General - Windows Remote Management

~~Ein~~A ~~Großteil~~large ~~der~~part ~~Client-Management-Funktionen~~of ~~werden~~the ~~per~~client management functions are executed via remote PowerShell ~~mittels~~using ~~WinRM~~WinRM. ~~ausgeführt.~~The ~~Die~~clients zuto ~~verwaltenden~~be ~~Clients~~managed ~~müssen~~must ~~dafür~~be ~~konfiguriert~~configured ~~werden.~~for this.

~~Informationen~~Information zuabout Windows Remote Management

KonfigurationConfiguration aufon einema zuclient verwaltenento Clientbe managed

~~Commandline-Aufruf:~~Commandline call: winrm qc -quiet -transport:http –force

~~dadurch~~thereby ~~wird~~becomes ...

~~der~~the ~~WinRM-Dienst~~WinRM ~~gestartet~~service ~~und~~is ~~dessen~~started ~~Starttyp~~and ~~auf~~its ~~automatisch~~startup ~~gesetzt~~type is set to automatic
~~ein~~a ~~„Listener“~~"listener" ~~erzeugt~~is umcreated ~~eingehende~~to ~~Verbindungen~~accept zuincoming ~~akzeptieren~~connections
~~der~~the ~~Standardport~~default ~~auf~~port is set to 5985 ~~gesetzt~~
~~eine~~added ~~Firewall-Regel~~a ~~hinzugefügt~~firewall rule

~~Aus~~For ~~Sicherheitsgründen~~security ~~kann~~reasons ~~der~~the ~~Port~~port ~~verändert~~can ~~werden.~~be ~~Dazu~~changed. ~~muss~~The ~~folgender~~following ~~Commandline-Aufruf~~command ~~erfolgen:~~line call must be made for this purpose:

winrm set winrm/config/Listener?Address=*+Transport=HTTP @{Port="1234"}

~~Daraufhin~~The ~~sollte~~firewall ~~die~~rule ~~Firewall-Regel~~should ~~entsprechend~~then ~~für~~be ~~diesen~~adjusted ~~Port~~accordingly ~~angepasst~~for ~~werden.~~this port.

SignierteSigned PowerShell-SkriptePowerShell undscripts unterschiedlicheand Domänendifferent domains

~~Wenn~~If ~~Ihre~~your ~~Domänen-Sicherheitsrichtlinien~~domain ~~signierte~~security ~~PowerShell-Skripte~~policies ~~erfordern,~~require ~~müssen~~signed ~~Sie~~PowerShell ~~alle~~scripts, ~~Skripte~~you ~~innerhalb~~must ~~des~~customize ~~PS1-Verzeichnisses~~all ~~der~~scripts within the PS1 directory of the SCCM Manager ~~Serverinstallation~~server ~~anpassen.~~installation.

{~~Installationspfad}~~Installationpath}\PS1\DEFAULT

~~Wenn~~If ~~Sie~~you ~~Clients~~want to manage clients in ~~unterschiedlichen~~different ~~Domänen~~domains ~~verwalten~~and ~~wollen~~the ~~und~~scripts ~~die~~need ~~Skripte~~to ~~dementsprechend~~be ~~unterschiedlich~~signed ~~signiert~~differently ~~werden~~accordingly, ~~müssen,~~proceed ~~gehen~~as ~~Sie wie folgt vor.~~follows.

~~Verzeichnis~~Copy directory "DEFAULT" ~~kopieren~~and ~~und~~rename into ~~Domänenname~~domain ~~umbenennen~~name (~~Beispiel:~~example: SMCTEAM.DE)
~~Skripte~~Sign ~~innerhalb~~scripts ~~des~~within ~~neuen~~the ~~Skriptverzeichnisses~~new ~~entsprechend~~script ~~signieren~~directory accordingly
InEnable ~~der Webservice-Konfiguration den Wert~~the PSEnabledDomainFolderLookup ~~aktivieren~~value in the web service configuration.
~~Wenn~~If ~~die~~the ~~jeweilige~~respective ~~Domäne~~domain ~~eines~~of ~~Clients~~a ~~nun~~client ~~richtig~~can ~~aufgelöst~~now ~~werden~~be ~~kann,~~resolved ~~wird~~correctly, ~~das~~the ~~jeweils~~respective ~~passende~~matching ~~Skript-Verzeichnis~~script ~~herangezogen.~~directory is used.