3
votes

I've created a new VM in Windows Azure to use to act as a host to learn a bit of Powershell Remoting. After the VM was created I RDP'd onto the box and enabled remoting via the following command:

 Enable-PSRemoting

I confirmed both prompts with 'a' replies and it finished without errors. If I run

  Get-PSSessionConfiguration

I can see that three endpoints (?) have been set up. In the Azure portal I can see that the Powershell port is open - both 5986 is open as a public and private port.

I've added the public IP address of the machine to my hosts file, but when I try the following:

  Enter-PSSession -ComputerName AZURESERVERNAME

I get an error:

Enter-PSSession : Connecting to remote server AZURESERVERNAME failed with the following error message : A specified logon session does not exist. It may already have been terminated. For more information, see the about_Remote_Troubleshooting Help topic. At line:1 char:1 + Enter-PSSession -ComputerName AZURESERVERNAME + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : InvalidArgument: (AZURESERVERNAME:String) [Enter-PSSession], PSRemotingTransportException + FullyQualifiedErrorId : CreateRemoteRunspaceFailed

I've also tried setting all hosts as trused as follows:

  cd wsman::localhost\client
  Set-Item .\TrustedHosts *
  Restart-Service WinRM

But that doesn't seemed to have helped either.

Is there anything else I need to do to get this working?

Thanks

2

2 Answers

2
votes

OK, figured this out thanks to the awesome Secrets of Powershell Remoting ebook. Looks like you must add the machine directly to the TrustedHosts via IP address:

Set-Item -Path WSMan:\localhost\Client\TrustedHosts -Value '11.22.33.44'

Then use that IP address and specify credentials in the Enter-PSSession:

Enter-PSSession -ComputerName 11.22.33.44 -Credential 11.22.33.44\username

You should then get a prompt for your password and voila! :)

1
votes

I've successfully created a SharePoint farm in Azure using the scripts from Automated-Deployment-of-SharePoint-2013-with-Windows-Azure-PowerShell

On that page there are steps that configure PowerShell to work with Azure

Set-ExecutionPolicy ByPass 

Enable-PSRemoting 

Enable-WSManCredSSP -role client -delegatecomputer "*.cloudapp.net"  

$regKey = "HKLM:\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults\AllowFreshCredentialsDomain" 
Set-ItemProperty $regKey -Name WSMan -Value "WSMAN/*.cloudapp.net"  

Get-AzureSubscription -ExtendedDetails 

You may also need to do this

Run GPEdit.msc You must also enable delegating of fresh credentials using group policy editor on your client machine. Computer Configuration -> Administrative Templates -> System -> Credentials Delegation and then change the state of "Allow Delegating Fresh Credentials with NTLM-only server authentication" to "Enabled." Its default state will say, "Not configured."

In the Add Servers sections add the following.

WSMAN/*.cloudapp.net