Remote SharePoint PowerShell for On-Premises

Blog written by: 
Dhaval Shah
SharePoint & .Net Consultant

Intro

As you may already know, using PowerShell to manage SharePoint has incredible benefits. Being able to run PowerShell REMOTELY (not directly on the server) can offer even more benefits as you may need to manage multiple servers & environments, having a central spot to manage them remotely can be very helpful. In addition, remotely running PowerShell offers security benefits by preventing unnecessary access to server desktops. This can be a huge benefit for organizations that want to keep a tighter and more secure environment.

Executing PowerShell remotely for SharePoint using cmdlets can help you centralize your code, such as using one script to run on one machine, but it may update several farm servers at once since it can be done remotely.

Now, let’s look at how PowerShell can be executed remotely for SharePoint on-premises.

NOTE: We also have a blog for Remote PowerShell for SharePoint Online here.

Set Up Your Remote Server (SharePoint App or Web Front End)
  • First, you must have PowerShell 2.0 installed on the SharePoint Server, it’s usually already installed.
    • https://msdn.microsoft.com/en-us/library/ff637750(v=azure.10).aspx
  • Second, you need to check whether the PowerShell Remoting is enabled.
    • For this, you need to make sure the WINRM service is started and set to start automatically.
      WinrRM Service.PNG
  • Also, a firewall rule must be enabled to allow communication with the server. Make sure you’re running the Powershell as Administrator
    • You can run the command Enable-PSRemoting on your server.
  • Then, you must inform PowerShell that your server machine or remote machine will act as the Remote Server.
    • Enable-WSmanCredSSP -Role Server
      Enable-WSManCredSSP-Server.PNG
  • Execute the commands below, one after the other.
    winrm set winrm/config/winrs ‘@{MaxShellsPerUser=”25″}’
    winrm set winrm/config/winrs ‘@{MaxMemoryPerShellMB=”600″}’
  • Execute the command below to grant the user access to the SharePoint content database.
    Get-SPDatabase | Add-SPShellAdmin DOMAIN\UserName
  • Execute the  command below to Set the Remote PowerShell configuration for the user.
    Set-PSSessionConfiguration -Name Microsoft.PowerShell32 –ShowSecurityDescriptorUI
  • It will launch the permission dialog and add the user you want to give the permission to Read and Execute.
    Set-PSSessionConfiguration.PNG
Set Up Your Client Computer
  • Here, too, you need to run the command Enable-PSRemoting.
  • After that, enable WSman CredSSP with the command: Enable-WSmanCredSSP – Role Client – DelegateComputer “NameofServer.”
  • Once this is done, you can remotely run all commands for SharePoint. When you run the “Enable-PSRemoting” command for the first time, it will ask to execute all the commands above automatically.Enable-PSRemoting.PNG
  • To make sure everything is fine, it will ask to execute the commands anyway. If all these steps are not executed, it will execute them correctly as shown below.
    Enable-PSRemoting-Success
  • Now, in order to send the user credentials from the client computer to the remote SharePoint server, you’ll have to enable CredSSP Authentication. Execute the  command Enable-WSManCredSSP -Role client -DelegateComputer “<FQDN of the SharePoint Server>”Enable-WSManCredSSP.PNGNote : To find the fully qualified domain name of the SharePoint server, execute the command below.
    ping -a “<IP Address of the SharePoint Server>”
  • Now let’s get the credential of the admin user for the logged-in user on the client machine. Execute the command $cred=get-Credential. See below.get-Credential.PNG
  • It will prompt you to enter the user’s credential. Enter the admin user’s credential.
    AdminCredentials.PNG
  • Now execute the commands below to create the PowerShell session for the remote SharePoint server.
    $s=new-PSsession “<FQDN of the SharePoint Server>” -authentication credssp -credential $cred
  • Execute the commands below. They will return all the content database from the SharePoint server and all the SharePoint services on the server.

                    Invoke-Command -Session $s -ScriptBlock {Add-PSSnapin
Microsoft.SharePoint.PowerShell;}

                    Invoke-Command -Session $s -ScriptBlock {get-SPContentDatabase}

                    Invoke-Command -Session $s -ScriptBlock {get-spserviceinstance}

  • If any of the commands give an error, then please verify the configuration and access as described above.
  • Now finally, to enter to the PowerShell mode of the Remote SharePoint Server, Execute the command below.
    Enter-PSSession -session $s
  • On successful execution, you’ll see the remote SharePoint server name and the directory path on the SharePoint server.

Additional Access on the Web Application

Log in to the remote SharePoint server and execute the commands below to give access to the user account.

$webApp = Get-SPWebApplication -Identity <Web App Url>
$webApp.GrantAccessToProcessIdentity(‘<domain\username>’)

Creating the Document Library

Now, since we’ve entered the Powershell of the remote SharePoint server from the client server, we can execute the normal SharePoint commands directory from the PowerShell.
Execute the command lines below on the Remote PowerShell of the client server.

$spWeb = Get-SPWeb -Identity ‘http://dwgsasc2tm0205:1111/’
$spListCollection = $spWeb.Lists
Write-Host “Creating Library – $LibraryName”
$spListCollection.Add($LibraryName, $Description, $LibraryTemplate)
$spLibrary = $spWeb.GetList($spWeb.ServerRelativeUrl+”/”+”$LibraryName”)
Write-Host “Document Library created succesfully. . . “

CreateSPDocLibraryRemotePowershell.png

When you log into the site, you can see the new document library created using the remote PowerShell.

Remote Document Library.png

There are significant advantages of running PowerShell remotely for SharePoint rather than the traditional method of running it on the server, such as flexibility of performing multiple actions against each server from a central machine, improved security architecture, and better scalability.

I hope you found this article useful!

Do you use SharePoint? Try our toolkit
Download SharePoint Essentials Toolkit Now
Download the SharePoint Essentials Toolkit
Follow me

Dhaval Shah - MCD, MCSD

SharePoint and Dot Net Consultant at QiPoint
Dhaval Shah (Houston, TX USA) has more than 9 Years of professional experience working as a SharePoint and Dot Net Consultant. He has worked on 30+ projects dealing with more than 15+ clients. He has a special focus on developing and implementing enterprise-level business solutions, built on SharePoint, Dot net and the Microsoft technology stack involving MVC apps, Web API and REST services.

View his professional profile on linked in
https://www.linkedin.com/in/dhavalshah27/
Follow me

Leave a Reply