Configure Remote PowerShell in SharePoint 2010

I was working on a requirement to run a SP 2010 powershell script from a remote machine on network. Yes the answer is PowerShell 2.0 which uses WIN-RM for remote powershell execution. Powershell 2.0 uses the concepts of WIN-RM which involves piping the contents of the remote call and running it on the remote server.

Setup your Remote Server
There are a few steps you have to take on your server to initialize and set it up running for remoting. once.
First, you need to run the following command on your server --- Enable-PSRemoting

Next you need to let powershell know that your server machine or remote machine will act as the server.

Enable-WSmanCredSSP -Role Server

Setup your Client Computer
There are also a few one time setup steps you need to take on your client computer. You only have to do this once. The first thing to do, if you are going to use the logged in user’s credentials to make a remote session in powershell, is to enable client credentials delegation. This can be achieved by changing the group policy.
First, edit group policy on your client computer to all credential delegation. Using gpedit.msc, enable both of the following (Under Local Computer Policy--> Computer Configuration--> Administrative Templates--> System--> Credentials Delegation):

  • Allow Delegating Fresh Credentials
  • Allow Delegating Fresh Credentials with NTLM-only Server Authentication

Note: In case you are going to explicitly specify the credentials, you can skip the above step.

Second, run the following command
Enable-PSRemoting

Third, enable WSMan CredSSP with the following command:
Enable-WSManCredSSP -Role Client –DelegateComputer “NameOfServer”

Once you have configured remote powershell, now you are all set to run remote commands.

Create and enter a remote session of Windows PowerShell
If your current user on client machine has permission to the SharePoint farm and Windows PowerShell on the remote box, you can use Enter-PSSession to create and enter the remote session.
For example, connecting to machine SpServer…

Enter-PSSession -ComputerName SPServer
If it works, the command prompt will be changed to [SPServer]: PS C:\Users\Administrator\>.
The session will be closed when you type exit or Exit-PSSession.

To connect to a machine with CredSSP and a different credential, you can use
Enter-PSSession -ComputerName SPServer -Authentication CredSSP –Credential domain\username
This will open up a dialogue for you to type in password. Type in the password and press enter and your remote session will be created.

Store and use credentials for scripting

First, use the following command to covert password from keyboard input to a secure string in a text file.

 Read-Host -AsSecureString | ConvertFrom-SecureString | out-file C:\crd-sharepoint.txt
 As soon as you type the command, start typing the password.

snap0099[5]

When you need to create a credential object, read this password (the secure string) from the file and create the credential with the following command:

  $pwd = Get-Content C:\crd-sharepoint.txt | ConvertTo-SecureString

then create the credential (replace #### with your domain\username):

  $crd = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList "####",$pwd

Then you will be able to use this credential in the command line without any dialogue.

  $session = New-PSSession -computername "SPServer" -Authentication CredSSP -Credential $crd

Start Remoting on you Client Computer
Now your client computer is ready to actually create the session and import the SharePoint commands from the Server.

The next command adds the SharePoint PowerShell commands to your session.
Invoke-Command -Session $session -ScriptBlock{Add-PsSnapin Microsoft.SharePoint.PowerShell}

Note, that at this point, you can run whatever administrative PowerShell commands you need to run by using the Invoke-Command -Session $session -ScriptBlock{} syntax.

Importing remote commands into local session

Let's see how one can import a remote command into a local session. First – let’s ask Import-PSSession cmdlet to look in the remote session $s, take all the remote commands matching "*-SPFarm" wildcard, add a "Remote" prefix to their noun, and then present them to me as if they were local commands:

Import-PSSession -Session $session -CommandName *-SPFarm -Prefix Remote

So, now we can run Get-RemoteSPFarm