/
WinRM Troubleshooting Guide

WinRM Troubleshooting Guide

Owned by Terry White
Apr 11, 2024
3 min read

ConfigOS leverages PowerShell to perform scans and remediations. PowerShell uses WinRM to execute commands on remote systems. This guide walks through steps for enabling, verifying, and testing WinRM.

Requirements

Ports required for scanning the ConfigOS PowerShell controls.

Port Number

Port assignment

5985

WinRM (HTTP)

5986

WinRM (HTTPS)

Steps for enabling and verifying WinRM:

  1. To start WinRM and load the default configuration, run the following command in an elevated PowerShell window.

winrm quickconfig
image-20240314-173805.png

  1. To verify whether a listener is running, and which ports are being used, run the following command in an elevated PowerShell window.

winrm enumerate winrm/config/listener
image-20240314-174314.png

  1. To verify the WinRM configuration, run the following command in an elevated PowerShell window.

winrm get winrm/config/service
image-20240314-174112.png

 

Enable PowerShell Remoting:

PowerShell Remoting must be enabled on both the Command Center host and the target endpoint. To enable PowerShell Remoting, run the following command in an elevated PowerShell window:

Enable-PSRemoting -Confirm
image-20240314-181252.png
Invoke-Command {(Get-CimInstance -ClassName Win32_OperatingSystem).Version} -ComputerName

Troubleshooting

Steps to test WinRM remote connectivity:

Verify connectivity between Command Center and the remote endpoint by running the following command in an elevated PowerShell window on the Command Center host. (“server01” should be replaced with the endpoint’s hostname)

Test-WSMan -ComputerName "server01"

Expected result:

wsmid : http://schemas.dmtf.org/wbem/wsman/identity/1/wsmanidentity.xsd
ProtocolVersion : http://schemas.dmtf.org/wbem/wsman/1/wsman.xsd
ProductVendor : Microsoft Corporation
ProductVersion : OS: 0.0.0 SP: 0.0 Stack: 3.0

 

Scan Result Error:

Could not scan because PowerShell is not properly configured - This is a general error message found in the scan results. Check the process logs for a more detailed error.

Process Log Errors:

Unable to connect to PowerShell. Unable to execute PowerShell commands on remote host…..failed with the following error message :

  • WinRM cannot complete the operation. Verify that the specified computer name is valid, that the computer is accessible over the network, and that a firewall exception for the WinRM service is enabled and allows access from this computer. SOLUTION: Confirm the WinRM service is running (Guide steps 1, 2, and 3)

  • The user name or password is incorrect. SOLUTION: Use the domain name before the username (domain\username) in the endpoint configuration section in Command Center.

 

Related content