I will guide you How to configure WinRM via GPO in Windows
WinRM, or Windows Remote Management, is a Microsoft protocol for managing computers remotely. This is an implementation of the WS-Management protocol for monitoring and managing remote servers and desktops of Windows systems. In this post, we will discuss how to configure WinRM via GPO on Windows computers.How to configure WinRM via GPO in Windows
WinRM, or Windows Remote Management, is a Microsoft protocol for managing computers remotely. This is an implementation of the WS-Management protocol for monitoring and managing remote servers and desktops of Windows systems. In this post, we will discuss how to configure WinRM via GPO on Windows computers.
Configure WinRM via GPO on Windows computers
If you want to configure WinRM via GPO, then follow the steps mentioned below.
- Change your connection to Private or Domain
- Check if WinRM is enabled on your system
- Configure WinRM using Group Policy Management Console
- Force Windows to update GPO settings
Let’s talk about them in detail.
1] Change your connection to Private or Domain
If you are connected to a public network, then you will not be able to enable WinRM. So, to access it, we first need to change our network to Private or Domain. To do so, follow the steps mentioned below.
- Open Windows Settings with Win + I. Go to Network & Internet.
- Now, click on Wi-Fi and then head over to your WiFi.
- Select Private Network.
- If you are using an Ethernet network connection, you need to do the same. Proceed to the next section once you have done this.
2] Check if WinRM is enabled on your system.
Next, we need to check if WinRM is already enabled on your system. If you are on a Windows server, there is a high chance that the feature is already installed on your system; however, on a Windows client, the feature is not installed out of the box. To do so, open PowerShell as administrator and then run the following command.
WinRM list winrm/config/listener If it throws the following error, the feature is not enabled.
Message WSManFault = The client cannot connect to the target specified in the request. Verify that the service on the target is running and is accepting requests. Check the logs and documentation for the WS-Management service running on the target, usually IIS or WinRM. If the target is WinRM service, run the following command on the target to scan and configure the WinRM service: “winrm quickconfig”.
Error Number: -2144108526 0x80338012 To enable it, we can simply run – winrm quickconfig. But this will enable only for that particular system, whereas with configuration via GPO, we can enable it for all the users who are connected to the domain.
3] Configure WinRM using Group Policy Management Console
The Group Policy Management Console is an interface to manage all the aspects of Group Policy across multiple domains and forests. Any changes you have made in the GPO will be applied to all the users connected to your active directory. To do so, follow the steps mentioned below.
Open the Group Policy Management Console by searching for it in the Start menu.
Select the Active Directory container (Organizational Unit) and then create a new GPO corpEnableWinRM.
- Now, open the policy for editing and then navigate to Computer Configuration > Policies > Windows Settings > Security Settings > System Services.
- Find the Windows Remote Service (WS-Management) service and then click on Select service startup mode and select Automatic.
- Now, go to Computer Policies > Preferences.
- Then click on Control Panel Settings and then on Services.
- We will need to create a new one, for this go to New > Service, type in WinRM and then click on Restart the service under the Recovery tab.
- Navigate to Computer Configuration > Policies > Administrative Templates > Windows Components > Windows Remote Management (WinRM) > WinRM Service.
- Find Allow remote management of servers through WinRM and double-click on it to open it.
- Click on Enabled and in the IPv4/IPv6 filter box, you can specify IP addresses or subnets on which WinRM connections should listen. If you want to allow WinRM connections on all IP addresses, leave * here.
- Now, we need to create a role in Windows Defender Firewall to allow standard WinRM connections on TCP/5985 and TCP/5986. To do this, go to Device Management > Policies > Windows Settings > Security Settings > Windows Defender Firewall with Advanced Security > Inbound Rules.
- Click on Pre-built rules for Windows remote management and then create the rule.
- Finally, go to Computer Configuration > Policies > Administrative Templates > Windows Components > Windows Remote Shell, find Allow Remote Shell Access and enable it.
- In this way, we have created a rule in GPO.
4] Force Windows to update GPO settingsthe
system as administrator and then run the following command.
gpupdate /force This will force the device to go through all the policies configured on the domain controller and apply them to the system.
If he wants to check whether WinRM is enabled or not; simply run WinRM by enumerating winrm/config/listener. It will give us listener information.
Resolve the Windows couldn’t connect to the ProfSVC service error with our easy troubleshooting guide. Get your system running smoothly again!
To learn how to fix Windows stuck in diagnostic boot mode here is a complete guide.
The day of the day we follow you step by step How to resolve the error in acquiring the final user license, Event ID 1014.
I will teach you How to fix the problem of emoji reactions not working in Teams
If you are wondering how to fix the problem of not having Internet after restarting the router, then here is a guide with the best answer.
Here in this post we show you step by step How to update the SSD firmware in Windows 11.
To learn how to uninstall Windows Security from Windows Server, here is a step-by-step guide.
Today in our guide we show you How to fix the Deployment Workbench crash when opening the WinPE Properties tab.
If you don't know how to solve the error DataFormat.Error: We could not convert to a number, here is a guide that will help you with it.
I will guide you in this documentary How to Enable USB-C Charging on a Laptop in Windows 11
I will teach you in this documentary How to install and configure Windows Deployment Services