#Setup a New Microsoft Windows Server 2019 Core Installation to Accept Incoming PowerShell Remoting connections in a Workgroup
#You will not need to do this if you perform your PowerShell tasks directly from a domain connected computer. You need this if you have virtual machines or headless devices… or just plain lazy. Also not everyone has a domain controller and sometimes even a Hyper-V host computer will remain in a workgroup since it might host the domain controller and it is off topic… I work in PowerShell ISE for the most part and connect to where ever I need to.
#This is the first steps after a fresh clean install of Microsoft Windows Server 2019 Core to allow PowerShell Remoting and WSMan.
#Press Ctrl-Alt-Delete to begin configuring Microsoft Windows Server 2019 Core
#Press Enter to select OK to change password
#Set password for .\administrator
#This initial password is for the local administrator account .\administrator is also a way to access this account. It is not part of active directory and therefore doesn’t fall under the Active Directory password policy. Do not make it something easy to guess. The standard policy require 8 characters minimum with upper and lower case letters, numbers and symbols. I suggest you follow that as this password will be passed to your initial domain administrator account, where it will fail to work, so it is just best to avoid issues.
#This is cmd.exe start screen for Microsoft Windows Server 2019 Core. Type sconfig to bring up the cheater menu.
#Type powershell and press enter to start a PowerShell session directly in Microsoft Windows Server 2019 Core cmd.exe prompt.
#Type Enable-PSRemoting -Force to enable PowerShell Remoting. You can use -SkipNetworkProfileCheck to allow management requests on a network Microsoft Windows has categorized as Public such as Hotspots and new unrecognized networks.
Enable-PSRemoting -SkipNetworkProfileCheck -Force
#This will show you what computers you “trust” to connect remotely via PowerShell Remote, no remote hosts are allowed by default.
Get-Item WSMan:\localhost\Client\TrustedHosts
#This creates a list of computers you “trust” so that you wish to make outgoing PowerShell Remote connections. It doesn’t need a value if you don’t plan to connect to other computers from this new server and/or just use a management PC.
#This is not a list of computers that are allowed to use Enter-PSSession to connect to the new server and most likely you need to run this command on a Windows 10 management PC instead. You would include either the IP address of the new server, the computer name of the new server or ‘*’ if you want to be able to connect to anywhere.
Get-Item WSMan:\localhost\Client\TrustedHosts|Set-Item -Value '10.4.0.2,BEAKER'
#The code below will add entries to the TrustedHosts rather than overwrite them:
# Retrieve the current TrustedHosts value $currentTrustedHosts = (Get-Item WSMan:\localhost\Client\TrustedHosts).Value # Define the new entries you want to add $newEntries = "KERMIT,10.10.10.20" # Check if currentTrustedHosts is empty and append new entries if ([string]::IsNullOrEmpty($currentTrustedHosts)) { $updatedTrustedHosts = $newEntries } else { $updatedTrustedHosts = "$currentTrustedHosts,$newEntries" } # Set the updated TrustedHosts value Set-Item WSMan:\localhost\Client\TrustedHosts -Value $updatedTrustedHosts
#You can use either the server IP address or computer name if you need to perform this step. I choose to use both so I avoid any issues when connecting. You need to type y and press Enter to confirm. A value of ‘*’ allows the server to connect to any remote host.
#Now you can use Enter-PSSession to connect to your Microsoft Windows Sever 2019 Core install to configure it using PowerShell or RSAT tools.
#At this point you probably do not have Active Directory installed so you would use the command below to connect to the server. I use PowerShell ISE to open my list of common commands and just run them remotely from my desktop computer. After the -Cn is whatever IP address or computer name you added to WSMan:\localhost\Client\TrustedHosts
Enter-PSSession -Cn 10.4.0.2 -Credential administrator
#If you are running Microsoft Windows 2019 Core on Hyper-V then you can connect the way shown above from anywhere. You could connect the way below, from the Hyper-V host, if that isn’t also a core installation. Be aware that connecting -VMName Vs. -ComputerName can cause some commands to behave differently or not at all.
Enter-PSSession -VMName Server2019 -Credential administrator