{"id":4231,"date":"2009-04-10T03:36:00","date_gmt":"2009-04-10T03:36:00","guid":{"rendered":"https:\/\/blogs.msdn.microsoft.com\/powershell\/2009\/04\/10\/configuring-powershell-for-remoting-part-2-fan-in\/"},"modified":"2019-02-18T13:12:43","modified_gmt":"2019-02-18T20:12:43","slug":"configuring-powershell-for-remoting-part-2-fan-in","status":"publish","type":"post","link":"https:\/\/devblogs.microsoft.com\/powershell\/configuring-powershell-for-remoting-part-2-fan-in\/","title":{"rendered":"Configuring PowerShell for Remoting &#8211; Part 2 (Fan-In)"},"content":{"rendered":"<p class=\"MsoNormal\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\"><\/font><\/span><\/p>\n<p class=\"MsoNormal\"><font size=\"3\"><font face=\"Calibri\"><span lang=\"EN\">The features discussed in this blog post depend on PowerShell CTP3 release. Details about PowerShell CTP3 can be found at <\/span><span lang=\"EN\"><a href=\"http:\/\/blogs.msdn.com\/powershell\/archive\/2008\/12\/23\/early-christmas-present-from-powershell-team-community-technology-preview-3-ctp3-of-windows-powershell-v2.aspx\"><span>http:\/\/blogs.msdn.com\/powershell\/archive\/2008\/12\/23\/early-christmas-present-from-powershell-team-community-technology-preview-3-ctp3-of-windows-powershell-v2.aspx<\/span><\/a><\/span><\/font><\/font><\/p>\n<p class=\"MsoNormal\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">The <\/font><a href=\"http:\/\/blogs.msdn.com\/powershell\/archive\/2008\/12\/24\/configuring-powershell-for-remoting-part-1.aspx\"><font size=\"3\" face=\"Calibri\">Part 1<\/font><\/a><font size=\"3\"><font face=\"Calibri\"> of this series concentrated on configuring PowerShell remoting through WinRM service. In this blog post, I will talk about configuring PowerShell through IIS, which we call as Fan-In.<\/font><\/font><\/span><\/p>\n<p class=\"MsoNormal\"><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\">The WinRM service based PowerShell remoting is targeted for those users who want to administer\/manage a machine(s) (or an asset on the machine) remotely. <\/font><\/font><\/span><\/p>\n<p class=\"MsoNormal\"><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\">The IIS service based PowerShell remoting is targeted at <u>Cloud<\/u> based applications like Hosted Exchange Service, Hosted SQL Services, Hosted SharePoint services etc. In this model, the application will typically divide its services into various roles and assign users (based on credentials etc) to each role. The following example will talk briefly about the scenario:<\/font><\/font><\/span><\/p>\n<p class=\"MsoNormal\"><font size=\"3\"><font face=\"Calibri\"><u><span lang=\"EN\">Example:<\/span><\/u><span lang=\"EN\"> <span>&nbsp;<\/span><\/span>Let\u2019s say Microsoft<span>&nbsp; <\/span>Exchange Online services (MEOS) <span>&nbsp;<\/span>is providing Mailbox hosting on the cloud to enterprises. Lets say Contoso and Fabrikam enterprises bought this cloud based Mailbox hosting from MEOS. In this model, an Adminstrator from Contoso can manage only his enterprise mailboxes. A less privileged user from Contoso can manage only his particular box. In this example we saw 2 roles: an Enterprise Admin, a Less Privileged User.<\/font><\/font><\/p>\n<p class=\"MsoNormal\"><font size=\"3\"><font face=\"Calibri\"><span>&nbsp;<\/span>PowerShell based remoting enables the automation of management tasks in this scenario remotely!! For example, as an Enterprise Admin (of Contoso) I can remotely create 1000\u2019s of mailboxes for my organization in a scriptable\/automatable way. This eliminates the painful task of creating each mailbox individually using UI (a.k.a browser)<\/font><\/font><\/p>\n<p class=\"MsoNormal\"><font size=\"3\" face=\"Calibri\">To achieve this scenario, the hosted application (MEOS in this example) has to configure PowerShell\/WinRM in the following way (on Windows Server 2008+):<\/font><\/p>\n<p class=\"MsoListParagraphCxSpFirst\"><span lang=\"EN\"><span><font size=\"3\" face=\"Calibri\">1.<\/font><span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <\/span><\/span><\/span><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\">Make sure you installed CTP3 of PowerShell and WinRM<\/font><\/font><\/span><\/p>\n<p class=\"MsoListParagraphCxSpMiddle\"><span lang=\"EN\"><span><font size=\"3\" face=\"Calibri\">2.<\/font><span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <\/span><\/span><\/span><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\">Install IIS (7.0) and other required roles<\/font><\/font><\/span><\/p>\n<p class=\"MsoListParagraphCxSpMiddle\"><span><span><font size=\"3\" face=\"Calibri\">a.<\/font><span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <\/span><\/span><\/span><font size=\"3\" face=\"Calibri\">ocsetup.exe IIS-WebServerRole;WAS-WindowsActivationService;IIS-WebServerManagementTools;IIS-ManagementConsole;WAS-ConfigurationAPI;IIS-BasicAuthentication;IIS-WindowsAuthentication;IIS-DigestAuthentication \/quiet \/norestart<\/font><\/p>\n<p class=\"MsoListParagraphCxSpLast\"><span><span><font size=\"3\" face=\"Calibri\">b.<\/font><span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <\/span><\/span><\/span><font size=\"3\" face=\"Calibri\">ocsetup.exe IIS-ClientCertificateMappingAuthentication;IIS-IISCertificateMappingAuthentication;IIS-URLAuthorization;IIS-RequestFiltering;IIS-IPSecurity \/quiet \/norestart<\/font><\/p>\n<p class=\"MsoNormal\"><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\"><span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <\/span>ie., we are installing the following IIS roles: &#8220;IIS-WebServerRole &#8220;, &#8220;WAS-WindowsActivationService&#8221;, &#8220;IIS-WebServerManagementTools&#8221;, &#8220;IIS-ManagementConsole&#8221;, &#8220;WAS-ConfigurationAPI&#8221;,&#8221;IIS-BasicAuthentication&#8221;,&#8221;IIS-WindowsAuthentication&#8221;,&#8221;IIS-DigestAuthentication&#8221;,&#8221;IIS-ClientCertificateMappingAuthentication&#8221;, &#8220;IIS- IISCertificateMappingAuthentication&#8221;,&#8221;IIS-URLAuthorization&#8221;,&#8221;IIS-RequestFiltering&#8221;,&#8221;IIS-IPSecurity&#8221;<\/font><\/font><\/span><\/p>\n<p class=\"MsoNormal\"><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\">The various authentication roles are not mandatory. Depending on your Authentication design you may choose to not install the Authentication roles that you do not need.<\/font><\/font><\/span><\/p>\n<p class=\"MsoListParagraphCxSpFirst\"><span lang=\"EN\"><span><font size=\"3\" face=\"Calibri\">3.<\/font><span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <\/span><\/span><\/span><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\">Configure the HTTPS listener with a valid certificate<\/font><\/font><\/span><\/p>\n<p class=\"MsoListParagraphCxSpMiddle\"><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\">Although a HTTP based endpoint may be created for you Fan-In service, we recommend using HTTPS for security reasons. Also use a certificate issued by a valid certificate authority. <\/font><\/font><\/span><\/p>\n<p class=\"MsoListParagraphCxSpMiddle\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">&nbsp;<\/font><\/span><\/p>\n<p class=\"MsoListParagraphCxSpLast\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">You can use <\/font><a href=\"http:\/\/msdn.microsoft.com\/en-us\/library\/bfsktky3(VS.80).aspx\"><font color=\"#800080\" size=\"3\" face=\"Calibri\">makecert.exe<\/font><\/a><font size=\"3\"><font face=\"Calibri\"> utility to create a self signed certificate (for testing purposes). <span>&nbsp;<\/span>For example, I used the following command (from an elevated command prompt) to create a test certificate for my testing purposes:<\/font><\/font><\/span><\/p>\n<p class=\"CodeCxSpFirst\"><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\">D:\\temp\\MakeCert.exe -pe -n &#8220;CN=442635F10-11AD.STBTEST.MICROSOFT.COM&#8221; -eku 1<\/font><\/font><\/span><\/p>\n<p class=\"CodeCxSpLast\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">.3.6.1.5.5.7.3.1 -ss my -sr localMachine -sky exchange -r<\/font><\/span><\/p>\n<p class=\"MsoListParagraphCxSpFirst\"><span lang=\"EN\"><span><font size=\"3\" face=\"Calibri\">4.<\/font><span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <\/span><\/span><\/span><font size=\"3\"><font face=\"Calibri\"><span lang=\"EN\">Configure IIS site with WSMan. The following steps adds a site with name \u201c<\/span>WSMan_PS_Fanin<span lang=\"EN\">\u201d and port 443:<\/span><\/font><\/font><\/p>\n<p class=\"MsoListParagraphCxSpLast\"><span lang=\"EN\"><span><font size=\"3\" face=\"Calibri\">(a)<\/font><span>&nbsp;&nbsp;&nbsp; <\/span><\/span><\/span><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\">Copying wsmanconfig_schema.xml file to inetsrv\\config\\schema directory<\/font><\/font><\/span><\/p>\n<p class=\"CodeCxSpFirst\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">copy $env:windir\\system32\\wsmanconfig_schema.xml $env:windir\\system32\\inetsrv\\config\\schema\\wsmanconfig_schema.xml<\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">&nbsp;<\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><span><font size=\"3\" face=\"Calibri\">(b)<\/font><span>&nbsp;&nbsp; <\/span><\/span><\/span><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">Backup IIS Config. This is as a precautionary safety measure. <\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">&amp; &#8220;$env:windir\\system32\\inetsrv\\appcmd.exe&#8221; add BACKUP WSMan_PS_Fanin<\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">&nbsp;<\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><span><font size=\"3\" face=\"Calibri\">(c)<\/font><span>&nbsp;&nbsp;&nbsp; <\/span><\/span><\/span><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">Stop and Start Default<span>&nbsp; <\/span>App pool<\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\"><span>&nbsp;<\/span><span>&amp; &#8220;$env:windir\\system32\\inetsrv\\appcmd.exe&#8221; stop APPPOOL \/apppool.name:DefaultAppPool<\/span><\/font><\/font><\/span><\/p>\n<p class=\"CodeCxSpLast\"><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\"><span>&nbsp;<\/span>&amp; &#8220;$env:windir\\system32\\inetsrv\\appcmd.exe&#8221; start APPPOOL \/apppool.name:DefaultAppPool<\/font><\/font><\/span><\/p>\n<p class=\"MsoListParagraph\"><span lang=\"EN\"><span><font size=\"3\" face=\"Calibri\">(d)<\/font><span>&nbsp;&nbsp; <\/span><\/span><\/span><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\">Register WSMan IIS Configuration. You need to add the following line to \u201c$env:windir\\system32\\inetsrv\\config\\applicationHost.config\u201d file under \u201c&lt;sectionGroup name =\u201dsystem.webServer\u201d&gt;\u201d section group.<\/font><\/font><\/span><\/p>\n<p class=\"Code\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">&lt;section name=&#8221;system.management.wsmanagement.config&#8221; overrideModeDefault=&#8221;Allow&#8221; \/&gt;<\/font><\/span><\/p>\n<p class=\"MsoListParagraphCxSpFirst\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">If you want to automate this process download <\/font><a href=\"http:\/\/www.iis.net\/extensions\/PowerShell\"><font color=\"#800080\" size=\"3\" face=\"Calibri\">IIS\u2019s PowerShell snapin<\/font><\/a><font size=\"3\"><font face=\"Calibri\"> and use IIS-PowerShell cmdlets<\/font><\/font><\/span><\/p>\n<p class=\"MsoListParagraphCxSpMiddle\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">&nbsp;<\/font><\/span><\/p>\n<p class=\"MsoListParagraphCxSpLast\"><span lang=\"EN\"><span><font size=\"3\" face=\"Calibri\">(e)<\/font><span>&nbsp;&nbsp; <\/span><\/span><\/span><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\">Register WSMan IIS Module<\/font><\/font><\/span><\/p>\n<p class=\"CodeCxSpFirst\"><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\"><span>&nbsp;<\/span><span>&amp; &#8220;$env:windir\\system32\\inetsrv\\appcmd.exe&#8221; install module \/name:WSMan<\/span><\/font><\/font><\/span><\/p>\n<p class=\"CodeCxSpLast\"><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\"><span>&nbsp;<\/span>\/image:&#8221;$env:windir\\system32\\wsmsvc.dll&#8221; \/add:false<\/font><\/font><\/span><\/p>\n<p class=\"MsoListParagraphCxSpFirst\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">&nbsp;<\/font><\/span><\/p>\n<p class=\"MsoListParagraphCxSpLast\"><span lang=\"EN\"><span><font size=\"3\" face=\"Calibri\">(f)<\/font><span>&nbsp;&nbsp;&nbsp;&nbsp; <\/span><\/span><\/span><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\">Create a directory for the site<\/font><\/font><\/span><\/p>\n<p class=\"CodeCxSpFirst\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">md &#8220;$env:systemdrive\\inetpub\\WSMan_PS_Fanin&#8221;<\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">&nbsp;<\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><span><font size=\"3\" face=\"Calibri\">(g)<\/font><span>&nbsp;&nbsp;&nbsp; <\/span><\/span><\/span><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">Create a Web.Config file in the just created directory (look at the end of the blog for a sample content)<\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">&nbsp;<\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><span><font size=\"3\" face=\"Calibri\">(h)<\/font><span>&nbsp;&nbsp; <\/span><\/span><\/span><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">Setup Website. The following steps create a site, setup appropriate bindings for authentication, and bind the site to port 443. You may want to change all (or some) of these things as per your needs.<\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">&nbsp;<\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\"><span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <\/span># Create the site<\/font><\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">&amp; &#8220;$env:windir\\system32\\inetsrv\\appcmd.exe&#8221; add site \/name:&#8221;WSMan_PS_Fanin&#8221; \/id:&#8221;10&#8243; \/bindings:https:\/\/*:443 \/physicalPath:&#8221;$env:systemdrive\\inetpub\\wwwroot&#8221;<\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><span><font size=\"3\" face=\"Calibri\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <\/font><\/span><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\"><span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <\/span><span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<\/span># Create the app within the site<\/font><\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\"><span>&nbsp;<\/span><span>&amp; &#8220;$env:windir\\system32\\inetsrv\\appcmd.exe&#8221; add app \/site.name:&#8221;WSMan_PS_Fanin&#8221; \/path:&#8221;\/WSMan_PS_Fanin&#8221; \/physicalPath:&#8221;$env:systemdrive\\inetpub\\WSMan_PS_Fanin&#8221;<\/span><\/font><\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">&nbsp;<\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\"><span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <\/span># unlock auth sections<\/font><\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">&amp; &#8220;$env:windir\\system32\\inetsrv\\appcmd.exe&#8221; unlock config -section:access<\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">&nbsp;<\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\"><span>&nbsp;<\/span><span>&amp; &#8220;$env:windir\\system32\\inetsrv\\appcmd.exe&#8221; unlock config -section:anonymousAuthentication<\/span><\/font><\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">&nbsp;<\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">&amp; &#8220;$env:windir\\system32\\inetsrv\\appcmd.exe&#8221; unlock config -section:basicAuthentication<\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">&nbsp;<\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">&amp; &#8220;$env:windir\\system32\\inetsrv\\appcmd.exe&#8221; unlock config -section:windowsAuthentication<\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">&nbsp;<\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\"># set required authentications for the new site<\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\"><span>&nbsp;<\/span><span>&amp; &#8220;$env:windir\\system32\\inetsrv\\appcmd.exe&#8221; set config &#8220;WSMan_PS_Fanin\/WSMan_PS_Fanin&#8221;<span>&nbsp; <\/span>\/section:access \/sslflags:Ssl<\/span><\/font><\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">&nbsp;<\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\"><span>&nbsp;<\/span><span>&amp; &#8220;$env:windir\\system32\\inetsrv\\appcmd.exe&#8221; set config &#8220;WSMan_PS_Fanin\/WSMan_PS_Fanin&#8221;<span>&nbsp; <\/span>\/section:anonymousAuthentication \/enabled:false<\/span><\/font><\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">&nbsp;<\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\"><span>&nbsp;<\/span><span>&amp; &#8220;$env:windir\\system32\\inetsrv\\appcmd.exe&#8221; set config &#8220;WSMan_PS_Fanin\/WSMan_PS_Fanin&#8221;<span>&nbsp; <\/span>\/section:basicAuthentication \/enabled:true<\/span><\/font><\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">&nbsp;<\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">&amp; &#8220;$env:windir\\system32\\inetsrv\\appcmd.exe&#8221; set config &#8220;WSMan_PS_Fanin\/WSMan_PS_Fanin&#8221;<span>&nbsp; <\/span>\/section:windowsAuthentication \/enabled:true<\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">&nbsp;<\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\"># delete and set new Certificate with the ip-port. You need the certificate thumbprint<\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\"># of the certificate you created using makecert utility.<\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">netsh http delete sslcert ipport=0.0.0.0:443<\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">&nbsp;<\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">netsh http add sslcert ipport=0.0.0.0:443 certhash=&lt;fill cert thumb print here&gt; <span>&nbsp;<\/span><span>&nbsp;&nbsp;<\/span>&#8216;appid={4dc3e181-e14b-4a21-b022-59fc669b0914}&#8217; certstorename=MY<\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">&nbsp;<\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">Hint: I used the following to get the cert thumb print I just created.<\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">&nbsp;<\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">PS D:\\&gt; dir cert:\\LocalMachine\\my<\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">&nbsp;<\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\"><span>&nbsp;&nbsp;&nbsp; <\/span>Directory: Microsoft.PowerShell.Security\\Certificate::LocalMachine\\my<\/font><\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">&nbsp;<\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">Thumbprint<span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <\/span>Subject<\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">&#8212;&#8212;&#8212;-<span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <\/span><span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span>&nbsp;&nbsp;&nbsp;<\/span>&#8212;&#8212;-<\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><font size=\"3\"><font face=\"Calibri\"><b><u><span lang=\"EN\">9734CE0AD8625E33218ADD488F641CBB107427A3<span>&nbsp; <\/span><\/span><\/u><\/b><span lang=\"EN\">CN=442635F10-11AD.STBTEST.MICROSOF&#8230;<b><u><\/u><\/b><\/span><\/font><\/font><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">62CFE56EFFB3C6E702ED576475F55EFF0220C441<span>&nbsp; <\/span>CN=442635F10-11AD.stbtest.microsof&#8230;<\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">1EA7ECD5FD4BF46E018EA28F4EBDA9265C8E4BB2<\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">&nbsp;<\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\"># Enable WSMan on the new app (you need to unlock the section before doing this)<\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\"><span>&nbsp;<\/span><span>&amp; &#8220;$env:windir\\system32\\inetsrv\\appcmd.exe&#8221; unlock config -section:&#8221;system.webserver\/modules&#8221;<\/span><\/font><\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">&nbsp;<\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">&amp; &#8220;$env:windir\\system32\\inetsrv\\appcmd.exe&#8221; add module \/name:&#8221;WSMan&#8221; \/app.name:&#8221;WSMan_PS_Fanin\/WSMan_PS_Fanin&#8221;<\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">&nbsp;<\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\"># start the Default AppPool and the site<\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">&amp; &#8220;$env:windir\\system32\\inetsrv\\appcmd.exe&#8221; start APPPOOL \/apppool.name:DefaultAppPool<\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">&amp; &#8220;$env:windir\\system32\\inetsrv\\appcmd.exe&#8221; start site WSMan_PS_Fanin<\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">&nbsp;<\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">Thats it!! Now our Application is ready to service client requests. You can use StartupScript or a PSSessionConfiguration to customize runspaces for each incoming client.<\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">&nbsp;<\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">You can connect to the endpoint and invoke commands from a client using the same \u201cNew-PSSession\u201d,\u201dInvoke-Command\u201d,\u201dEnter-PSSession\u201d cmdlets:<\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">&nbsp;<\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\">PS C:\\&gt; $env:computername<\/font><\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\">KRISCV-LH<\/font><\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\">PS C:\\&gt; $s = new-pssession -connectionuri https:\/\/442635F1011AD.STBTEST.MICROSOFT.COM:443\/WSMan_PS_Fanin -cred stbtest\\mspuser -SessionOption (New-WSManSessionOption -SkipCACheck -SkipCNCheck)<\/font><\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\">PS C:\\&gt; invoke-command $s { $env:computername }<\/font><\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\">442635F10-11AD<\/font><\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">PS C:\\&gt;<\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">&nbsp;<\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">Notice I am accessing the endpoint that we just created from a different machine!! Since my endpoint is listening on a https port using a test signed certificate I am telling the client to skip cert related checks using New-WSMananSessionOption cmdlet.<\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">&nbsp;<\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">All the above mentioned steps can be easily automated. We did not ship a cmdlet to do this as this is not a common scenario and also IIS and related modules are not installed by default. I will write and upload a small PowerShell module which will automate all these steps.<\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">&nbsp;<\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">The hosted application provider can customize the sessions of each incoming client using the startupscript or PSSessionConfiguration initialization parameters described below.<\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">&nbsp;<\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">######################## Web.Config file #########################<\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\">&lt;?<span>xml<\/span> <span>version<\/span>=&#8221;1.0&#8243; <span>encoding<\/span>=&#8221;UTF-8&#8243;?&gt;<\/font><\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\">&lt;<span>configuration<\/span>&gt;<\/font><\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\"><span>&nbsp; <\/span>&lt;<span>system.webServer<\/span>&gt;<\/font><\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\"><span>&nbsp;&nbsp;&nbsp; <\/span>&lt;<span>system.management.wsmanagement.config<\/span>&gt;<\/font><\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\"><span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <\/span>&lt;<span>PluginModules<\/span>&gt;<\/font><\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\"><span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <\/span>&lt;<span>OperationsPlugins<\/span>&gt;<\/font><\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\"><span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <\/span>&lt;<span>Plugin<\/span> <span>Name<\/span>=&#8221;PowerShellplugin&#8221; <span>Filename<\/span>=&#8221;%windir%\\system32\\pwrshplugin.dll&#8221; <span>SDKVersion<\/span>=&#8221;1&#8243; <span>XmlRenderingType<\/span>=&#8221;text&#8221;&gt;<\/font><\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\"><span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <\/span>&lt;<span>InitializationParameters<\/span>&gt;<\/font><\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\"><span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <\/span>&lt;!&#8211;<span> See the explanation of this and other parameters below<\/span>&#8211;&gt;<\/font><\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\"><span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <\/span>&lt;<span>Param<\/span> <span>Name<\/span>=&#8221;PSVersion&#8221; <span>Value<\/span>=&#8221;2.0&#8243; \/&gt;<\/font><\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\"><span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <\/span>&lt;\/<span>InitializationParameters<\/span>&gt; <\/font><\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\"><span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <\/span>&lt;<span>Resources<\/span>&gt;<\/font><\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\"><span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <\/span>&lt;<span>Resource<\/span> <span>ResourceUri<\/span>=&#8221;http:\/\/schemas.microsoft.com\/powershell\/Microsoft.PowerShell&#8221; <span>SupportsOptions<\/span>=&#8221;true&#8221;&gt;<\/font><\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\"><span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <\/span><span>&nbsp;<\/span>&lt;<span>Capability<\/span> <span>Type<\/span>=&#8221;Shell&#8221; \/&gt;<\/font><\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\"><span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <\/span>&lt;\/<span>Resource<\/span>&gt;<\/font><\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\"><span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <\/span>&lt;\/<span>Resources<\/span>&gt;<\/font><\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\"><span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <\/span>&lt;\/<span>Plugin<\/span>&gt;<span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <\/span><\/font><\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\"><span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <\/span>&lt;\/<span>OperationsPlugins<\/span>&gt;<\/font><\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\"><span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <\/span>&lt;\/<span>PluginModules<\/span>&gt;<\/font><\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\"><span>&nbsp;&nbsp;&nbsp; <\/span>&lt;\/<span>system.management.wsmanagement.config<\/span>&gt;<\/font><\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\"><span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <\/span>&lt;<span>security<\/span>&gt;<\/font><\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\"><span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <\/span>&lt;<span>access<\/span> <span>sslFlags<\/span>=&#8221;Ssl&#8221; \/&gt;<\/font><\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\"><span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <\/span>&lt;<span>authentication<\/span>&gt;<\/font><\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\"><span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <\/span>&lt;<span>anonymousAuthentication<\/span> <span>enabled<\/span>=&#8221;false&#8221; \/&gt;<\/font><\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\"><span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <\/span>&lt;<span>basicAuthentication<\/span> <span>enabled<\/span>=&#8221;true&#8221; \/&gt;<\/font><\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\"><span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <\/span>&lt;<span>windowsAuthentication<\/span> <span>enabled<\/span>=&#8221;true&#8221; \/&gt;<\/font><\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\"><span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <\/span>&lt;\/<span>authentication<\/span>&gt;<\/font><\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\"><span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <\/span>&lt;\/<span>security<\/span>&gt;<\/font><\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\"><span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <\/span>&lt;<span>modules<\/span>&gt;<\/font><\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\"><span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <\/span>&lt;<span>add<\/span> <span>name<\/span>=&#8221;WSMan&#8221; \/&gt;<\/font><\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\"><span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <\/span>&lt;\/<span>modules<\/span>&gt;<\/font><\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\"><span>&nbsp; <\/span>&lt;\/<span>system.webServer<\/span>&gt;<\/font><\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><font size=\"3\"><font face=\"Calibri\"><span lang=\"EN\">&lt;\/<span>configuration<\/span>&gt;<\/span><span lang=\"EN\"><\/span><\/font><\/font><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">##################################################################<\/font><\/span><\/p>\n<p class=\"CodeCxSpLast\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">&nbsp;<\/font><\/span><\/p>\n<h2><font color=\"#4f81bd\" size=\"4\" face=\"Cambria\">Initialization Parameters Section<\/font><\/h2>\n<p class=\"MsoNormal\"><font size=\"3\" face=\"Calibri\">&nbsp;<\/font><\/p>\n<p class=\"MsoNormal\"><font size=\"3\" face=\"Calibri\">As discussed earlier PowerShell remoting uses WSMan for network transport. The web.config file is parsed by IIS and WSMan. WSMan gives whatever data that is under<span>&nbsp;&nbsp; <\/span>&lt;<\/font><span>InitializationParameters<\/span><span>&gt; <\/span><font size=\"3\" face=\"Calibri\">section to PowerShell. This section can contain only Name, Value pairs as showed in the web.config file above. The following Name(s) are understood by PowerShell:<\/font><\/p>\n<p class=\"MsoNormal\"><font size=\"3\" face=\"Calibri\">&nbsp;<\/font><\/p>\n<table class=\"MsoTableGrid\" border=\"1\" cellSpacing=\"0\" cellPadding=\"0\">\n<tbody>\n<tr>\n<td vAlign=\"top\" width=\"205\">\n<p class=\"MsoNormal\"><font size=\"3\"><font face=\"Calibri\"><b>Name<\/b><b><span><\/span><\/b><\/font><\/font><\/p>\n<\/td>\n<td vAlign=\"top\" width=\"150\">\n<p class=\"MsoNormal\"><font size=\"3\"><font face=\"Calibri\"><b>Value<\/b><b><span><\/span><\/b><\/font><\/font><\/p>\n<\/td>\n<td vAlign=\"top\" width=\"283\">\n<p class=\"MsoNormal\"><font size=\"3\"><font face=\"Calibri\"><b>Description<\/b><b><span><\/span><\/b><\/font><\/font><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td vAlign=\"top\" width=\"205\">\n<p class=\"MsoNormal\"><font size=\"3\"><font face=\"Calibri\">PSVersion<span><\/span><\/font><\/font><\/p>\n<\/td>\n<td vAlign=\"top\" width=\"150\">\n<p class=\"MsoNormal\"><font size=\"3\"><font face=\"Calibri\">2.0<span><\/span><\/font><\/font><\/p>\n<\/td>\n<td vAlign=\"top\" width=\"283\">\n<p class=\"MsoNormal\"><font size=\"3\"><font face=\"Calibri\">This is mandatory and value must be 2.0 for Powershell V2 release<span><\/span><\/font><\/font><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td vAlign=\"top\" width=\"205\">\n<p class=\"MsoNormal\"><font size=\"3\"><font face=\"Calibri\">StartupScript<span><\/span><\/font><\/font><\/p>\n<\/td>\n<td vAlign=\"top\" width=\"150\">\n<p class=\"MsoNormal\"><font size=\"3\"><font face=\"Calibri\">&lt;Full path of Script To execute&gt;<span><\/span><\/font><\/font><\/p>\n<\/td>\n<td vAlign=\"top\" width=\"283\">\n<p class=\"MsoNormal\"><font size=\"3\"><font face=\"Calibri\">Environment Variables can be used. This specifies the script to execute right after Runspace is created<span><\/span><\/font><\/font><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td vAlign=\"top\" width=\"205\">\n<p class=\"MsoNormal\"><font size=\"3\"><font face=\"Calibri\">PSSessionThreadOptions<span><\/span><\/font><\/font><\/p>\n<\/td>\n<td vAlign=\"top\" width=\"150\">\n<p class=\"MsoNormal\"><font size=\"3\"><font face=\"Calibri\">Default or UseNewThread or ReuseThread or UseCurrentThread<span><\/span><\/font><\/font><\/p>\n<\/td>\n<td vAlign=\"top\" width=\"283\">\n<p class=\"MsoNormal\"><font size=\"3\"><font face=\"Calibri\">Read PSThreadOptions Enum document for the behavior. Default is \u201cUseCurrentThread\u201d<span><\/span><\/font><\/font><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td vAlign=\"top\" width=\"205\">\n<p class=\"MsoNormal\"><font size=\"3\"><font face=\"Calibri\">PSSessionThreadApartmentState<span><\/span><\/font><\/font><\/p>\n<\/td>\n<td vAlign=\"top\" width=\"150\">\n<p class=\"MsoNormal\"><font size=\"3\"><font face=\"Calibri\">STA or MTA or Unknown<span><\/span><\/font><\/font><\/p>\n<\/td>\n<td vAlign=\"top\" width=\"283\">\n<p class=\"MsoNormal\"><font size=\"3\"><font face=\"Calibri\">See Runspace.ApartmentState for explanation<span><\/span><\/font><\/font><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td vAlign=\"top\" width=\"205\">\n<p class=\"MsoNormal\"><font size=\"3\"><font face=\"Calibri\">PSMaximumReceivedObjectSizeMB<span><\/span><\/font><\/font><\/p>\n<\/td>\n<td vAlign=\"top\" width=\"150\">\n<p class=\"MsoNormal\"><font size=\"3\"><font face=\"Calibri\">&lt;double&gt;<span><\/span><\/font><\/font><\/p>\n<\/td>\n<td vAlign=\"top\" width=\"283\">\n<p class=\"MsoNormal\"><font size=\"3\"><font face=\"Calibri\">PowerShell works with serialized Objects and this is used to limit the object size. This is to protect server from malicious clients sending huge deserialized object. The default is 10 (ie., 10MB)<span><\/span><\/font><\/font><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td vAlign=\"top\" width=\"205\">\n<p class=\"MsoNormal\"><font size=\"3\"><font face=\"Calibri\">PSMaximumReceivedDataSizePerCommandMB<span><\/span><\/font><\/font><\/p>\n<\/td>\n<td vAlign=\"top\" width=\"150\">\n<p class=\"MsoNormal\"><font size=\"3\"><font face=\"Calibri\">&lt;double&gt;<span><\/span><\/font><\/font><\/p>\n<\/td>\n<td vAlign=\"top\" width=\"283\">\n<p class=\"MsoNormal\"><font size=\"3\"><font face=\"Calibri\">This restricts the amount of data a command can expect as input from a remote client. The default is 50 (ie., 50MB)<span><\/span><\/font><\/font><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td vAlign=\"top\" width=\"205\">\n<p class=\"MsoNormal\"><font size=\"3\"><font face=\"Calibri\">AssemblyName<span><\/span><\/font><\/font><\/p>\n<\/td>\n<td vAlign=\"top\" width=\"150\">\n<p class=\"MsoNormal\"><font size=\"3\"><font face=\"Calibri\">&lt; assembly Name&gt; or &lt;Full Qualified assembly name if it is in GAC&gt;<span><\/span><\/font><\/font><\/p>\n<\/td>\n<td vAlign=\"top\" width=\"283\">\n<p class=\"MsoNormal\"><font size=\"3\"><font face=\"Calibri\">Used to provide customized InitialSessionState (Runspace Configuraiton) depending on the user connecting in<span><\/span><\/font><\/font><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td vAlign=\"top\" width=\"205\">\n<p class=\"MsoNormal\"><font size=\"3\"><font face=\"Calibri\">PSSessionConfigurationTypeName<span><\/span><\/font><\/font><\/p>\n<\/td>\n<td vAlign=\"top\" width=\"150\">\n<p class=\"MsoNormal\"><font size=\"3\"><font face=\"Calibri\">&lt;NameSpace Qualified type name&gt;<span><\/span><\/font><\/font><\/p>\n<\/td>\n<td vAlign=\"top\" width=\"283\">\n<p class=\"MsoNormal\"><font size=\"3\"><font face=\"Calibri\">This type is loaded to get the InitialSessionState. This type must derive from System.Management.Automation.Remoting.PSSessionConfiguration<span><\/span><\/font><\/font><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td vAlign=\"top\" width=\"205\">\n<p class=\"MsoNormal\"><font size=\"3\"><font face=\"Calibri\">ApplicationBase<span><\/span><\/font><\/font><\/p>\n<\/td>\n<td vAlign=\"top\" width=\"150\">\n<p class=\"MsoNormal\"><font size=\"3\"><font face=\"Calibri\">&lt;Fully qualified path&gt;<span><\/span><\/font><\/font><\/p>\n<\/td>\n<td vAlign=\"top\" width=\"283\">\n<p class=\"MsoNormal\"><font size=\"3\"><font face=\"Calibri\">Environment Variables can be used. This specifies the application base to use for assembly loading<span><\/span><\/font><\/font><\/p>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p class=\"MsoNormal\"><span><font size=\"3\" face=\"Calibri\">&nbsp;<\/font><\/span><\/p>\n<h2><font color=\"#4f81bd\" size=\"4\" face=\"Cambria\">Example PSSessionConfigurationType<\/font><\/h2>\n<p class=\"MsoNormal\"><font size=\"3\" face=\"Calibri\">&nbsp;<\/font><\/p>\n<p class=\"MsoNormal\"><font size=\"3\"><font face=\"Calibri\">******************************** ConfigProvider.cs ************************************<span><\/span><\/font><\/font><\/p>\n<p class=\"CodeCxSpFirst\"><font size=\"3\"><font face=\"Calibri\"><span lang=\"EN\">using<\/span><span lang=\"EN\"> System.Management.Automation;<\/span><\/font><\/font><\/p>\n<p class=\"CodeCxSpMiddle\"><font size=\"3\"><font face=\"Calibri\"><span lang=\"EN\">using<\/span><span lang=\"EN\"> System.Management.Automation.Runspaces;<\/span><\/font><\/font><\/p>\n<p class=\"CodeCxSpMiddle\"><font size=\"3\"><font face=\"Calibri\"><span lang=\"EN\">using<\/span><span lang=\"EN\"> System.Management.Automation.Remoting;<\/span><\/font><\/font><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">&nbsp;<\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><font size=\"3\"><font face=\"Calibri\"><span lang=\"EN\">namespace<\/span><span lang=\"EN\"> MyCompany.MyApp<\/span><\/font><\/font><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\">{<\/font><\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><font size=\"3\"><font face=\"Calibri\"><span lang=\"EN\"><span>&nbsp;&nbsp;&nbsp;&nbsp; <\/span>\/\/\/<\/span><span lang=\"EN\"> <\/span><span lang=\"EN\">&lt;summary&gt;<\/span><\/font><\/font><\/p>\n<p class=\"CodeCxSpMiddle\"><font size=\"3\"><font face=\"Calibri\"><span lang=\"EN\"><span>&nbsp;&nbsp;&nbsp;&nbsp; <\/span>\/\/\/<\/span><span lang=\"EN\"> Provides Default InitialSessionState.<\/span><\/font><\/font><\/p>\n<p class=\"CodeCxSpMiddle\"><font size=\"3\"><font face=\"Calibri\"><span lang=\"EN\"><span>&nbsp;&nbsp;&nbsp;&nbsp; <\/span>\/\/\/<\/span><span lang=\"EN\"> <\/span><span lang=\"EN\">&lt;\/summary&gt;<\/span><\/font><\/font><\/p>\n<p class=\"CodeCxSpMiddle\"><font size=\"3\"><font face=\"Calibri\"><span lang=\"EN\"><span>&nbsp;&nbsp;&nbsp; <\/span>internal<\/span><span lang=\"EN\"> <span>sealed<\/span> <span>class<\/span> <span>MyAppConfiguration<\/span> : <span>PSSessionConfiguration<\/span><\/span><\/font><\/font><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\"><span>&nbsp;&nbsp;&nbsp; <\/span>{<\/font><\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\"><span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <\/span><span>\/\/\/<\/span><span> <\/span><span>&lt;summary&gt;<\/span><\/font><\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\"><span>&nbsp;&nbsp;&nbsp; <\/span><span>&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span>\/\/\/<\/span><span> <\/span><\/font><\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\"><span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <\/span><span>\/\/\/<\/span><span> <\/span><span>&lt;\/summary&gt;<\/span><\/font><\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\"><span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <\/span><span>\/\/\/<\/span><span> <\/span><span>&lt;param name=&#8221;userPrincipal&#8221;&gt;&lt;\/param&gt;<\/span><\/font><\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\"><span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <\/span><span>\/\/\/<\/span><span> <\/span><span>&lt;returns&gt;&lt;\/returns&gt;<\/span><\/font><\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\"><span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <\/span><span>public<\/span> <span>override<\/span> <span>InitialSessionState<\/span> GetInitialSessionState(<span>PSPrincipal<\/span> userPrincipal)<\/font><\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\"><span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <\/span>{<\/font><\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\"><span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <\/span><span>return<\/span> <span>InitialSessionState<\/span>.CreateDefault();<\/font><\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\"><span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <\/span>}<\/font><\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\"><font face=\"Calibri\"><span>&nbsp;&nbsp;&nbsp; <\/span>}<\/font><\/font><\/span><\/p>\n<p class=\"CodeCxSpLast\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">}<\/font><\/span><\/p>\n<p class=\"MsoNormal\"><font size=\"3\" face=\"Calibri\">***********************************************************************************<\/font><\/p>\n<p><font face=\"Calibri\"><\/p>\n<p class=\"MsoNormal\"><span>Try it out and let us know what you think.<\/span><span><\/span><\/p>\n<p class=\"CodeCxSpFirst\"><span lang=\"EN\"><font size=\"3\">Thanks,<\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\">Krishna Vutukuri<\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\">Windows PowerShell Development Team<\/font><\/span><\/p>\n<p class=\"CodeCxSpMiddle\"><span lang=\"EN\"><font size=\"3\">&nbsp;<\/font><\/span><\/p>\n<p class=\"CodeCxSpLast\"><span lang=\"EN\"><font size=\"3\">This posting is provided \u201cAS IS\u201d with no warranties.<\/font><\/span><\/p>\n<p><\/font><\/p>\n<p class=\"Code\"><span lang=\"EN\"><font size=\"3\" face=\"Calibri\">&nbsp;<\/font><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>The features discussed in this blog post depend on PowerShell CTP3 release. Details about PowerShell CTP3 can be found at http:\/\/blogs.msdn.com\/powershell\/archive\/2008\/12\/23\/early-christmas-present-from-powershell-team-community-technology-preview-3-ctp3-of-windows-powershell-v2.aspx The Part 1 of this series concentrated on configuring PowerShell remoting through WinRM service. In this blog post, I will talk about configuring PowerShell through IIS, which we call as Fan-In. The WinRM service [&hellip;]<\/p>\n","protected":false},"author":600,"featured_media":13641,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1],"tags":[],"class_list":["post-4231","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-powershell"],"acf":[],"blog_post_summary":"<p>The features discussed in this blog post depend on PowerShell CTP3 release. Details about PowerShell CTP3 can be found at http:\/\/blogs.msdn.com\/powershell\/archive\/2008\/12\/23\/early-christmas-present-from-powershell-team-community-technology-preview-3-ctp3-of-windows-powershell-v2.aspx The Part 1 of this series concentrated on configuring PowerShell remoting through WinRM service. In this blog post, I will talk about configuring PowerShell through IIS, which we call as Fan-In. The WinRM service [&hellip;]<\/p>\n","_links":{"self":[{"href":"https:\/\/devblogs.microsoft.com\/powershell\/wp-json\/wp\/v2\/posts\/4231","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/devblogs.microsoft.com\/powershell\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/devblogs.microsoft.com\/powershell\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/powershell\/wp-json\/wp\/v2\/users\/600"}],"replies":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/powershell\/wp-json\/wp\/v2\/comments?post=4231"}],"version-history":[{"count":0,"href":"https:\/\/devblogs.microsoft.com\/powershell\/wp-json\/wp\/v2\/posts\/4231\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/powershell\/wp-json\/wp\/v2\/media\/13641"}],"wp:attachment":[{"href":"https:\/\/devblogs.microsoft.com\/powershell\/wp-json\/wp\/v2\/media?parent=4231"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/powershell\/wp-json\/wp\/v2\/categories?post=4231"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/powershell\/wp-json\/wp\/v2\/tags?post=4231"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}