Sunday, 21 August 2016

Enable PowerShell Remoting Between Azure VMs in a Workgroup

Following is a guideline on setting up PowerShell remoting in an azure VM so that another azure VM in same Virtual Network, is able to execute PowerShell commands on the remoting enabled virtual machine. This will allow to setup as a test farm to run with visual studio team service or with TFS (will be discussed in a future post).

1. Assign internal static IP address for the virtual machine(s). You can do this by going to Virtual Machine setting in Azure Portal.image

Then select the network interface, IP Configurationsimage

Set the assignment to static. This will make the internal IP unchanged, when the machine is restarted.image

Doing it with PowerShell explained here.

2. Execute the command to enable PowerShell remoting in the virtual machine. (run PS as administrator)

Enable-PSRemoting

This will throw an error which is bit of misleading and not providing enough information. If your virtual machine is not in a domain this might occur. More details discussed in below link.

https://4sysops.com/archives/enable-powershell-remoting-on-a-standalone-workgroup-computer/

This can be fixed by running the command with –SkipNetworkProfileCheck switch.

Enable-PSRemoting –SkipNetworkProfileCheckimage_thumb38

3. From another virtual machine in the same virtual network in azure, you should be able to enter into a remote PowerShell session, and execute commands in the remote machine. But again this fails with another error.

Enter-PSSession –ComputerName <remotemachinenameorip> –Credential <remotemachineadminuser>

Enter-PSSession -ComputerName do-tf-tc02 -Credential do-tf-tc02\doadminimage_thumb[4][1]

Connecting to remote server do-tf-tc02 failed with the following error message : The WinRM client cannot process the request. If the authentication scheme is different from Kerberos, or if the client computer is not joined to a domain, then HTTPS transport must be used or the destination machine must be added to the TrustedHosts configuration setting. Use winrm.cmd to configure TrustedHosts. Note that computers in the TrustedHosts list might not be authenticated. You can get more information about that by running the following command: winrm help config. For more information, see the about_Remote_Troubleshooting Help

4. To fix this issue, add remote machine name to trusted hosts in the client of remote PS.

Set-Item -Path WSMan:\localhost\Client\TrustedHosts –Value <remotemachinenameorip>

Set-Item -Path WSMan:\localhost\Client\TrustedHosts -Value do-tf-tc02image_thumb[5][1]

With this PS session can be obtained.image_thumb[9][5]

image_thumb[11][1]

5. Test the PS remoting. Create directory to verify the session is working.image_thumb[13][1]

Folder get created in the remote machine.image_thumb[19]

No comments: