{"id":3921,"date":"2009-06-04T18:32:00","date_gmt":"2009-06-04T18:32:00","guid":{"rendered":"https:\/\/blogs.msdn.microsoft.com\/powershell\/2009\/06\/04\/managing-remote-sessions\/"},"modified":"2019-02-18T13:12:35","modified_gmt":"2019-02-18T20:12:35","slug":"managing-remote-sessions","status":"publish","type":"post","link":"https:\/\/devblogs.microsoft.com\/powershell\/managing-remote-sessions\/","title":{"rendered":"Managing Remote Sessions"},"content":{"rendered":"

<\/font> <\/h2>\n

PowerShell V2 introduces a new capability which allows you to remotely manage machines in your organization. You may have already tried this new feature. In this blog, I will show how an administrator can manage different remote sessions (created by different users from different clients)<\/font><\/font><\/span><\/p>\n

Scenario:<\/span><\/b> Using PowerShell remoting, normal users can perform non-admin tasks on a machine remotely. There might be situations where an Administrator of the machine may want to terminate specific sessions created by specific users.<\/span><\/font><\/font><\/p>\n

This Administrator task can be achieved by just restarting WinRM service. However this is not a good solution as it would close all the remote sessions including the Administrator\u2019s sessions (if any). To remove specific sessions, WSMan\/WinRM provides cmdlets Get-WSManInstance & Remove-WSManInstance. I will show you how this works.<\/font><\/p>\n

# Create a remote session as a normal user<\/font><\/font><\/span><\/p>\n

PS C:\\> $env:computername<\/font><\/font><\/span><\/p>\n

KRISCV-LH<\/font><\/font><\/span><\/p>\n

PS C:\\> $s = nsn kriscv-jhoom -cred kriscv-jhoom\\testuser<\/b> -Authentication negotiate<\/font><\/font><\/span><\/p>\n

PS C:\\> $s<\/font><\/font><\/span><\/p>\n

 <\/span>Id Name            <\/span>ComputerName    <\/span>State    <\/span>ConfigurationName     <\/span>Availability<\/font><\/font><\/span><\/p>\n

 <\/span>— —-            <\/span>————    <\/span>—–    <\/span>—————–     <\/span>————<\/font><\/font><\/span><\/p>\n

  <\/span>6 Session6        <\/span>kriscv-jhoom    <\/span>Opened   <\/span>Microsoft.PowerShell     <\/span>Available<\/font><\/font><\/span><\/p>\n

PS C:\\><\/font><\/span><\/p>\n

 <\/font><\/p>\n

From machine KRISCV-LH, I connected to KRISCV-JHOOM as a testuser<\/i>. This testuser<\/i> is not an admin on Kriscv-Jhoom. Let\u2019s say this testuser<\/i> is consuming lot of CPU on Kriscv-Jhoom and not letting others to do their work. In this scenario, the Administrator of Kriscv-Jhoom can delete the remote sessions created by testuser<\/i> using Get-WSManInstance and Remove-WSManInstance cmdlets.  <\/span>These cmdlets are remote enabled meaning that these cmdlets can be run either locally on Kriscv-Jhoom or from a remote machine (You should provide Administrator credentials). Let\u2019s see how this works:<\/font><\/p>\n

 <\/font><\/p>\n

PS C:\\> $env:computername<\/font><\/font><\/span><\/p>\n

KRISCV-Win7<\/font><\/font><\/span><\/p>\n

PS C:\\> Get-WSManInstance -ConnectionURI http:\/\/kriscv-jhoom.wingroup.windeploy.ntdev.microsoft.com:<\/b><\/font><\/font><\/span><\/p>\n

5985\/wsman shell -enumerate -cred wingroup\\kriscv<\/font><\/font><\/span><\/b><\/p>\n

 <\/font><\/span><\/p>\n

rsp             <\/span>: http:\/\/schemas.microsoft.com\/wbem\/wsman\/1\/windows\/shell<\/font><\/font><\/span><\/p>\n

lang            <\/span>: en-US<\/font><\/font><\/span><\/p>\n

ShellId         <\/span>: 884D2DB4-C454-4F1C-9AF6-A7DA3D5D8BD7<\/b><\/font><\/font><\/span><\/p>\n

ResourceUri     <\/span>: http:\/\/schemas.microsoft.com\/powershell\/Microsoft.PowerShell<\/font><\/font><\/span><\/p>\n

Owner           <\/span>: kriscv-jhoom\\testuser<\/font><\/font><\/span><\/b><\/p>\n

ClientIP        <\/span>: 2001:4898:2b:2:4878:5933:c82c:2cbd<\/font><\/font><\/span><\/b><\/p>\n

IdleTimeOut     <\/span>: PT180.000S<\/font><\/font><\/span><\/p>\n

InputStreams    <\/span>: stdin pr<\/font><\/font><\/span><\/p>\n

OutputStreams   <\/span>: stdout<\/font><\/font><\/span><\/p>\n

ShellRunTime    <\/span>: P0DT0H17M33S<\/font><\/font><\/span><\/p>\n

ShellInactivity : P0DT0H0M33S<\/font><\/span><\/p>\n

 <\/font><\/p>\n

Notice how I am using Get-WSManInstance. In the ConnectURI parameter, I am using the port number 5985 as the WinRM\/WSMan service on Kriscv-Jhoom is listening on this port. That brings us to the point of Port change. By default starting from Win7 RC, WinRM listens on port 5985 not<\/b> port 80(for http traffic). The \/WSMan in the query portion implies to retrieve remote sessions serviced by WSMan (WinRM) service.<\/font><\/p>\n

 <\/font><\/p>\n

Notice the output, for each remotely created session you are getting information like user who created this session, from which client machine is this remote session established, the ID, the runtime describing how many days,hours,minutes and seconds the session is active etc.<\/font><\/p>\n

 <\/font><\/p>\n

To remove the session, use Remove-WSManInstance cmdlet supplying the ID like this:<\/font><\/p>\n

 <\/font><\/p>\n

PS C:\\> remove-WSManInstance -ConnectionURI http:\/\/kriscv-jhoom.wingroup.windeploy.ntdev.microsoft.c<\/font><\/font><\/span><\/p>\n

om:5985\/wsman shell @{ShellID=”884D2DB4-C454-4F1C-9AF6-A7DA3D5D8BD7″} -cred wingroup\\kriscv<\/font><\/span><\/p>\n

 <\/font><\/p>\n

This will remove the session created by testuser<\/i>!! <\/font><\/p>\n

 <\/font><\/p>\n

Now let\u2019s see how this is reflected in the $s (session) variable created by testuser on Kriscv-LH<\/font><\/p>\n

 <\/font><\/p>\n

PS C:\\>  <\/span>$env:computername<\/font><\/font><\/span><\/p>\n

KRISCV-LH<\/font><\/font><\/span><\/p>\n

PS C:\\> $s<\/font><\/font><\/span><\/p>\n

 <\/span>Id Name            <\/span>ComputerName    <\/span>State    <\/span>ConfigurationName     <\/span>Availability<\/font><\/font><\/span><\/p>\n

 <\/span>— —-            <\/span>————    <\/span>—–    <\/span>—————–     <\/span>————<\/font><\/font><\/span><\/p>\n

  <\/span>6 Session6        <\/span>kriscv-jhoom    <\/span>Broken   <\/span>Microsoft.PowerShell          <\/span>None<\/font><\/font><\/span><\/p>\n

 <\/font><\/p>\n

The session is Broken!! So testuser<\/i> has to create a new session to continue his work. An Administrator can choose to totally block testuser<\/i> from a creating any session remotely using \u201cSet-PSSessionConfiguration\u201d cmdlet. The \u2013ShowSecurityDescriptorUI parameter will show a nice UI to make these decisions easily.<\/font><\/p>\n

 <\/font><\/p>\n

Thanks<\/font><\/p>\n

Krishna<\/font><\/p>\n

Windows PowerShell Development<\/font><\/p>\n

This posting is provided \u201cAS IS\u201d with no warranties.<\/font><\/p>\n","protected":false},"excerpt":{"rendered":"

  PowerShell V2 introduces a new capability which allows you to remotely manage machines in your organization. You may have already tried this new feature. In this blog, I will show how an administrator can manage different remote sessions (created by different users from different clients) Scenario: Using PowerShell remoting, normal users can perform non-admin […]<\/p>\n","protected":false},"author":600,"featured_media":13641,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1],"tags":[8],"class_list":["post-3921","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-powershell","tag-remoting"],"acf":[],"blog_post_summary":"

  PowerShell V2 introduces a new capability which allows you to remotely manage machines in your organization. You may have already tried this new feature. In this blog, I will show how an administrator can manage different remote sessions (created by different users from different clients) Scenario: Using PowerShell remoting, normal users can perform non-admin […]<\/p>\n","_links":{"self":[{"href":"https:\/\/devblogs.microsoft.com\/powershell\/wp-json\/wp\/v2\/posts\/3921","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/devblogs.microsoft.com\/powershell\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/devblogs.microsoft.com\/powershell\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/powershell\/wp-json\/wp\/v2\/users\/600"}],"replies":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/powershell\/wp-json\/wp\/v2\/comments?post=3921"}],"version-history":[{"count":0,"href":"https:\/\/devblogs.microsoft.com\/powershell\/wp-json\/wp\/v2\/posts\/3921\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/powershell\/wp-json\/wp\/v2\/media\/13641"}],"wp:attachment":[{"href":"https:\/\/devblogs.microsoft.com\/powershell\/wp-json\/wp\/v2\/media?parent=3921"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/powershell\/wp-json\/wp\/v2\/categories?post=3921"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/powershell\/wp-json\/wp\/v2\/tags?post=3921"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}