# Powershell - Secure winRM

#### <span style="text-decoration: underline; color: rgb(35,111,161);">**I. Paramétrage du service**</span>

Vérifier les listener :

```powershell
winrm e winrm/config/listener
```

Vérifier l'état de winRM :

```
winrm get winrm/config
```

#### <span style="text-decoration: underline; color: rgb(35,111,161);">**II. Paramétrage trusted host**</span>

Lister les TrustedHosts :

```powershell
Get-Item WSMan:\localhost\Client\TrustedHosts | Select-Object Value | Format-Table
```

Ajouter le host dans les TrustedHosts :

```powershell
Set-Item WSMan:\localhost\Client\TrustedHosts -Value '<ip des serveurs> ou *'
```

#### <span style="text-decoration: underline; color: rgb(35,111,161);">**III. Configuration Firewall**</span>

Ajouter une règle autorisant winRM :

```powershell
New-NetFirewallRule -DisplayName "Windows Remote Management (HTTP-In)" -Profile Domain -Direction Inbound -Action Allow -RemoteAddress '<ipadress> or CIDR network' -Protocol TCP -LocalPort 5986
```