running ` | |
| -Name RemoteRegistry -DisplayName "Remote Registry" | |
| # Access the registry and create the needed subkey for the HTTP Listener that WinRM Requires. | |
| $RegBaseKey = [Microsoft.Win32.RegistryKey]::OpenRemoteBasekey('LocalMachine', "$Computer") | |
| $WSMANKeys = $RegBaseKey.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\WSMAN\\Listener", $True) | |
| $WSMANKeys.CreateSubKey("*+HTTP") | Out-Null | |
| $NewKey = $RegBaseKey.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\WSMAN\\Listener\\*+HTTP", $True) | |
| $NewKey.SetValue("certThumbprint","",[Microsoft.Win32.RegistryValueKind]::String) | |
| $NewKey.SetValue("enabled","1",[Microsoft.Win32.RegistryValueKind]::DWORD) | |
| $NewKey.SetValue("hostname","",[Microsoft.Win32.RegistryValueKind]::String) | |
| $NewKey.SetValue("Port","5985",[Microsoft.Win32.RegistryValueKind]::DWORD) | |
| $NewKey.SetValue("uriprefix","wsman",[Microsoft.Win32.RegistryValueKind]::String) | |
| # Manually Enable Windows Remote Management using PowerShell. | |
| Write-Host "Starting Windows Remote Management Service" ` | |
| -Foreground yellow -Background black | |
| Set-Service -ComputerName $Computer -StartUpType Manual -Status Running ` | |
| -Name WinRM | |
| # Create the needed Windows Firewall Inbound Exceptions. | |
| If($CompOS -Like '*7*') | |
| { | |
| Write-Host "Enabling Windows 7 Remote Management Firewall Rules" ` | |
| -Foreground yellow -Background black | |
| NETSH -r $Computer ADVFIREWALL FIREWALL SET RULE name="Windows Remote Management (HTTP-In)" ` | |
| profile=domain new remoteip=localsubnet localport=5985 enable=yes | |
| NETSH -r $Computer ADVFIREWALL FIREWALL SET RULE name="Windows Remote Management (HTTP-In)" ` | |
| profile=private new remoteip=any localport=5985 enable=yes | |
| } | |
| Elseif($CompOS -Like '*8*') | |
| { | |
| Write-Host "Enabling Windows 8.1 Remote Management Firewall Rules" ` | |
| -Foreground yellow -Background black | |
| NETSH -r $Computer ADVFIREWALL FIREWALL SET RULE name="Windows Remote Management (HTTP-In)" ` | |
| profile="Domain,Private" new remoteip=any localport=5985 enable=yes | |
| } | |
| break | |
| } | |
| # Completely Disables Windows Remote Management on the Target computer if it is enabled. | |
| # Deletes WinRM Listener from registry, Stops and sets the WinRM service back to manual. | |
| # Closes all Windows Firewall In-bound rules that were created for WinRM. | |
| ElseIf($Mode -Like "Disable") | |
| { | |
| $CompOS = (Get-WMIObject -Class Win32_OperatingSystem -ComputerName $Computer).caption | |
| # Disable WinRM. | |
| Write-Host "" | |
| Write-Host "Disabling Remote Management" -Foreground cyan -Background black | |
| $RegBaseKey = [Microsoft.Win32.RegistryKey]::OpenRemoteBasekey('LocalMachine', "$Computer") | |
| $WSMANKeys = $RegBaseKey.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\WSMAN\\Listener", $True) | |
| # Delete the WinRM Listener. | |
| Write-Host "Deleting WinRM Listener" -Foreground yellow -Background black | |
| $WSMANKeys.DeleteSubKey("*+HTTP") | |
| # Disable all the WinRM Firewall Rules. | |
| If($CompOS -Like '*7*') | |
| { | |
| Write-Host "Disabling Windows 7 Remote Management Firewall Rules" ` | |
| -Foreground yellow -Background black | |
| NETSH -r $Computer ADVFIREWALL FIREWALL SET RULE name="Windows Remote Management (HTTP-In)" ` | |
| profile=domain new enable=no | |
| NETSH -r $Computer ADVFIREWALL FIREWALL SET RULE name="Windows Remote Management (HTTP-In)" ` | |
| profile=private new enable=no | |
| } | |
| Elseif($CompOS -Like '*8*') | |
| { | |
| Write-Host "Disabling Windows 8.1 Remote Management Firewall Rules" ` | |
| -Foreground yellow -Background black | |
| NETSH -r $Computer ADVFIREWALL FIREWALL SET RULE name="Windows Remote Management (HTTP-In)" ` | |
| profile="Domain,Private" new enable=no | |
| } | |
| # Disable Windows Remote Management. | |
| Write-Host "Stopping Windows Remote Management Service" ` | |
| -Foreground yellow -Background black | |
| (Get-Service -ComputerName $Computer -Name WinRM).stop() | |
| Write-Host "Setting Windows Remote Management Service to Manual" ` | |
| -Foreground yellow -Background black | |
| Set-Service -ComputerName $Computer -StartUpType Manual -Name WinRM | |
| # Disable the Remote Registry service. | |
| Write-Host "Stopping Remote Registry Service" -Foreground yellow -Background black | |
| (Get-Service -ComputerName $Computer -Name RemoteRegistry).stop() | |
| Write-Host "Disabling Remote Registry Service" -Foreground yellow -Background black | |
| Set-Service -ComputerName $Computer -StartUpType Disabled -Name RemoteRegistry | |
| Write-Host "" | |
| break | |
| } | |
| Else | |
| { | |
| Write-Host "That is not a recognized option." -Foreground red -Background black | |
| Write-Host "Valid Options are: Enable | Disable" -Foreground red -Background black | |
| Write-Host "" | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I don't recall where I found this script. I found it stashed in a Notepad++ tab that I had forgotten to save. With Notepad++ allowing for unsaved tabs (at least from the user's perspective), it's easy to forget to save something out if you regularly use tabs for scratch work.