Insert Remote PowerShell Commands

Endpoint Privilege Management for Windows provides an additional level of granularity for management of remote PowerShell cmdlets to ensure you can execute these commands without local administrator privileges on the target computer.

Get-service -Name *time* | restart-Service –PassThru

Endpoint Privilege Management for Windows allows you to target specific command strings and assign privileges to the command without granting local admin rights to the user. Commands can also be blocked if they are not authorized or allowed. All remote PowerShell commands are fully audited for visibility.

To allow standard users to connect to a remote computer with Windows Remote Management, or WinRM (a privilege normally reserved for local administrator accounts), it is necessary to enable the General Rule Enable Windows Remote Management Connections. This rule grants standard users, who match the Endpoint Privilege Management for Windows Workstyle, the ability to connect using WinRM, and can be targeted to specific users, groups of users, or computers using Workstyle filters.

  1. Select the Application Group you want to add the application to.
  2. Right-click and select Insert Application > Remote PowerShell Command.
  3. You can leave the Select reference script file blank to match on all applications of this files, type in a specific name or path manually, or click Browse Cmdlets. This lists the PowerShell cmdlets for the version of PowerShell that you installed. If the cmdlet you want to use is not listed because the target version of PowerShell is different, you can manually enter it.
  4. Enter a description, if required. By default, this is the name of the application you're inserting.
  5. You need to configure the matching criteria for the PowerShell command. You can configure:
    • Command Line matches: PowerShell removes double quotes from the Command Line before it is sent to the target. Command Line definitions that include double quotes are not matched by Endpoint Privilege Management for Windows for remote PowerShell commands.
  6. Click OK. The application is added to the Application Group.

For more information, see the following:

Messaging

Endpoint Privilege Management for Windows end user messaging includes limited support for remote PowerShell sessions; block messages can be assigned to Workstyle rules, which block remote PowerShell scripts and commands. If a block message is assigned to a Workstyle, which blocks a script or command, then the body message text of an assigned message is displayed in the remote console session as an error.