Help CenterIn enterprise environments, controlling Windows Remote Management (WinRM) settings is crucial for security and compliance. WinRM is the Microsoft implementation of the WS-Management protocol, which allows for remote management of Windows systems. However, certain configurations, such as allowing basic authentication, can pose security risks if not managed properly.
This article explores a PowerShell script designed to enforce a specific security setting for WinRM, particularly around the "AllowBasic" authentication setting. The script automates the process of ensuring that basic authentication is disabled on WinRM Client and Service configurations in the Windows Registry.
Here is the Script:
$keyPaths = @("HKLM:\SOFTWARE\Policies\Microsoft\Windows\WinRM\Client", "HKLM:\SOFTWARE\Policies\Microsoft\Windows\WinRM\Service")
$valueName = "AllowBasic"
$newValue = 0
foreach ($keyPath in $keyPaths) {
$currentValue = (Get-ItemProperty -Path $keyPath -Name $valueName).$valueName
if ($currentValue -ne $newValue) {
Write-Host "The AllowBasic value under $keyPath is not set to $newValue. Changing it now."
Set-ItemProperty -Path $keyPath -Name $valueName -Value $newValue -Type DWORD
exit 1
} else {
Write-Host "The AllowBasic value under $keyPath is already set to $newValue as a DWORD."
}
}