Enable-PSRemoting返回错误无法检查防火墙的状态

时间:2018-09-18 00:49:32

标签: windows powershell powershell-v4.0 powershell-remoting

运行命令Enable-PSRemoting时,出现以下错误:

PS C:\ Windows \ system32> Enable-PSRemoting

WinRM Quick Configuration
Running command "Set-WSManQuickConfig" to enable remote management of this computer by using the Windows Remote
Management (WinRM) service.
 This includes:
    1. Starting or restarting (if already started) the WinRM service
    2. Setting the WinRM service startup type to Automatic
    3. Creating a listener to accept requests on any IP address
    4. Enabling Windows Firewall inbound rule exceptions for WS-Management traffic (for http only).

Do you want to continue?
[Y] Yes  [A] Yes to All  [N] No  [L] No to All  [S] Suspend  [?] Help (default is "Y"): a
WinRM is already set up to receive requests on this computer.
Set-WSManQuickConfig : <f:WSManFault xmlns:f="http://schemas.microsoft.com/wbem/wsman/1/wsmanfault" Code="2"
Machine="localhost"><f:Message><f:ProviderFault provider="Config provider"
path="%systemroot%\system32\WsmSvc.dll"><f:WSManFault xmlns:f="http://schemas.microsoft.com/wbem/wsman/1/wsmanfault"
Code="2" Machine="my_laptop.ad.mydomain.com"><f:Message>Unable to check the status of the firewall.
</f:Message></f:WSManFault></f:ProviderFault></f:Message></f:WSManFault>
At line:69 char:17
+                 Set-WSManQuickConfig -force
+                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (:) [Set-WSManQuickConfig], InvalidOperationException
    + FullyQualifiedErrorId : WsManError,Microsoft.WSMan.Management.SetWSManQuickConfigCommand

根据我的发现,应该在PC位于公共网络上时发生此错误。该PC不在公共网络上,而是已加入域。运行Get-NetConnectionProfile确认DomainAuthenticated网络状态。如何解决此问题,并使Enable-PSRemoting正常运行?

我有一台运行Powershell 4.0的Windows 8 PC。

1 个答案:

答案 0 :(得分:1)

设置PSRemoting的最佳方法是通过组策略。您将需要配置以下设置。

设置侦听器:

  /计算机配置
    /管理模板
    / Windows组件
    / Windows远程管理(WinRM)
    / WinRM服务
        /允许通过WinRM进行远程服务器管理
            -已启用
            -IPv4过滤器:*
 

设置防火墙规则:

  /计算机配置
    / WindowsSettings
    /安全设定
    / Windows防火墙具有高级安全性
        /入境规则
            -类型:端口
            -协议:TCP
            港口:5985
            -允许连接
            -个人资料:域
        /出站规则
            -类型:端口
            -协议:TCP
            港口:5985
            -允许连接
            -个人资料:域
 

设置服务:

  /计算机配置
    / WindowsSettings
    /安全设定
        /系统服务
        / Windows远程管理(WS-Management)
            -启动模式:自动
            >定义此策略设置
                -服务名称:WinRM
                -服务动作:启动服务
                -设置所有“恢复”标签操作:重新启动服务
 

配置策略后,WinRM应该处于工作状态。您可以使用以下方法验证远程处理是否有效:

 #这将针对FQDN进行测试
测试WSMan-计算机名[Net.Dns] :: GetHostEntry($ Env:COMPUTERNAME).HostName