Configuring Windows Powershell Web Access

Windows PowerShell Web Access, first introduced in Windows Server® 2012, acts as a Windows PowerShell gateway, providing a web-based Windows PowerShell console that is targeted at a remote computer. To configure this feature we need to install WindowsPowershellWebAccess component and create PSWA application with security rule for it.

My demo: Server 2012 Datacenter named as Server1 and Windows 8 for remote connection

From client OS I create new remote powershell session to Server1:

New-PsSession Server1

Enter to created PS session:

Enter-PsSession 2

And install PWA feature:

Install-WindowsFeature WindowsPowerShellWebAccess -IncludeManagementTools -Verbose

pwa_1

Then we need to create app for PSWA:

Install-PswaWebApplication -UseTestCertificate -Verbose

pwa_2

More details: http://technet.microsoft.com/en-us/library/jj592894.aspx

By default, there are no rules for user authorization , so we have to create one:

Add-PswaAuthorizationRule -ComputerGroupName * -configurationName * -UserGroupName * -Verbose

*” allows all users access to all endpoints on all computers. This essentially turns off authorization rules (just for test)

More details: http://technet.microsoft.com/en-us/library/jj592890.aspx

Open your browser and type https://servernamewherepswaisinstalled/pswa . In my case, https://server1/pswa

pwa_3

Enter your credentials, computer name and sign in

pwa_7

There are no many options in PWA. The most interesting is ability to SAVE your session.

For example, let’s create alias $upd = Get-Service wua* in the current session

pwa_4

Then click on SAVE button to sign out without losing our alias $upd

pwa_5

Sign in again to PWA and notice that PWA saved our session as PSWA1 .

We can create new session or continue to work in previously created session (try to use $upd. it works)

pwa_6

TIP: TAB works in PWA too. Use it as usual.

More details about configuring PWA: http://technet.microsoft.com/en-gb/library/hh831611.aspx

Fix:The BPA cannot connect to VMM Management server

Hello there!

Everyone knows (I hope so) about Configuration Analyzer for System Center SP1.Previously, we had to download and use separate BPA analyzer for each SC component.But now, it’s the single model for testing System Center configuration. According with technet, main requirements are: Microsoft Baseline Configuration Analyzer 2.0 and operation system required for SC SP1. In my opinion, requirements are not accurate.

After successful installation BCA 2.0 and CA fo SC SP1 you can receive following errors:

The BPA cannot connect to the VMM management server __. Please start the service and try again

vmm_bpa_3

Cmdlet Invoke-MbcaModel reported warning …. cannot be loaded because running scripts is disabled on this system.

vmm_bpa_1

To fix errors you should run cmdlet Set-Execution:

Set-ExecutionPolicy -ExecutionPolicy RemoteSigned

vmm_bpa_2

To prevent errors during analyzing remote servers:

Enable-PsRemoting -Force

So, additional requirements :

  • your system able to  receive Windows PowerShell remote commands that are sent by using the WS-Management
  • you can run downloaded powershell scripts by trusted publisher