PowerShell is a framework from Microsoft. it’s heavily used in scripting and task automation. that is to say, PowerShell allows administrators to perform tasks on both local and remote Windows systems as well. hence, This topic aims to enable remote PowerShell execution for Windows by configuring winRM.
Check how to configure Ansible to manage windows.
Keep in mind that Ansible require
- Ansible supports Windows 2008 and above. Though, configuration for versions earlier than Windows 2008 R2 is troublesome. for that, upgrade to at least win2008R2.
- Ansible requires PowerShell version 3.0 and .NET Framework 4.0 or newer to function because most Ansible modules for windows require at least PowerShell 3.0 or higher to work properly, and Windows 2008 R2 has version 3.0.
- A WinRM listener should be created and activated.
- You need a centralized Windows privileged user (Administrator@Domain ) if you are going to manage multiple windows servers. It’s a hassle if every server has its distinct username or password.
Configure Windows to accept remote commands
If you have to use older versions of windows please refer to Ansible document to scripts which will allow you to upgrade your PowerShell.
On Windows hosts, you need to enable the Remote Management feature which is a built-in feature but it’s not active by default. Windows Remote Management (WinRM) is the Microsoft implementation of the WS-Management protocol which provides a secure way to communicate with local and remote computers using web services.
You have two easy ways to enable WinRM
One: Enable winRM using Ansible team’s script.
Ansible team provides a script that will configure WinRM. So, to execute that script, follow these steps.
First, Download Ansible PowerShell documentation script from here “Right click and save as ConfigureRemotingForAnsible.ps1”.
Then, allow running unsigned scripts on your local computer and signed scripts from remote, by executing the following command.
set-executionpolicy remotesigned
Next, open a PowerShell as Administrator console
Finally, execute the downloaded script ConfigureRemotingForAnsible.ps1 . the output should be like the following screenshot
Two: use SolarWinds Remote Execution Enabler for PowerShell tool.
That tool is a free desktop app that will configure WinRM on local and remote servers In just one step, in addition, It can do bulk configuration across multiple hosts, also, it will automatically generate and distributes certificates for encrypted remote PowerShell execution.
First, download it from the SolarWinds website. As the installation is simple, then, in a few clicks and finish the installation.
Next, Execute the application from the start menu.
Finally, configure the server, by following these steps:
- Enter Server IP
- Enter Administrator’s Password.
- Click on Start Configuration