Select Define the policy setting and Automatic :Ĭlick Apply then OK. ![]() Next, go right-click Computer Configuration > Policies > Windows Settings > Security Settings > System Services > Windows Remote Management (WS-Management) Next go to the Advanced tab and unselect all profiles except Domain : Under the scope, remove any settings and click Add to add the IP address of our Domain Controller where we will be initiating the DSC pushes (and PSRemoting) from: Right-click the rule and select Properties : Let’s restrict the connection to our Domain Controller and remove the private profile altogether. Right now they allow a connection from any IP address on the domain and private profiles. Now let’s make these rules a little more secure. Select Predefined > Windows Remote Management :Ĭlick Next until you get to the Predefined Rules page, then deselect the public rule:Ĭlick Next until you finish the wizard. Navigate to:Ĭomputer Configuration > Windows Settings > Security Settings > Windows Firewall WIth Advanced Security > Windows Firewall WIth Advanced Security > Inbound Rules Enter the IP address of your primary domain controller (or wherever you want to push your DSC configurations from): Open that GPO and navigate to the following setting:Ĭomputer Cponfiguration > Administrative Templates > Windows Components > Windows Remote Management (RM) > WinRM Service > Allow remote server management through WinRM ![]() Log in to your Domain Controller, open Group Policy Management and create a new GPO at the root of your domain (or where your target computers are located) A more efficient way would be to create a Group Policy Object that will enable PSRemoting.
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |