Before remoting can be used, it must be enabled. In a domain environment, remoting can be enabled using a group policy:

• Policy name: Allow remote server management through WinRM
• Path: Computer configurationAdministrative TemplatesWindows ComponentsWindows Remote Management (WinRM)WinRM Service

If remoting is enabled using a group policy, a firewall rule should be created to allow access to the service:

• Policy name: Define inbound port exceptions
• Path: Computer ConfigurationAdministrative TemplatesNetwork Network ConnectionsWindows FirewallDomain Profile
• Port exception example: 5985:TCP:*:enabled:WSMan

Windows remoting can be enabled on a per-machine basis using the Enable-PSRemoting command.

Remoting may be disabled in PowerShell using Disable-PSRemoting. Disabling remoting will show the following warning:

PS> Disable-PSRemoting

WARNING: Disabling the session configurations does not undo all the changes made by the Enable-PSRemoting or Enable-PSSessionConfiguration cmdlet. You might have to manually undo the changes by following these steps:
1. Stop and disable the WinRM service.
2. Delete the listener that accepts requests on any IP address.
3. Disable the firewall exceptions for WS-Management communications.
4.Restore the value of the LocalAccountTokenFilterPolicy to 0, which restricts remote access to members of the Administrators group on the computer.

If Enable-PSRemoting is run in the PowerShell 6 console, additional session configurations will be created that allow a choice of either Windows PowerShell (the default) or PowerShell Core when creating a remote session. Accessing PowerShell Core sessions is explored later in this chapter.