WinRM

Windows Remote Management (WinRM) is the Microsoft implementation of the WS-Management protocol, which is a standard Simple Object Access Protocol (SOAP)-based, firewall-friendly protocol that allows interoperation between hardware and operating systems from different vendors.

The WS-Management protocol specification provides a common way for systems to access and exchange management information across an IT infrastructure. WinRM and the Intelligent Platform Management Interface (IPMI) standard, along with the Event Collector service are components of the set of features known as Hardware management.

How to Configure WinRM

Before we give users and/or groups permission to access Active Directory (AD) with WinRM, we need to configure the firewall. By default, WinRM uses port 5985 for HTTP and port 5986 for HTTPS.

To do this, open Windows Defender Firewall with Advanced Security. You can launch it by running wf.msc. Once open, click on Inbound Rules on the left, then click the New Rule... button in the Actions panel on the right.

A new window will pop up. Select the Port option and click Next. Enter the port numbers and click Next again. The connection should be enabled by default—click Next. You can modify when this rule should apply; for simplicity, you can enable all options and click Next. Give the rule a meaningful name, such as Allow WinRM, and click Finish.

By default, the Administrator user is allowed to manage the server with WinRM. However, to give other users and/or groups the necessary permissions, you need to add them to the Remote Management Users group.

Note: It is highly recommended to assign permissions to a Security Group rather than to individual users when granting WinRM access to the server.

Written by mto