Windows Remote Management

winrs
Developer(s)	Microsoft
Operating system	Microsoft Windows
Type	Command
License	Proprietary commercial software
Website	docs.microsoft.com/en-us/windows-server/administration/windows-commands/winrs

WinRM (Windows Remote Management)
Developer(s)	Microsoft
Operating system	Microsoft Windows
Type	Application programming interface
License	Proprietary commercial software
Website	docs.microsoft.com/en-us/windows/win32/winrm/portal

Last updated March 24, 2025

Windows Remote Management (WinRM) is the Microsoft implementation of the DMTF-standard WS-Management. It allows accessing or exchanging management information across a common network. Utilizing scripting objects or the built-in command-line tool, WinRM can be used with any remote computers that may have baseboard management controllers (BMCs) to acquire data. On Windows-based computers including WinRM, certain data supplied by Windows Management Instrumentation (WMI) can also be obtained.^[1]

Components

WinRM Scripting API: Provides an Application programming interface enabling scripts to remotely acquire data from computers that perform WS-Management operations.
winrm.cmd: Built-in systems management command line tool allowing a machine operator to configure WinRM. Implementation consists of a Visual Basic Scripting (VBS) Edition file (Winrm.vbs) which is written using the aforementioned WinRM scripting API.
winrs.exe: Another command line tool allowing the remote execution of most Cmd.exe commands. This tool utilizes the WS-Management protocol.
Intelligent Platform Management Interface (IPMI) driver: Provides hardware management and facilitates control of remote server hardware through BMCs. IPMI is most useful when the operating system is not running or deployed as it allows for continued remote operations of the bare metal hardware/software.
WMI plug-in: Allows WMI data to be made available to WinRM clients.^[2]
WMI service: Leverages the WMI plug-in to provide requested data or control and can also be used to acquire data from most WMI classes. Examples include the Win32_Process, in addition to any IPMI-supplied data.
WS-Management protocol: Web Services Management is a DMTF open standard defining a SOAP-based protocol for the management of servers, devices, applications and various Web services. WS-Management provides a common way for systems to access and exchange management information across the IT infrastructure.^[3]

Ports: By default WinRM HTTPS used 5986 port, and HTTP uses 5985 port. By default, port 5985 is in listening mode, but port 5986 has to be enabled.

Common uses

Ansible communicates with Windows servers over WinRM using the Python pywinrm package and can remotely run PowerShell scripts and commands.^[4]

Thycotic's Secret Server also leverages WinRM to enable PowerShell remoting.^[5]

SolarWinds Server and Application Monitoring software (SAM) utilizes a WinRM server on monitored servers for its PowerShell integration.^[6]

CloudBolt leverages WinRM as part of Blueprints, Server Actions, and CB Plugins to execute remote scripts on Windows servers using the python pywinrm module.^[7]

Security

WinRM uses Kerberos for initial authentication by default. This ensures that actual credentials are never sent in client-server communications, instead relying on features such as hashing and tickets to connect.^[8] Although WinRM listeners can be configured to encrypt all communications using HTTPS, with the use of Kerberos, even if unencrypted HTTP is used, all communication is still encrypted using a symmetric 256-bit key after the authentication phase completes. Using HTTPS with WinRM allows for additional security by ensuring server identity via SSL/TLS certificates thereby preventing an attacker from impersonating it.^[9]

References

↑ windows-sdk-content. "Windows Remote Management - Windows applications". docs.microsoft.com. Retrieved 2019-02-21.
↑ windows-sdk-content. "Windows Remote Management Glossary - Windows applications". docs.microsoft.com. Retrieved 2019-02-21.
↑ windows-sdk-content. "About Windows Remote Management - Windows applications". docs.microsoft.com. Retrieved 2019-02-21.
↑ "Windows Remote Management — Ansible Documentation". docs.ansible.com. Retrieved 2019-02-21.
↑ "Thycotic Support". thycotic.force.com. Retrieved 2019-02-21.
↑ "Create a WinRM HTTPS listener". SolarWinds Worldwide, LLC. Help and Support. 2016-03-24. Retrieved 2019-02-24.
↑ "Remote Scripts — CloudBolt 8.7 Documentation". docs.cloudbolt.io. Retrieved 2019-06-04.
↑ "How To: Configure WINRM for HTTPS". support.microsoft.com. Retrieved 2019-02-24.
↑ FoxDeploy (2017-02-08). "Is WinRM Secure or do I need HTTPs?". FoxDeploy.com. Retrieved 2019-02-24.

External links

Windows Remote Management - Windows applications | Microsoft Docs

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.

[1] windows-sdk-content. "Windows Remote Management - Windows applications". docs.microsoft.com. Retrieved 2019-02-21.

[2] windows-sdk-content. "Windows Remote Management Glossary - Windows applications". docs.microsoft.com. Retrieved 2019-02-21.

[3] windows-sdk-content. "About Windows Remote Management - Windows applications". docs.microsoft.com. Retrieved 2019-02-21.

[4] "Windows Remote Management — Ansible Documentation". docs.ansible.com. Retrieved 2019-02-21.

[5] "Thycotic Support". thycotic.force.com. Retrieved 2019-02-21.

[6] "Create a WinRM HTTPS listener". SolarWinds Worldwide, LLC. Help and Support. 2016-03-24. Retrieved 2019-02-24.

[7] "Remote Scripts — CloudBolt 8.7 Documentation". docs.cloudbolt.io. Retrieved 2019-06-04.

[8] "How To: Configure WINRM for HTTPS". support.microsoft.com. Retrieved 2019-02-24.

[9] FoxDeploy (2017-02-08). "Is WinRM Secure or do I need HTTPs?". FoxDeploy.com. Retrieved 2019-02-24.

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]