Configure Remote Machine for PowerShell Access

Configuring PowerShell machine is required for Offline Marketplace Download feature.

Remote PowerShell Machine

The machine in which the required PowerShell modules needs to be installed must be accessible to the VConnect resource provider VM.

The VM can be created within the Azure Stack tenant subscription or it can be provisioned outside Azure Stack. Choose a Window Server Data Center 2016 with at least 8 GB RAM and 4 vCPUs.

Install PowerShell modules

Open a new elevated (administrative) PowerShell console and follow below instructions.

[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls -bor [Net.SecurityProtocolType]::Tls11 -bor [Net.SecurityProtocolType]::Tls12 -bor [Net.SecurityProtocolType]::Tls13
Install-Module -Name Azs.Syndication.Admin -RequiredVersion 0.1.152-preview -AllowPrerelease

Allow Remote PowerShell execution

Run the following PowerShell cmdlets in the elevated PowerShell window.

  • Configure PS Remote access, WinRM using following script

[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls -bor [Net.SecurityProtocolType]::Tls11 -bor [Net.SecurityProtocolType]::Tls12 -bor [Net.SecurityProtocolType]::Tls13
Enable-PSRemoting -Force
WinRM quickconfig
WinRM set winrm/config/winrs '@{MaxShellsPerUser="500"}'
Set-Item -Path WSMan:\localhost\Plugin\microsoft.powershell\Quotas\MaxShells -Value 500
Set-Item -Path WSMan:\localhost\Plugin\microsoft.powershell\Quotas\MaxShellsPerUser -Value 500
Set-Item -Path WSMan:\localhost\Plugin\microsoft.powershell32\Quotas\MaxShells -Value 500
Set-Item -Path WSMan:\localhost\Plugin\microsoft.powershell32\Quotas\MaxShellsPerUser -Value 500
Restart-Service winrm

VConnect Resource Provider Machine

To execute PowerShell cmdlets from VConnect Resource Provider VM to Remote PowerShell machine, the remote machine IP must be trusted in WinRM inside the VConnect Resource Provider VM.

  • Execute the following PowerShell cmdlets in the VConnect Resource Provider VM.

WinRM quickconfig
winrm set winrm/config/client '@{AllowUnencrypted="true"}'
winrm set winrm/config/winrs '@{MaxShellsPerUser="500"}'
winrm set winrm/config/client '@{TrustedHosts ="REPLACE POWERSHELL CONFIGURED MACHINE IP HERE"}'
Restart-Service winrm

Set AllowUnencrypted="true" as needed.

Replace TrustedHosts ="REPLACE POWERSHELL CONFIGURED MACHINE IP HERE" with IP of the machine used in 'Configure Remote PowerShell Machine' step