You may want to read these posts before:

· How to install PoshCAT

· Building PoshCAT Part 1 – Create different Client Actions lists

· Building PoshCAT Part 2 – Adding your own custom functions

One of the most important thing you need to know before you start using PoshCAT is that it relies on PowerShell remoting. If you don’t configure PowerShell remoting on your computers, then the Client Actions will fail. In this post I will show how you can enable PowerShell remoting through Group Policy but you can also configure it manually.

To enable PowerShell remoting manually you need to run PowerShell Console as an administrator and execute the following command:

Enable-PSRemoting

You can enable PowerShell remoting through Group Policy settings for following operating systems:

· Windows Vista/2008

· Windows 7/2008 R2

· Windows 8/2012

· Windows 8.1/2012 R2

To enable PowerShell remoting for Windows XP or Server 2003 you need to create Computer Startup Script that runs the following command:

Enable-PSRemoting -Force

Enabling PowerShell remoting through Group Policy

1. Open Group Policy Management

2. Create a new Group Policy Object, for example PowerShell Settings

3. Open PowerShell Settings GPO with Group Policy Management Editor

4. Expand Computer Configuration; expand Policies; expand Administrative Templates; expand Windows Components; expand Windows Remote Management (WinRM)

5. Select WinRM Service

6. Open “Allow remote server management through WinRM” setting

7. Enable the Policy and set the IPv4 and IPv6 filter values to *

WinRM_Service_GPO_2

8. Click OK

9. Navigate to Windows Settings; expand Security Settings and select System Services

10. Select Windows Remote Management (WS-Management) Service and set the startup mode to Automatic

WinRM_Service_GPO

11. Click OK

12. Close the Group Policy Editor

13. Link the PowerShell Settings GPO to correct OU for testing

14. Reboot test computers

Note: You can configure Windows Services through Group Policy Preferences also and if Firewall is also enabled in your environment, then you need to configure Firewall exceptions also.

Testing remote commands with PowerShell

Now log in to another machine and execute the following commands through PowerShell console or PowerShell ISE against the test machine(s).

#TEST 1

Get-WmiObject -Class Win32_Share -ComputerName PC0002

#TEST 2

Get-Service -Name Winmgmt -ComputerName PC0002

#TEST 3

Invoke-Command -ScriptBlock {Get-Service -Name Winmgmt} -ComputerName PC0002

If these commands does not fail, then your Group Policy is configured correctly and you can continue testing with PoshCAT