62c0c7bb06
Structure: - asset-collection/: Local PC data collection scripts - remote-execution/: WinRM remote execution scripts - setup-utilities/: Configuration and testing utilities - registry-backup/: GE registry backup scripts - winrm-https/: WinRM HTTPS certificate setup - docs/: Complete documentation Each folder includes a README with detailed documentation. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
186 lines
6.3 KiB
PowerShell
186 lines
6.3 KiB
PowerShell
#Requires -RunAsAdministrator
|
|
<#
|
|
.SYNOPSIS
|
|
Sets up WinRM configuration for remote asset collection.
|
|
|
|
.DESCRIPTION
|
|
This script configures WinRM settings to enable remote PowerShell execution
|
|
for asset collection across shopfloor computers.
|
|
|
|
.PARAMETER TrustedHosts
|
|
Comma-separated list of trusted hosts (IP addresses or computer names).
|
|
Use "*" to trust all hosts (less secure but simpler).
|
|
|
|
.PARAMETER TestConnection
|
|
Test WinRM connection to specified computers after setup.
|
|
|
|
.EXAMPLE
|
|
.\Setup-WinRM.ps1 -TrustedHosts "10.48.130.100,10.48.130.101"
|
|
|
|
.EXAMPLE
|
|
.\Setup-WinRM.ps1 -TrustedHosts "*"
|
|
|
|
.NOTES
|
|
Author: System Administrator
|
|
Date: 2025-09-26
|
|
Version: 1.0
|
|
#>
|
|
|
|
param(
|
|
[Parameter(Mandatory=$false)]
|
|
[string]$TrustedHosts = "",
|
|
|
|
[Parameter(Mandatory=$false)]
|
|
[string[]]$TestConnection = @()
|
|
)
|
|
|
|
function Show-WinRMStatus {
|
|
Write-Host "=== Current WinRM Configuration ===" -ForegroundColor Cyan
|
|
|
|
try {
|
|
$winrmStatus = Get-Service WinRM
|
|
Write-Host "WinRM Service Status: $($winrmStatus.Status)" -ForegroundColor $(if($winrmStatus.Status -eq 'Running') {'Green'} else {'Red'})
|
|
|
|
$listeners = winrm enumerate winrm/config/listener
|
|
Write-Host "WinRM Listeners: $($listeners.Count) configured" -ForegroundColor Gray
|
|
|
|
$trustedHosts = (Get-Item WSMan:\localhost\Client\TrustedHosts).Value
|
|
Write-Host "Current Trusted Hosts: $trustedHosts" -ForegroundColor Gray
|
|
|
|
} catch {
|
|
Write-Host "Error checking WinRM status: $($_.Exception.Message)" -ForegroundColor Red
|
|
}
|
|
Write-Host ""
|
|
}
|
|
|
|
function Enable-WinRMConfiguration {
|
|
param([string]$TrustedHosts)
|
|
|
|
Write-Host "=== Configuring WinRM ===" -ForegroundColor Cyan
|
|
|
|
try {
|
|
# Enable PowerShell Remoting
|
|
Write-Host "Enabling PowerShell Remoting..." -ForegroundColor Yellow
|
|
Enable-PSRemoting -Force -SkipNetworkProfileCheck
|
|
Write-Host "[OK] PowerShell Remoting enabled" -ForegroundColor Green
|
|
|
|
# Start WinRM service
|
|
Write-Host "Starting WinRM service..." -ForegroundColor Yellow
|
|
Start-Service WinRM
|
|
Set-Service WinRM -StartupType Automatic
|
|
Write-Host "[OK] WinRM service started and set to automatic" -ForegroundColor Green
|
|
|
|
# Configure trusted hosts if specified
|
|
if (-not [string]::IsNullOrEmpty($TrustedHosts)) {
|
|
Write-Host "Setting trusted hosts to: $TrustedHosts" -ForegroundColor Yellow
|
|
Set-Item WSMan:\localhost\Client\TrustedHosts -Value $TrustedHosts -Force
|
|
Write-Host "[OK] Trusted hosts configured" -ForegroundColor Green
|
|
} else {
|
|
Write-Host "[SKIP] No trusted hosts specified" -ForegroundColor Yellow
|
|
}
|
|
|
|
# Configure firewall
|
|
Write-Host "Configuring Windows Firewall..." -ForegroundColor Yellow
|
|
try {
|
|
Set-NetFirewallRule -DisplayName "Windows Remote Management (HTTP-In)" -Enabled True
|
|
Write-Host "[OK] Firewall rule enabled" -ForegroundColor Green
|
|
} catch {
|
|
Write-Host "[WARN] Could not configure firewall rule: $($_.Exception.Message)" -ForegroundColor Yellow
|
|
}
|
|
|
|
# Set authentication
|
|
Write-Host "Configuring authentication..." -ForegroundColor Yellow
|
|
Set-Item WSMan:\localhost\Service\Auth\Basic -Value $true
|
|
Set-Item WSMan:\localhost\Service\Auth\CredSSP -Value $true
|
|
Write-Host "[OK] Authentication configured" -ForegroundColor Green
|
|
|
|
Write-Host ""
|
|
Write-Host "WinRM configuration completed successfully!" -ForegroundColor Green
|
|
|
|
} catch {
|
|
Write-Host "Error configuring WinRM: $($_.Exception.Message)" -ForegroundColor Red
|
|
return $false
|
|
}
|
|
|
|
return $true
|
|
}
|
|
|
|
function Test-WinRMConnections {
|
|
param([string[]]$Computers)
|
|
|
|
if ($Computers.Count -eq 0) {
|
|
return
|
|
}
|
|
|
|
Write-Host "=== Testing WinRM Connections ===" -ForegroundColor Cyan
|
|
|
|
$credential = Get-Credential -Message "Enter credentials for testing remote connections"
|
|
if (-not $credential) {
|
|
Write-Host "No credentials provided for testing" -ForegroundColor Yellow
|
|
return
|
|
}
|
|
|
|
foreach ($computer in $Computers) {
|
|
Write-Host "Testing connection to $computer..." -NoNewline
|
|
|
|
try {
|
|
$session = New-PSSession -ComputerName $computer -Credential $credential -ErrorAction Stop
|
|
Remove-PSSession $session
|
|
Write-Host " [OK]" -ForegroundColor Green
|
|
} catch {
|
|
Write-Host " [FAIL] $($_.Exception.Message)" -ForegroundColor Red
|
|
}
|
|
}
|
|
Write-Host ""
|
|
}
|
|
|
|
function Show-NextSteps {
|
|
Write-Host "=== Next Steps ===" -ForegroundColor Cyan
|
|
Write-Host ""
|
|
Write-Host "1. Ensure target computers have WinRM enabled:" -ForegroundColor Yellow
|
|
Write-Host " Run this script on each target computer:" -ForegroundColor White
|
|
Write-Host " .\Setup-WinRM.ps1" -ForegroundColor Gray
|
|
Write-Host ""
|
|
Write-Host "2. Create your computer list file:" -ForegroundColor Yellow
|
|
Write-Host " Copy shopfloor-pcs-example.txt to shopfloor-pcs.txt" -ForegroundColor White
|
|
Write-Host " Edit the file to include your actual computer IP addresses" -ForegroundColor White
|
|
Write-Host ""
|
|
Write-Host "3. Test connections:" -ForegroundColor Yellow
|
|
Write-Host " .\Invoke-RemoteAssetCollection.ps1 -ComputerList @('10.48.130.100') -TestConnections" -ForegroundColor Gray
|
|
Write-Host ""
|
|
Write-Host "4. Run asset collection:" -ForegroundColor Yellow
|
|
Write-Host " .\Invoke-RemoteAssetCollection.ps1 -ComputerListFile .\shopfloor-pcs.txt" -ForegroundColor Gray
|
|
Write-Host " or" -ForegroundColor White
|
|
Write-Host " .\Run-RemoteCollection.bat" -ForegroundColor Gray
|
|
Write-Host ""
|
|
}
|
|
|
|
# Main execution
|
|
try {
|
|
Write-Host "=== WinRM Setup Script ===" -ForegroundColor Cyan
|
|
Write-Host "Date: $(Get-Date)" -ForegroundColor Gray
|
|
Write-Host ""
|
|
|
|
# Show current status
|
|
Show-WinRMStatus
|
|
|
|
# Configure WinRM
|
|
$success = Enable-WinRMConfiguration -TrustedHosts $TrustedHosts
|
|
|
|
if ($success) {
|
|
# Show updated status
|
|
Show-WinRMStatus
|
|
|
|
# Test connections if requested
|
|
if ($TestConnection.Count -gt 0) {
|
|
Test-WinRMConnections -Computers $TestConnection
|
|
}
|
|
|
|
# Show next steps
|
|
Show-NextSteps
|
|
}
|
|
|
|
} catch {
|
|
Write-Host "Fatal error: $($_.Exception.Message)" -ForegroundColor Red
|
|
exit 1
|
|
} |