Remote PowerShell in Azure IAAS Virtual Machines
We can configure remote PowerShell feature while spinning up a new IAAS (Infrastructure as a service) VM.
This enables us to execute PS commands remotely on Azure IAAS VM from our local machine.
This option is available when you create a virtual machine using the "From Gallery" option on the management portal as shown below :
The last step of the wizard displays the option of PowerShell as shown below :
A default firewall endpoint will be created for the deployment.
This enables you to have the VM immediately configured and ready to use without ever having to RDP into the instance.
Start a new Powershell console on your local machine and use the Enter-PSSessioncommand as shown below :
Enter-PSSession –ComputerName <server name>.cloudapp.net -UseSSL -Credential(Get-Credential)
You will get the below error when you try to connect to the IAAS VM remotely via PS :
This is because Remote PS uses HTTPS and the certificate used for your Virtual Machine is a self signed certificate.
To solve this open your browser and navigate to your VM and the public endpoint for Remote PS.
Eg : https://servicename.cloudapp.net:5986
We don't find the certificate button on IE, hence used chrome. Install the certificate under “Current User” and then “Trusted root authority”.
Go to Details tab -> Copy to file -> save the file on your machine.
Double click the file -> Install it under "Current User" -> "Trusted Root Certification Authorities"
After, you will be able to connect to the Azure VM via PS as shown below :
==============================================================================================================
Azure VM is up and running, but RDP fails - Try the below work around which uses remote powershell as explained.
> uvnc is a 3rd party tool : Download and save the exe file on your machine using the below link :
> https://www.uvnc.com/component/jdownloads/finish/4-setup/65-setup-x64-119x/0.html
> Create a txt file with the below content and name it as setup.txt -
[Setup]
Lang=en
Dir=C:\Program Files\uvnc bvba\UltraVNC
Group=UltraVNC
NoIcons=0
SetupType=custom
Components=ultravnc_server_s
Tasks=installservice,startservice
> Please find the configuration file "UltraVNC.ini" file attached.
> Upload the 3 files to your storage account and mark the container as public.
> Add 2 endpoint for ports 5800 and 5900 for the VM on the portal.
Execute the below PS commands in sequence -
$source = "https://<Your storage account name>.blob.core.windows.net/<Container name>/UltraVNC_1_1_9_X64_Setup.exe"
$dest = "C:\Users\<User name>\ultravnc.exe"
$wc = New-Object System.Net.WebClient
$wc.DownloadFile($source,$dest)
$source2 = "https://<Your storage account name>.blob.core.windows.net/<Container name>/setup.txt"
$dest2 = "C:\Users\<User name>\setup.txt"
$wc = New-Object System.Net.WebClient
$wc.DownloadFile($source2,$dest2)
cd..
.\UltraVNC.exe /silent/loadinf="setup.txt"
$source1 = "https://<Your storage account name>..blob.core.windows.net/<Container name>/UltraVNC.ini"
$dest1 = "C:\Program Files\uvnc bvba\UltraVNC\UltraVNC.ini"
$wc = New-Object System.Net.WebClient
$wc.DownloadFile($source1,$dest1)
netsh advfirewall firewall add rule name='VNC5800' dir=in protocol=TCP localport=5800 action=allow profile=any
netsh advfirewall firewall add rule name='VNC5900' dir=in protocol=TCP localport=5900 action=allow profile=any
net stop uvnc_service
net start uvnc_service
Install “UltraVNC Viewer” on your local machine.
Open the viewer tool and provide the VIP address in the text box.
Type the password as “azurevnc”. You will be connected to the VM.
Click on the left hand top button “Ctrl + Alt + Del” and type the RDP password.
Sample PS screenshot -
NOTE : This will work only if the VM is up and running, but RDP fails.
Telnet to 5986 must be successful – This will allow us to install the uvnc server tool on the VM using PS remoting.
There are some known issues with uvnc tool : https://www.uvnc.com/.
There is no license required to use this tool.