PSRemoting allows you to run commands on remote computers just as if you were sitting in front of them. You could see it as the Windows SSH service.

Enabling PSRemoting

  1. Login to WS01 as the Administrator user with password Welcome01!.

  2. Start PowerShell as administrator and run the following command:


The Enable-PSRemoting cmdlet performs the following operations:

Users of the local Administrators or Remote Management Users groups can connect to the machine.

Giving a normal user access to the service

Local admin acces is not required, it is possible as a normal user if its part of the Remote Management Group.

  1. Add John to the Remote Management Users on WS01 by executing the following command:

net localgroup "Remote Management Users" john /add


  1. Login to DC01 as the Administrator user with password Welcome01!

  2. Start PowerShell and run the following command to connect to WS01 as Administrator:

Enter-PSSession ws01

3. Create a PSCredential for the user John with the password Welcome2022! using the Get-Credential command.

$creds = Get-Credential

4. Run the following command to connect to WS01 as John:

Enter-PSSession WS01 -Credential $creds

Read more about PSRemoting and lateral movement:


Last updated