sign in sign up
<<
Home , Remote Desktop Services, Server Core, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2

Windows PowerShell Web Access Management Infrastructure Management Log File Locations Windows PowerShell Web Access, introduced in Windows 2012, Quick and easy event forwarding using WS-Man: lets you configure (IIS) as a gateway, providing a web-based Component Event Tracing for Windows Comment 1. Set up 3 types of event forwarding: Push, Pull, Source-Initiate Channels Windows PowerShell console targeted at a remote computer. For more 2. Event gets published in NT event log information, see Install and Use Windows PowerShell Web Access 3. Passed on to WS-Man (event forwarding functionality) Server Manager Applications And Services Client operations (http://go.microsoft.com/fwlink/?LinkID=221050). 4. WS-Man forwards event to the event collector console Logs\\Windows\Se events; stored on the rverManager-MultiMachine computer that is Install-PswaWebApplication (requires elevation) 5. Event collector collects events in forwarded channel of event log running Server Quick configuration of the PSWA application and application pool. • One collector can scale to multiple sources and events Manager The cmdlet installs the , pswa (and an application • More information about how to enable event forwarding: pool for it, pswa_pool), in the Default Web Site container that is http://msdn.microsoft.com/en-us/library/bb870973.aspx Server Manager …\ServerManager- Events in this log are displayed in IIS Manager. For a test environment only, add the http://technet.microsoft.com/en-us/query/bb736545 Management ManagementProvider stored on the UseTestCertificate parameter, which applies a self-signed test Provider managed server Out-of-band management using WS-Man: examples certificate to the website. Do not use a test certificate in any Add Roles and …\ServerManager- environment that should be secure. Power On Features Wizard MultiMachine Add-PswaAuthorizationRule (in WS12 R2, can run on remote Example Add Roles and …\ServerManager- Event IDs 4000-4099 computers with -Credential parameter) winrm invoke RequestStateChange cimv2/CIM_ComputerSystem - Features Wizard MultiMachine Adds a new authorization rule. Authorizes specified users or groups r:http://machine:623 -a:digest -u:admin - Workflow access to specified session configurations on specified computers. p:password @{RequestedState=”2”} Without authorization rules, no users can access anything by using Power Off Server Manager …\ServerManager- the web-based console. Example Deployment DeploymentProvider winrm invoke RequestStateChange cimv2/CIM_ComputerSystem - Provider Remove-PswaAuthorizationRule r:http://machine:623 -a:digest -u:admin - Removes a specified authorization rule from Windows PowerShell Windows …\Microsoft-Windows-DSC p:password @{RequestedState=”3”} Web Access. PowerShell DSC Get chassis info Get-PswaAuthorizationRule Example Windows …\PowerShell Event 45079 shows Returns a set of Windows PowerShell Web Access authorization winrm enumerate cimv2/CIM_Chassis -r:http://machine:623 – PowerShell each activity run rules. When it is used without parameters, the cmdlet returns all a:digest -u:admin -p:password Workflow general rules. Get info Test-PswaAuthorizationRule (in WS12 R2, can run on remote Example Configure …\ServerManager- computers with -Credential parameter) winrm get wmicimv2/Win32_OperatingSystem Remote ConfigureSMRemoting Evaluates authorization rules to determine if a specific user, Management computer, or session configuration access request is authorized. By task default, without parameters, the cmdlet evaluates all authorization Common remote management tasks rules. By adding parameters, you can specify an authorization rule or Add servers to existing list of TrustedHosts Related Log File Locations a subset of rules to test. Example Set-Item wsman:\localhost\Client\TrustedHosts Server01 - Component Event Tracing for Windows Channels Function keys for Windows PowerShell Web Access Concatenate -Force In the web-based console, some function keys are different than those Create a new listener over port 5985 (for older releases of WinRM Applications and Services in PowerShell.exe, and some function keys are not supported in the ) Logs\Microsoft\Windows\Windows web-based console. For a complete list of shortcuts for PowerShell.exe Example Remote Management that aren’t supported in Windows PowerShell Web Access, see Use the winrm create winrm/config/Listener?Address=*+Transport=HTTP WMI …\WMI-Activity Web-based Windows PowerShell Console winrm set winrm/config/Listener?Address=*+Transport=HTTP Component-based Servicing %windir%\Logs (http://go.microsoft.com/fwlink/?LinkId=254378). @{Port="5985"} (CBS) Shortcut in PS.exe Shortcut in PSWA Configure the number of maximum shells allowed per user Example Deployment Image Servicing %windir%\Logs Ctrl+C to cancel Ctrl+Q or Cancel button winrm s winrm/config/winrs @{MaxShellsPerUser="X"} and Management (DISM) F5 Use the History scroll buttons Alt+Space, c or Exit Click Exit, or type Exit (none) Click Save to save a session for later

Provide alternate credentials at sign-in For detailed help about any cmdlet, including complete descriptions of all parameters, first run Update-Help, and then enter the following in a If the credentials to manage a remote computer are different from Windows PowerShell session: Get-Help -Full those you use to authenticate on the Windows PowerShell Web Access Windows PowerShell Core Help topics online: http://go.microsoft.com/fwlink/?LinkID=238561 gateway, specify alternate credentials in the Optional Connection area on the Windows PowerShell Web Access sign-in . For Windows Server Migration Portal: http://go.microsoft.com/fwlink/?LinkID=247608 Cmdlet Help: http://go.microsoft.com/fwlink/?LinkID=246313 detailed instructions, see Use the Web-based Windows PowerShell Best Practices Analyzer Help: http://go.microsoft.com/fwlink/?LinkID=223177 Cmdlet Help: http://go.microsoft.com/fwlink/?LinkID=240177 Console (http://go.microsoft.com/fwlink/?LinkId=254378). Server Manager Help: http://go.microsoft.com/fwlink/?LinkID=221057 Cmdlet Help: http://technet.microsoft.com/library/jj205465.aspx Windows PowerShell Script Center: http://technet.microsoft.com/ScriptCenter Manage Remote Servers Remote Management Settings Install Roles and Features Use Server Manager in R2 (or RSAT for Windows In , enabling remote management by default In the Server Manager console 8.1) to manage remote servers that are running the following operating does the following: On the Manage menu, click Add Roles and Features. To deploy systems, after those servers are prepared by performing the following • Sets Windows Remote Management (WinRM) service startup type in either a Virtual Desktop Infrastructure steps. See http://go.microsoft.com/fwlink/?LinkID=241358 for more to Automatic and starts the service (VDI) or a Session configuration, on the Select information. • Enables and Negotiate authentication types installation type page of the Add Roles and Features Wizard, select • Enables inbound rules for WinRM Remote Desktop installation. Windows Server 2012 and Windows Server 2012 R2 • Changes subnet scoping rules to allow the following by default In Windows Server 2012 and later, Server Manager and Windows In the Add Roles and Features Wizard, you can install roles and • Domain or private profile: any IP address features on the local server, or on a single remote server that is PowerShell remote management is enabled by default. If remote • Public profile: LocalSubnet only management has been disabled, do one of the following: running Windows Server 2012 R2. See details here: • Sets wsman:\localhost\Service\AllowRemoteAccess to True http://technet.microsoft.com/library/hh831809.aspx . • On the Local Server page of Server Manager, click Remote • Creates a WinRM listener over HTTP port number 5985 Install by using deployment cmdlets (require elevation) Management. Select Enable remote management of this server The LocalAccountTokenFilterPolicy default setting prevents remote Get-WindowsFeature from other computers. management by local, non-domain Administrator accounts other than Gets information about roles, role services, and features that are • Run the following in Windows PowerShell as an administrator: the built-in Administrator account. For more information about remote available and installed on a server. Add the ComputerName Configure-SMRemoting.exe -Enable management in Server Manager, see parameter to specify a server other than the local server. R2 http://go.microsoft.com/fwlink/?LinkID=252970. In , Server Manager and Windows Examples PowerShell remote management is disabled by default. To enable Export Server Manager Settings Get-WindowsFeature AD*,Web* Get-WindowsFeature it:, do one of the following: To other domain-joined computers • In the Server Summary area of the Server Manager home page, Install-WindowsFeature (alias: Add-WindowsFeature) In Active Users and Computers, make the profile of a Installs roles, role services, and features on a server that is running click Configure Server Manager Remote Management. Select Server Manager user roaming. Open the Properties for a Server Enable remote management of this server from other Windows Server 2012 R2. Add the ComputerName parameter to Manager user. On the Profile tab, add a path to a network share to specify a server other than the local server. Add the Source computers. store the user’s profile. On U.S. English builds, changes to the • Run the following Windows PowerShell script as an parameter to specify an alternate location for feature files, in a ServerList.xml file are automatically saved to the profile. On other Features on Demand configuration. Administrator: Configure-SMRemoting.ps1 builds, copy these two files from the computer that is running To manage this operating system by using Server Manager in Examples Server Manager to the network share that is part of the user’s Install-WindowsFeature -Name Web-Server Windows Server 2012 R2, also install the following, in the order roaming profile: shown: Get-WindowsFeature Web* | Install-WindowsFeature • %appdata%\Roaming\Microsoft\Windows\ServerManager\Serv Uninstall-WindowsFeature (alias: Remove-WindowsFeature) 1. .NET Framework 4.5 erList.xml (http://www.microsoft.com/download/details.aspx?id=30653) Uninstalls roles, role services, and features from a computer that is • %appdata%\Local\Microsoft_Corporation\ServerManager.exe_ running Windows Server 2012 R2. Add the Remove parameter to 2. Windows Management Framework 4.0 StrongName_GUID\6.3.0.0\user.config (http://go.microsoft.com/fwlink/?LinkID=293881) delete unused feature files in a Features on Demand configuration. To a workgroup computer Example 3. KB 2682011 Performance Counter Update On a computer from which you want to manage remote servers, (http://go.microsoft.com/fwlink/p/?LinkID=245487) Uninstall-WindowsFeature -Name "Telnet-Client","Telnet-Server“ - overwrite these two files with the same files from another computer Remove Windows Server 2008 that’s running Server Manager, and that has the settings you want. Get-WindowsFeature Web* | Uninstall-WindowsFeature In Windows Server 2008, Server Manager has no setting to enable • %appdata%\Roaming\Microsoft\Windows\ServerManager\Serv remote management. Enable remote management of the server by erList.xml Features on Demand • %appdata%\Local\Microsoft_Corporation\ServerManager.exe_ running Enable-PSRemoting in a Windows PowerShell session that Run Uninstall-WindowsFeature -Remove to delete feature files StrongName_GUID\6.3.0.0\user.config has been run as Administrator. from Windows Server 2012 R2 servers to save disk space. Later, Server Manager in Windows Server 2012 R2 can perform limited you can install features by specifying a path to a remote source management on Windows Server 2008. Install the following, in the Run Minimal GUI Options where feature files are stored. order shown. Note that WMF 4.0 cannot be installed on Windows In Windows Server 2012 and later, you can switch between a server • When you delete features, features that depend upon the Server 2008. with a GUI, and or a minimal server interface option as files you remove are also deleted. 1. .NET Framework 4.0 needed. Server Manager runs without Server Graphical , but does • When you delete feature files for a subfeature, and no other (http://go.microsoft.com/fwlink/?LinkID=212547) not run on Server Core. You can use Server Manager to manage remote subfeatures for the parent feature are installed, then files for 2. Windows Management Framework 3.0 servers running Server Core. the entire parent role or feature are deleted. (http://www.microsoft.com/download/details.aspx?id=34595) For more about Server Core and minimal GUI options, see Windows For more information, see Configure Features on Demand 3. KB 2682011 Performance Counter Update Server Installation Options (http://go.microsoft.com/fwlink/?LinkID=253756). (http://go.microsoft.com/fwlink/p/?LinkID=245487) (http://go.microsoft.com/fwlink/p/?LinkId=241573). Install .NET Framework 3.5 and other Features on Install on Offline VHDs or VHDxs Demand Server Manager is not available. To enable remote management, To install features on offline VHDs or VHDxs, the VHDs must: To install .NET Framework 3.5 or other features that have been deleted configure WinRM and DCOM remote management as described in • Be running Windows Server 2012 R2 from a target server, do one of the following: Configure Remote Management • Not have more than one system volume or partition • Specify an alternate feature file repair source path (http://go.microsoft.com/fwlink/?LinkId=252970). • Network share containing VHD file must grant these access rights to • Configure to provide the source path automatically Server Manager in Windows Server 2012 R2 can get only online or the computer account of server selected to mount the VHD • Let the installation get feature files from . offline and limited data about Windows Server 2003. • Read/Write access on dialog box. See details here: http://go.microsoft.com/fwlink/?LinkId=253762. • Full Control access on Security tab , file or folder Properties