Monday, February 15, 2010

Remoting with PowerShell in SharePoint 2010

SharePoint 2010 introduces PowerShell as the command line scripting tool for SharePoint. This replaces all other command line executables (like stsadm). Stsadm will still be supported in SharePoint 2010, but there are no guarantees for future SharePoint releases. It's time to learn PowerShell.

Background on Remoting into a SharePoint 2010 Server using PowerShell
With SharePoint 2010, you can RDP into one of your SharePoint servers (as you always have) to run your administrative commands, or you can remote using PowerShell.

Setup your Remote Server
There are a few steps you have to take on your server to initialize it for remoting. You only have to run these commands once.

First, you need to run the following command on your server.


You are going to be connecting with your credentials using CredSSP. So, run this command on your server:

Enable-WSmanCredSSP -Role Server

Setup your Client Computer
There are also a few one time setup steps you need to take on your client computer. You only have to do this once.

First, edit group policy on your client computer to all credential delegation. Using gpedit.msc, enable both of the following (Under Local Computer Policy--> Computer Configuration--> Administrative Templates--> System--> Credentials Delegation):
  • Allow Delegating Fresh Credentials
  • Allow Delegating Fresh Credentials with NTLM-only Server Authentication

Second, run the following command


Third, enable WSMan CredSSP with the following command:

Enable-WSManCredSSP -Role Client -DelegateComputer

Start Remoting on you Client Computer
Now your client computer is ready to actually create the session and import the SharePoint commands from the Server. The next couple of commands create the connection to the server and intiate a PowerShell session:

$c = Get-Credential \
$session = New-PSSession -Authentication CredSSP -Credential $c

The next command adds the SharePoint PowerShell commands to your session.

Invoke-Command -Session $session -ScriptBlock{Add-PsSnapin Microsoft.SharePoint.PowerShell}

Note, that at this point, you can run whatever administrative PowerShell commands you need to run by using the Invoke-Command -Session $session -ScriptBlock{} syntax, but we are going to take it one step further and actually import the SPFarm command from the server session to the client.

The following command will import all of the SPFarm commands into your client session and attach a prefix of "Remote" to the noun

Import-PSSession -Session $session -CommandName *-SPFarm -Prefix Remote

So, now we can run Get-RemoteSPFarm

Once you have setup your client and server machines, you can add the session creation commands to your profile so that they are loaded each time you open PowerShell. I showed how to import the SPFarm command here, but you can import any command available in the session.