ge-aerospace/powershell-scripts
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
powershell-scripts/winrm-https/deployment-package/QUICK-CONNECTION-REFERENCE.txt
cproudlock 62c0c7bb06 Initial commit: Organized PowerShell scripts for ShopDB asset collection 
Structure:
- asset-collection/: Local PC data collection scripts
- remote-execution/: WinRM remote execution scripts
- setup-utilities/: Configuration and testing utilities
- registry-backup/: GE registry backup scripts
- winrm-https/: WinRM HTTPS certificate setup
- docs/: Complete documentation

Each folder includes a README with detailed documentation.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2025-12-10 10:57:54 -05:00

275 lines
9.2 KiB
Plaintext
Raw Permalink Blame History

================================================================================
QUICK CONNECTION REFERENCE - WinRM HTTPS
================================================================================
HOW TO CONNECT TO REMOTE PC FROM YOUR COMPUTER
================================================================================
METHOD 1: BASIC TEST (No Authentication Required)
================================================================================
Test if WinRM HTTPS is responding:
Test-WSMan -ComputerName g9kn7pz3esf.logon.ds.ge.com -UseSSL -Port 5986
Replace "g9kn7pz3esf" with any PC hostname.
Expected Output:
wsmid : http://schemas.dmtf.org/wbem/wsman/identity/1/wsmanidentity.xsd
ProtocolVersion : http://schemas.dmtf.org/wbem/wsman/1/wsman.xsd
ProductVendor : Microsoft Corporation
ProductVersion : OS: 0.0.0 SP: 0.0 Stack: 3.0
================================================================================
METHOD 2: INTERACTIVE SESSION (Most Common)
================================================================================
Get an interactive PowerShell prompt on the remote PC:
# Get credentials (will prompt)
$cred = Get-Credential
# Connect
Enter-PSSession -ComputerName g9kn7pz3esf.logon.ds.ge.com `
-Credential $cred -UseSSL -Port 5986
Your prompt will change to show the remote computer name:
[g9kn7pz3esf.logon.ds.ge.com]: PS C:\>
Run commands normally. To exit:
Exit-PSSession
================================================================================
METHOD 3: RUN SINGLE COMMAND (Quick Tasks)
================================================================================
Execute a command without entering interactive mode:
# Get credentials first
$cred = Get-Credential
# Run command
Invoke-Command -ComputerName g9kn7pz3esf.logon.ds.ge.com `
-Credential $cred -UseSSL -Port 5986 `
-ScriptBlock { hostname }
Example - Get system info:
Invoke-Command -ComputerName g9kn7pz3esf.logon.ds.ge.com `
-Credential $cred -UseSSL -Port 5986 `
-ScriptBlock { Get-ComputerInfo | Select-Object CsName, OsVersion, TotalPhysicalMemory }
================================================================================
METHOD 4: PERSISTENT SESSION (Multiple Commands)
================================================================================
Create a reusable connection:
# Get credentials
$cred = Get-Credential
# Create session
$session = New-PSSession -ComputerName g9kn7pz3esf.logon.ds.ge.com `
-Credential $cred -UseSSL -Port 5986
# Use session multiple times (faster than reconnecting)
Invoke-Command -Session $session -ScriptBlock { Get-Service }
Invoke-Command -Session $session -ScriptBlock { Get-Process }
Invoke-Command -Session $session -ScriptBlock { ipconfig }
# Close when done
Remove-PSSession $session
================================================================================
CERTIFICATE TRUST ISSUE? (Self-Signed Certs)
================================================================================
If you get certificate errors, skip certificate validation (testing only):
# Create session option
$sessionOption = New-PSSessionOption -SkipCACheck -SkipCNCheck
# Use with any connection method:
Test-WSMan -ComputerName g9kn7pz3esf.logon.ds.ge.com -UseSSL -Port 5986 `
-SessionOption $sessionOption
Enter-PSSession -ComputerName g9kn7pz3esf.logon.ds.ge.com `
-Credential $cred -UseSSL -Port 5986 -SessionOption $sessionOption
Invoke-Command -ComputerName g9kn7pz3esf.logon.ds.ge.com `
-Credential $cred -UseSSL -Port 5986 -SessionOption $sessionOption `
-ScriptBlock { hostname }
================================================================================
CONNECTING TO MULTIPLE PCs
================================================================================
Test/connect to all shopfloor PCs:
# List of hostnames
$pcs = @("g1jjvh63esf", "g1jjxh63esf", "g9kn7pz3esf")
# Get credentials once
$cred = Get-Credential
# Test all PCs
foreach ($pc in $pcs) {
$fqdn = "$pc.logon.ds.ge.com"
Write-Host "Testing $fqdn..." -ForegroundColor Yellow
try {
Test-WSMan -ComputerName $fqdn -UseSSL -Port 5986 -ErrorAction Stop
Write-Host " [OK] $fqdn is responding" -ForegroundColor Green
} catch {
Write-Host " [FAIL] $fqdn failed: $($_.Exception.Message)" -ForegroundColor Red
}
}
================================================================================
USEFUL REMOTE COMMANDS
================================================================================
Once connected (via Enter-PSSession or Invoke-Command), try these:
System Information:
hostname
ipconfig
Get-ComputerInfo
systeminfo
WinRM Status:
Get-Service WinRM
winrm enumerate winrm/config/listener
Get-ChildItem Cert:\LocalMachine\My
Services:
Get-Service
Get-Service WinRM | Select-Object Name, Status, StartType
Processes:
Get-Process
Get-Process | Sort-Object CPU -Descending | Select-Object -First 10
Disk Space:
Get-PSDrive -PSProvider FileSystem
Event Logs:
Get-EventLog -LogName System -Newest 10
================================================================================
TROUBLESHOOTING
================================================================================
Cannot Reach PC:
Test-Connection g9kn7pz3esf.logon.ds.ge.com
Resolve-DnsName g9kn7pz3esf.logon.ds.ge.com
Test-NetConnection -ComputerName g9kn7pz3esf.logon.ds.ge.com -Port 5986
Authentication Failed:
# Try different username formats:
Get-Credential -UserName "DOMAIN\username"
Get-Credential -UserName ".\localadmin"
Get-Credential -UserName "G9KN7PZ3ESF\username"
Certificate Errors:
# Use -SessionOption to skip validation (see above)
# Or install certificate on your computer:
Import-Certificate -FilePath "C:\path\to\cert.cer" `
-CertStoreLocation Cert:\LocalMachine\Root
WinRM Client Settings (run as Administrator on YOUR computer):
# Enable WinRM client
Enable-PSRemoting -Force
# Add to trusted hosts
Set-Item WSMan:\localhost\Client\TrustedHosts -Value "*.logon.ds.ge.com" -Force
# View current settings
Get-Item WSMan:\localhost\Client\TrustedHosts
================================================================================
COMPLETE TESTING SCRIPT
================================================================================
Save this as Test-RemotePC.ps1 and run it:
param([string]$ComputerName)
Write-Host "Testing $ComputerName..." -ForegroundColor Cyan
# Test connectivity
if (Test-Connection $ComputerName -Count 2 -Quiet) {
Write-Host " [OK] PC is reachable" -ForegroundColor Green
} else {
Write-Host " [FAIL] Cannot reach PC" -ForegroundColor Red
exit
}
# Test WinRM HTTPS
$sessionOption = New-PSSessionOption -SkipCACheck -SkipCNCheck
try {
Test-WSMan -ComputerName $ComputerName -UseSSL -Port 5986 `
-SessionOption $sessionOption -ErrorAction Stop
Write-Host " [OK] WinRM HTTPS is responding" -ForegroundColor Green
} catch {
Write-Host " [FAIL] WinRM HTTPS not responding" -ForegroundColor Red
exit
}
# Test authenticated connection
$cred = Get-Credential
try {
$result = Invoke-Command -ComputerName $ComputerName -Credential $cred `
-UseSSL -Port 5986 -SessionOption $sessionOption `
-ScriptBlock { hostname } -ErrorAction Stop
Write-Host " [OK] Remote command succeeded: $result" -ForegroundColor Green
} catch {
Write-Host " [FAIL] Authentication failed" -ForegroundColor Red
}
Usage:
.\Test-RemotePC.ps1 -ComputerName g9kn7pz3esf.logon.ds.ge.com
================================================================================
CREDENTIAL FORMATS
================================================================================
When prompted for credentials, use one of these formats:
Domain Account:
Username: DOMAIN\username
Username: username@domain.com
Local Account:
Username: .\Administrator
Username: .\localadmin
Username: COMPUTERNAME\username
================================================================================
PORT INFORMATION
================================================================================
WinRM HTTPS: Port 5986 (configured by deployment scripts)
WinRM HTTP: Port 5985 (still available, but unencrypted)
Always use -UseSSL flag to ensure encrypted connection!
================================================================================
NEXT STEPS AFTER TESTING
================================================================================
1. Test basic connectivity with Test-WSMan
2. Test authenticated connection with Enter-PSSession
3. Run a few remote commands to verify functionality
4. If all works, deploy to 3-5 more PCs
5. Test connectivity to all deployed PCs
6. Document any issues in deployment logs
7. Proceed with full production rollout (175 PCs)
================================================================================
FOR MORE DETAILS
================================================================================
See: TEST-REMOTE-CONNECTION-GUIDE.md (comprehensive testing guide)
================================================================================
Reference in New Issue View Git Blame Copy Permalink