Users Guide
4. Ajoutez la règle de pare-feu :
New-NetFirewallRule -DisplayName "Windows Remote Management (HTTPS-In)" -Name "Windows
Remote Management (HTTPS-In)" -Profile Any -LocalPort 5986 -Protocol TCP
5. Vérifiez les paramètres en exécutant les éléments suivants :
C:\Windows\system32>winrm g winrm/config
Config
MaxEnvelopeSizekb = 500
MaxTimeoutms = 60000
MaxBatchItems = 32000
MaxProviderRequests = 4294967295
Client
NetworkDelayms = 5000
URLPrefix = wsman
AllowUnencrypted = false
Auth
Basic = true
Digest = true
Kerberos = true
Negotiate = true
Certificate = true
CredSSP = false
DefaultPorts
HTTP = 5985
HTTPS = 5986
TrustedHosts
Service
RootSDDL = O:NSG:BAD:P(A;;GA;;;BA)(A;;GR;;;IU)S:P(AU;FA;GA;;;WD)(AU;SA;GXGW;;;WD)
MaxConcurrentOperations = 4294967295
MaxConcurrentOperationsPerUser = 1500
EnumerationTimeoutms = 240000
MaxConnections = 300
MaxPacketRetrievalTimeSeconds = 120
AllowUnencrypted = false
Auth
Basic = true
Kerberos = true
Negotiate = true
Certificate = false
CredSSP = false
CbtHardeningLevel = Relaxed
DefaultPorts
HTTP = 5985
HTTPS = 5986
IPv4Filter = *
IPv6Filter = *
EnableCompatibilityHttpListener = false
EnableCompatibilityHttpsListener = true
CertificateThumbprint = 02554D694FD06BB3C765E5868EFB59B7D786ED67
AllowRemoteAccess = true
Winrs
AllowRemoteShellAccess = true
IdleTimeout = 7200000
MaxConcurrentUsers = 2147483647
MaxShellRunTime = 2147483647
MaxProcessesPerShell = 2147483647
MaxMemoryPerShellMB = 2147483647
MaxShellsPerUser = 2147483647
REMARQUE :
Si service-basic-authentication est false, exécutez la commande suivante :
winrm set winrm/config/service/auth @{Basic="true"}
REMARQUE : Dans la configuration WinRM, activez le protocole HTTPS en exécutant la commande :
winrm set winrm/config/service @{EnableCompatibilityHttpsListener="true"}
Détection de périphériques pour la surveillance ou la gestion 75