Skip to main content

How to enable WinRM?

Introduction

On this page we will describe the steps to follow to enable WinRM with the domain controller Group Policy for WMI monitoring.

Step by Step

Step 1: Create a Group Policy object

Fist of all, you need to create a Group Policy object for your domain.

1. From the start menu, open Control Panel.

2. Select Administrative Tools.

3. Select Group Policy Management.

4. From the menu tree, click Domains > [your domain’s name].

5. FRight-click and select Create a GPO in this domain, and Link it here.

6. Input Enable WinRM.

7. Click OK.

Step 2: Enable WinRM services

Secondly, it is necessary to enable WinRm services to allow remote management of the server through WinRM. You must edit the Group Policy  you just created.

1. Right-click on the new Enable WinRM Group Policy Object and select Edit.

2. From the menu tree, click Computer Configuration > Policies > Administrative Templates: Policy definitions > Windows Components > Windows Remote Management (WinRM) > WinRM Service.

3.  Right-click on Allow remote server management through WinRM and click Edit.

4. Select Enabled to allow remote server management through WinRM.

5. Enter an asterisk (*) into each field.

6. Click OK.

Step 3: xxx

xxx

1. FFrom the Group Policy Management Editor window, click Preferences > Control Panel Settings > Services.

2. FRight-click on Services and select New > Service.

3. FSelect Automatic as the startup.

4. FEnter WinRM as the service name.

5. FSelect Start service as the service action.

6. FAll remaining details can stay on the defaults. Click OK.


Step 4: Allow for inbound remote administration I

Windows Firewall: Allow inbound remote administration exception

1. Using the Group Policy Management Editor, from the menu tree, click Computer Configuration > Policies > Administrative Templates: Policy definitions > Network > Network Connections > Windows Firewall > Domain Profile.


2. Right-click on Windows Firewall: Allow inbound remote administration exception and click Edit.

3. Select Enabled.

4. Enter the IP address into the field called Allow unsolicited incoming messages from these IP addresses. To allow messages from any IP address, enter an asterisk (*) into each field. You can also restrict unsolicited incoming messages from the Auvik virtual appliance only, by entering the appliances IP address. Otherwise enter a comma-separated list that contains a combination of IP addresses (10.1.100.0), subnet descriptions (10.2.3.0/24), or strings (localsubnet) for the set of devices that will have access for remote administration.

5. Click OK.

6. Right-click on Windows Firewall: Allow ICMP exception and click Edit.

7. FSelect Enabled.

8. Check Allow inbound echo request.

9. Click OK.

 

Step 4:5: Allow for inbound remote administration II

Windows Firewall: Allow ICMP exception

1. FFrom the menu tree, click Computer Configuration > Policies > Windows Settings > Security Settings > Windows Firewall with Advanced Security > Windows Firewall with Advanced Security > Inbound Rules.

2. FRight-click on Inbound Rules and click New Rule.

3. FSelect Predefined.

4. FSelect Windows Remote Management from the list of services.

5. FClick Next.

6. FUncheck the Public rule. Leave the Domain, Private rule checked.

7. F

Click

Step 5: 

1. FNext.

2.8. FLeaving the defaults, click Finish.

3.9. FRight-click on the new rule and click Properties.

4.10. FClick the Advanced tab.

11. Uncheck Private.

5.12. FClick OK.

6.13. FFrom the menu tree, click Computer Configuration > Policies > Windows Settings > Security Settings > Network List Manager Policies.

7.14. FRight-click Unidentified Networks and click Properties.

15. Change the location type from Not configured to Private.

16. Click OK.

17. Close the Local Group Policy Editor window.

 

Back to top