Petri Newsletter Sign-up
Tech Tuesday

Subscribe to Tech Tuesday, the latest insights from for IT Pros.

    See All Petri Newsletters

    WinRM - Not Just for PowerShell

    Posted on by Jeff Hicks in PowerShell with 1 Comment


    As you are probably aware, Windows PowerShell Remoting is based on the WS-Man protocols which are managed by the WinRM service. The primary advantage of this technology is that a secure, remote connection is made over a single, configurable port. None of the chaos normally associated with RPC and DCOM connections. Plus the command is executing on the remote machine, just as if you were sitting in front of the computer.

    But you are not required to use PowerShell to leverage WinRM. Sure a lot of remote management is easier done through PowerShell, but let me show you some tricks you might want to try outside of the PS prompt.

    Using WinRM Outside of PowerShell

    First, remoting must be enabled on the remote machine if you haven’t already done it via PowerShell. Open a CMD prompt and run this command:

    Follow any prompts and in moments you’ll be ready to go. To see your configuration try this:

    You should get something like Figure 1.

    Figure 1 - WinRM Configuration

    Figure 1 – WinRM Configuration

    If you haven’t guessed by now, we’ll be using the WinRM command line tool. Run it with –help or /? parameter at any time to see help.

    The first thing I’m going to do is check on the status of WinRM on a remote computer.

    I got a response, so that looks good. How about getting some management information? The primary resource you will use is WMI {See my article on Command Line WMI Part 1}. The advantage of using WinRM is that network communication is over that single port instead of RPC which makes this much more firewall friendly.

    For WMI classes that are singletons, that is only a single instance, you can run a command like this:

    I have the results in Figure 2.

    Figure 2 - A WMI query via WinRM

    Figure 2 – A WMI query via WinRM

    For other classes, you can specify a single instance. Here are some example commands you can try. You should be able to use your computer name in place of the remote name.

    It is possible to also get all instances of a specific class:

    Creating a WMI query takes a little extra work but you should be able to use this command as a model.


    You need to enumerate all classes under the namespace, specifying a WQL query. The results aren’t necessarily that pretty to look at but they are functional.

    You can also use this technology to execute commands remotely but we’ll cover that another day.


    Don't have a login but want to join the conversation? Sign up for a Petri Account