Author Unknown

First let’s take an existing domain joined Windows 7 client that isn’t configured for Windows Remote Management. When we open a command prompt and enter the command:

WinRM enumerate winrm/config/listener


If we wanted to just configure a single system, we could just run the command winrm quickconfig manually to configure WinRM, but if we want to do this on many managed systems, Group Policy is definitely the way to go. So we are going to create a new GPO and under Computer Configuration / Policies / Windows Components / Windows Remote Management (WinRM) / WinRM Service we enable the following settings:

  • Allow automatic configuration of listeners
  • Allow Basic Authentication

Then under Computer Configuration / Policies / Windows Components / Windows Remote Shell we enable

  • Allow Remote Shell Access

Finally we must also configure the Windows Remote Service to Start Automatically. This is done under Computer Configuration / Windows Settings / Security Settings / System Services.

Once the WinRM configuration settings are applied via Group Policy open a command prompt on the client system and enter the following command:

WinRM enumerate winrm/config/listener


The Service is now set to Start Automatically. In fact it’s set to delayed start; this is because by default the DelayedAutoStart key under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\WinRM is already set to 1.

Now that we have enabled WinRM via Group Policy we can easily manage a system remotely using the WinRS command. The following command opens a command prompt on a remote system.

winrs –r:computer01 cmd

Once a remote connection is established we can just type any command as if we were working on a local computer. Note that you must have WinRM enabled on your management station as well.