Private/AddWinRMTrustLocalHost.ps1
|
function AddWinRMTrustLocalHost { [CmdletBinding()] Param ( [Parameter(Mandatory=$False)] [string]$NewRemoteHost = "localhost" ) # Make sure WinRM in Enabled and Running on $env:ComputerName try { $null = Enable-PSRemoting -Force -ErrorAction Stop } catch { if ($PSVersionTable.PSEdition -eq "Core") { Import-WinModule NetConnection } $NICsWPublicProfile = @(Get-NetConnectionProfile | Where-Object {$_.NetworkCategory -eq 0}) if ($NICsWPublicProfile.Count -gt 0) { foreach ($Nic in $NICsWPublicProfile) { Set-NetConnectionProfile -InterfaceIndex $Nic.InterfaceIndex -NetworkCategory 'Private' } } try { $null = Enable-PSRemoting -Force } catch { Write-Error $_ Write-Error "Problem with Enable-PSRemoting WinRM Quick Config! Halting!" $global:FunctionResult = "1" return } } # If $env:ComputerName is not part of a Domain, we need to add this registry entry to make sure WinRM works as expected if (!$(Get-CimInstance Win32_Computersystem).PartOfDomain) { $null = reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v LocalAccountTokenFilterPolicy /t REG_DWORD /d 1 /f } # Add the New Server's IP Addresses to $env:ComputerName's TrustedHosts $CurrentTrustedHosts = $(Get-Item WSMan:\localhost\Client\TrustedHosts).Value [System.Collections.ArrayList][array]$CurrentTrustedHostsAsArray = $CurrentTrustedHosts -split ',' $HostsToAddToWSMANTrustedHosts = @($NewRemoteHost) foreach ($HostItem in $HostsToAddToWSMANTrustedHosts) { if ($CurrentTrustedHostsAsArray -notcontains $HostItem) { $null = $CurrentTrustedHostsAsArray.Add($HostItem) } else { Write-Warning "Current WinRM Trusted Hosts Config already includes $HostItem" return } } $UpdatedTrustedHostsString = $($CurrentTrustedHostsAsArray | Where-Object {![string]::IsNullOrWhiteSpace($_)}) -join ',' Set-Item WSMan:\localhost\Client\TrustedHosts $UpdatedTrustedHostsString -Force } |