BTNHD Watch on YouTube

Enable PowerShell and WinRM via GPO!

3 min read 16 days ago
Published on May 21, 2025 This response is partially generated with the help of AI. It may contain inaccuracies.

Table of Contents

Introduction

This tutorial provides a step-by-step guide on how to enable PowerShell and Windows Remote Management (WinRM) through Group Policy Objects (GPO). Configuring these settings allows for streamlined management and automation across multiple Windows devices in a network. This guide is essential for system administrators looking to enhance their remote management capabilities.

Step 1: Open Group Policy Management

  1. Press the Windows key and type "Group Policy Management."
  2. Select the Group Policy Management console from the search results.

Step 2: Create New GPO

  1. In the Group Policy Management console, navigate to the Organizational Unit (OU) where you want to apply the policy.
  2. Right-click on the OU and select "Create a GPO in this domain, and Link it here."
  3. Name the new GPO (e.g., "Enable PowerShell and WinRM").

Step 3: Edit New GPO

  1. Right-click on the newly created GPO and select "Edit."
  2. This opens the Group Policy Management Editor.

Step 4: Define WS-Management Services

  1. In the Group Policy Management Editor, navigate to

    • Computer Configuration
    • Policies
    • Administrative Templates
    • Windows Components
    • Windows Remote Management (WinRM)
    • WinRM Service
  2. Double-click on "Allow remote server management through WinRM."
  3. Set it to "Enabled" and specify the appropriate IPv4 addresses or leave it as default to allow all.

Step 5: Configure Windows Firewall Advanced Security

  1. Navigate to

    • Computer Configuration
    • Policies
    • Windows Settings
    • Security Settings
    • Windows Firewall with Advanced Security

  2. Create a new inbound rule

    • Right-click on "Inbound Rules" and select "New Rule."
    • Choose "Predefined" and select "Windows Remote Management."
    • Follow the prompts to finish the setup.

Step 6: Configure Windows PowerShell Settings

  1. Within the GPO editor, go to

    • Computer Configuration
    • Policies
    • Administrative Templates
    • Windows Components
    • Windows PowerShell
  2. Double-click on "Turn on Script Execution."
  3. Set it to "Enabled" and select "Allow all scripts."

Step 7: Configure Windows Remote Management Settings

  1. Navigate back to

    • Computer Configuration
    • Policies
    • Administrative Templates
    • Windows Components
    • Windows Remote Management (WinRM)
  2. Double-click on "Allow WinRM service to accept requests from the network."
  3. Set it to "Enabled."

Step 8: Configure WinRM Client Settings

  1. Still in the WinRM section, look for "Allow automatic configuration of listeners."
  2. Set it to "Enabled" to automatically configure WinRM listeners.

Step 9: Configure WinRM Service Settings

  1. Under the WinRM Service section, find "WinRM Service."
  2. Double-click to open the settings and ensure it is configured to start automatically.

Step 10: Close New Group Policy

  1. After making all necessary configurations, close the Group Policy Management Editor.
  2. Ensure all settings are saved.

Step 11: Link New GPO to OU

  1. Back in the Group Policy Management console, right-click on the GPO you created.
  2. Select "Link an Existing GPO" if not already linked, or ensure it is visible under the intended OU.

Conclusion

By following these steps, you have successfully enabled PowerShell and WinRM via Group Policy. These configurations will allow for enhanced remote management capabilities across your network. As a next step, consider testing the settings on a few devices to ensure everything is functioning as expected before deploying widely.

Table of Contents

Recent