一. windows server需要開啟winrm服務

PS C:\Users\Administrator> winrm enumerate winrm/config/listener
Listener
    Address = *
    Transport = HTTP
    Port = 5985
    Hostname
    Enabled = true
    URLPrefix = wsman
    CertificateThumbprint
    ListeningOn = 127.0.0.1, 172.16.1.101, ::1

二. 開啟遠端管理許可權

PS C:\Users\Administrator> winrm quickconfig
已在此計算機上執行 WinRM 服務。
WinRM 沒有設定成為了管理此計算機而允許對其進行遠端訪問。
必須進行以下更改:

配置 LocalAccountTokenFilterPolicy 以遠端向本地使用者授予管理許可權。

執行這些更改嗎[y
 
/n]? y

WinRM 已經進行了更新，以用於遠端管理。

已配置 LocalAccountTokenFilterPolicy 以遠端向本地使用者授予管理許可權。

三. 配置基本驗證服務

# 遇到坑
PS C:\Users\Administrator> winrm set winrm/config/service/auth @{Basic="true"}
錯誤: Invalid use of command line. Type "winrm -?" for help.

# 這個才是正確的
PS C:\Users\Administrator> winrm set winrm/config/service/auth '
 
@{Basic="true"}'
Auth
    Basic = true
    Kerberos = true
    Negotiate = true
    Certificate = false
    CredSSP = false
    CbtHardeningLevel = Relaxed

四. 配置非加密服務

PS C:\Users\Administrator> winrm set winrm/config/service '@{AllowUnencrypted="true"}'
Service
    RootSDDL = O:NSG:BAD:P(A;;GA;;;BA)(A;;GR;;;IU)S:P(AU;FA;GA;;;WD)(AU;SA;GXGW;;;WD)
    MaxConcurrentOperations 
 
= 4294967295
    MaxConcurrentOperationsPerUser = 1500
    EnumerationTimeoutms = 240000
    MaxConnections = 300
    MaxPacketRetrievalTimeSeconds = 120
    AllowUnencrypted = true
    Auth
        Basic = true
        Kerberos = true
        Negotiate = true
        Certificate = false
        CredSSP = false
        CbtHardeningLevel = Relaxed
    DefaultPorts
        HTTP = 5985
        HTTPS = 5986
    IPv4Filter = *
    IPv6Filter = *
    EnableCompatibilityHttpListener = false
    EnableCompatibilityHttpsListener = false
    CertificateThumbprint
    AllowRemoteAccess = true