How To Fix ​​​​Unable To Connect To The Server By Using Windows PowerShell Remoting

Are you encountering the frustrating error message “unable to connect to the server by using Windows PowerShell remoting”?

This issue can impede your ability to efficiently manage and administer remote servers using PowerShell. Fortunately, there are several troubleshooting steps and solutions available to address this challenge.

The error message read as “iwr : Unable to connect to the remote server
At line:1 char:1
+ iwr -useb https://christitus.com/win | iex
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo l a : InvalidOperation: (System.Net.HttpWebRequest) [Invoke-WebRequest], WebExc eption
+ FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.Powershell.Comands.InvokeWebRequestCommand”

In this blog, we’ll explore effective methods to resolve this issue and restore seamless connectivity through Windows PowerShell remoting. 

How To Fix ​​​​Unable To Connect To The Server By Using Windows PowerShell Remoting?

To fix ​​​​”Unable to connect to the server” by using Windows PowerShell remoting, you can change DNS settings, verify firewall settings, and validate WinRM server status. Additionally, you can modify the trusted hosts list, utilize https transport, confirm SPN registration, and review event viewer logs.

1. Change DNS Settings

DNS misconfigurations can impede the ability of your system to resolve the names of remote hosts, which is essential for PowerShell remoting. Changing the DNS settings to use a more reliable DNS server can sometimes resolve these connectivity issues.

Here are the steps to change DNS settings:

• Open the Control Panel and navigate to ‘Network and Sharing Center’.
• Click on ‘Change adapter settings’.
• Right-click your active network connection and select ‘Properties’.
• Highlight ‘Internet Protocol Version 4 (TCP/IPv4)’ and click ‘Properties’.
• Select ‘Use the following DNS server addresses’ and enter the new DNS server addresses.
• Click ‘OK’ to apply the changes.
• Open an elevated PowerShell prompt and run ipconfig /flushdns to clear the DNS cache.
• Retry the PowerShell remoting connection.

2. Verify Firewall Settings

Firewall settings can block WinRM communication, making it crucial to verify that they are configured correctly.

To verify firewall settings:

• Open Windows Firewall (run wf.msc).
• Go to ‘Inbound Rules’ and check for rules allowing ports 5985 and 5986.
• If absent, create new rules:

Click ‘New Rule…’, choose ‘Port’, and click ‘Next’.
Select ‘TCP’ and input ports 5985, 5986.
Choose ‘Allow the connection’, select network types, name the rule, and click ‘Finish’.

• Verify rules are enabled.
• Repeat for ‘Outbound Rules’ if needed.

3. Validate WinRM Service Status

The WinRM service needs to be active to use PowerShell remoting.

Follow these steps to validate WinRM Service Status:

• Launch PowerShell as admin.
• Run Get-Service WinRM to check status.
• If stopped, start with Start-Service WinRM.
• Set auto-start with Set-Service WinRM -StartupType Automatic.
• Confirm running status with Get-Service WinRM.
• The status should now be ‘Running’.

4. Modify Trusted Hosts List

Adding the remote host to TrustedHosts can help when dealing with authentication issues across different domains.

1. Open PowerShell as admin.
2. Add the remote host to TrustedHosts using Set-Item wsman:\localhost\Client\TrustedHosts -Value "remotehostname" -Concatenate.
3. Confirm the change with Get-Item wsman:\localhost\Client\TrustedHosts.

5. Utilize HTTPS Transport

Using HTTPS enhances security and can bypass some connectivity issues due to encryption.

Here are the steps for opting for HTTPS transport:

1. Install SSL certificate on the remote server.
2. Configure WinRM for HTTPS on the server (WinRM quickconfig -transport:https).
3. Connect securely from the client with Enter-PSSession -ComputerName "remotehostname" -UseSSL.

6. Confirm SPN Registration

Service Principal Names (SPNs) are required for Kerberos authentication to function properly. If the SPN for a service is not registered, or is incorrect, Kerberos authentication might fail.

Follow these steps to confirm SPN registration:

• Open an admin Command Prompt.
• Query SPN with setspn -Q HTTP/<remote_computer_name>.
• If needed, register SPN using setspn -A HTTP/<remote_computer_name> <domain>\<user>.
• Recheck with step 2 to confirm registration.

7. Review Event Viewer Logs

Event logs can provide detailed error information that can pinpoint the root cause of remoting issues.

1. Open Event Viewer (search for it in the Start menu or run eventvwr.msc).
2. In the left pane, expand ‘Windows Logs’.
3. Select ‘Application’ to view application-related logs.
4. Look for recent error or warning events related to WinRM or PowerShell.
5. Repeat the process for ‘System’ logs for system-related events.
6. Investigate the details of any relevant events to diagnose issues.

8. Experiment With Authentication Methods

When default authentication fails, trying alternative methods may establish a successful connection.

1. Launch PowerShell as admin.
2. Use Enter-PSSession or New-PSSession with -Credential (Get-Credential) to prompt for different user credentials.
3. Enter the username and password when prompted.
4. Attempt to establish the remote session with the new credentials.

9. Disable Firewalls Temporarily

Temporarily turning off firewalls can help troubleshoot connectivity issues, but ensure you re-enable them promptly after testing.

Here are the steps to disable firewalls:

1. Open ‘Windows Defender Firewall’ from the Control Panel.
2. Click ‘Turn Windows Defender Firewall on or off’.
3. Choose ‘Turn off’ for both private and public networks.
4. Test the PowerShell remoting session.
5. Reactivate the firewall immediately after testing.

10. Ensure System Updates

Keeping systems up-to-date can resolve compatibility issues that may affect PowerShell remoting. To do this,

1. Search for ‘Windows Update’ in the Start menu and open it.
2. Click ‘Check for updates’.
3. Install any available updates.
4. Restart the machines if prompted to complete the update process.

11. Leverage Microsoft Documentation

Microsoft’s comprehensive documentation can offer additional insights and solutions for complex issues.

Follow these steps to leverage Microsoft documentation:

• Visit the official Microsoft documentation website.
• Search for PowerShell remoting troubleshooting guides.
• Follow any additional recommended steps that are specific to your issue.

12. Contact Microsoft Customer Support

If all else fails, reaching out to professional support can help resolve complex issues with PowerShell remoting. To do this,

1. Collect error details and system info.
2. Go to the Microsoft support page.
3. Select ‘Contact Support’.
4. Choose the relevant support category.
5. Use the provided contact method to get in touch with support.