Tag Archives: SkipCNCheck

New-WSManSessionOption

NAME
    New-WSManSessionOption

SYNOPSIS
    Creates a WS-Management session option hash table to use as input parameters to the following WS-Management cmdlets:
    Get-WSManInstance
    Set-WSManInstance
    Invoke-WSManAction
    Connect-WSMan

SYNTAX
    New-WSManSessionOption [-NoCompression <switch>] [-NoProxy <switch>] [-ProxyAuthentication <string>] [-ProxyPassword <string>] [-ProxyUserName <string>] [-SkipCACheck <switch>] [-SkipCNCheck <switch>] [-SkipRevocation <switch>] [-SPNPort <int>] [-Timeout <int>] [-UnEncrypted <switch>] [-UseIEProxyconfig <switch>] [-UseProxyAutoDetection <switch>] [-UseWinHTTPProxyConfig <switch>] [-UTF16 <switch>] [<CommonParameters>]

DESCRIPTION
    Creates a WSMan Session option hashtable which can be passed into WSMan cmdlets:
    Get-WSManInstance
    Set-WSManInstance
    Invoke-WSManAction
    Connect-WSMan

PARAMETERS
    -NoCompression <switch>
        Turns off packet compression in the session. Compression is enabled by default and the packets sent between the client and server are compressed. Compression uses more processor cycles, but it makes transmission faster.

        Required?                    false
        Position?                    named
        Default value                False
        Accept pipeline input?     false
        Accept wildcard characters? false

    -NoProxy <switch>
        Do not use a proxy server. All all host names will be resolved locally.

        Required?                    false
        Position?                    named
        Default value
        Accept pipeline input?     false
        Accept wildcard characters? false

    -ProxyAuthentication <string>
        Specifies the authentication method to use at the proxy. Possible values are:

        – Basic: Basic is a scheme in which the user name and password are sent in clear-text to the server or proxy.
        – Digest: Digest is a challenge-response scheme that uses a server-specified data string for the challenge.
        – Negotiate (the default): Negotiate is a challenge-response scheme that negotiates with the server or proxy to determine which scheme to use for authentication. Examples are the Kerberos protocol and NTLM.

        Required?                    false
        Position?                    named
        Default value                Negotiate
        Accept pipeline input?     false
        Accept wildcard characters? false

    -ProxyPassword <string>
        Specifies a password to to be used for proxy authentication.

        Required?                    false
        Position?                    named
        Default value
        Accept pipeline input?     false
        Accept wildcard characters? false

    -ProxyUserName <string>
        Specifies a user name to to be used for proxy authentication.

        Required?                    false
        Position?                    named
        Default value
        Accept pipeline input?     false
        Accept wildcard characters? false

    -SkipCACheck <switch>
        Specifies that when connecting over HTTPS, the client does not validate that the server Certificate is signed by a trusted Certificate authority (CA). Use this option only when the remote computer is trusted by other means, for example, if the remote computer is part of a network that is physically secure and isolated or the remote computer is listed as a trusted host in the WS-Management configuration.

        Required?                    false
        Position?                    named
        Default value
        Accept pipeline input?     false
        Accept wildcard characters? false

    -SkipCNCheck <switch>
        Specifies that the Certificate common name (CN) of the server does not need to match the hostname of the server. This is used only in remote operations using HTTPS. This option should only be used for trusted computers.

        Required?                    false
        Position?                    named
        Default value
        Accept pipeline input?     false
        Accept wildcard characters? false

    -SkipRevocation <switch>
        Do not validate the revocation status on the server Certificate.

        Required?                    false
        Position?                    named
        Default value
        Accept pipeline input?     false
        Accept wildcard characters? false

    -SPNPort <int>
        Specifies a port number to append to the connection Service Principal Name <SPN> of the remote server. An SPN is used when the authentication mechanism is Kerberos or Negotiate.

        Required?                    false
        Position?                    named
        Default value
        Accept pipeline input?     false
        Accept wildcard characters? false

    -Timeout <int>
        Defines the timeout in milliseconds for the WS-Management operation.

        Required?                    false
        Position?                    named
        Default value
        Accept pipeline input?     false
        Accept wildcard characters? false

    -UnEncrypted <switch>
        Do not use encryption when doing remote operations over HTTP.

        Note: Unencrypted traffic is not allowed by default and must be enabled in the local configuration.

        Required?                    false
        Position?                    named
        Default value
        Accept pipeline input?     false
        Accept wildcard characters? false

    -UseIEProxyconfig <switch>
        Use the Internet Explorer proxy configuration for the current user. This is the default setting.

        Required?                    false
        Position?                    named
        Default value
        Accept pipeline input?     false
        Accept wildcard characters? false

    -UseProxyAutoDetection <switch>
        Force auto-detection of a proxy.

        Required?                    false
        Position?                    named
        Default value
        Accept pipeline input?     false
        Accept wildcard characters? false

    -UseWinHTTPProxyConfig <switch>
        Use the proxy settings configured for WinHTTP.

        Required?                    false
        Position?                    named
        Default value
        Accept pipeline input?     false
        Accept wildcard characters? false

    -UTF16 <switch>
        Encode the request in UTF16 format rather than UTF8 format. The default is UTF8 encoding.

        Required?                    false
        Position?                    named
        Default value
        Accept pipeline input?     false
        Accept wildcard characters? false

    <CommonParameters>
        This cmdlet supports the common parameters: Verbose, Debug,
        ErrorAction, ErrorVariable, WarningAction, WarningVariable,
        OutBuffer and OutVariable. For more information, type,
        “Get-Help about_CommonParameters“.

INPUTS

OUTPUTS
    SessionOption

NOTES

RELATED LINKS
    Online version: http://go.microsoft.com/fwlink/?LinkId=141449
    Connect-WSMan
    Disable-WSManCredSSP
    Disconnect-WSMan
    Enable-WSManCredSSP
    Get-WSManCredSSP
    Get-WSManInstance
    Invoke-WSManAction
    New-WSManInstance
    Remove-WSManInstance
    Set-WSManInstance
    Set-WSManQuickConfig
    Test-WSMan

New-PSSessionOption

NAME
    New-PSSessionOption

SYNOPSIS
    Creates an object that contains advanced options for a PSSession.

SYNTAX
    New-PSSessionOption [-ApplicationArguments <PSPrimitiveDictionary>] [-CancelTimeout <int>] [-Culture <CultureInfo>] [-IdleTimeout <int>] [-MaximumReceivedDataSizePerCommand <int>] [-MaximumReceivedObjectSize <int>] [-MaximumRedirection <int>] [-NoCompression] [-NoEncryption] [-NoMachineProfile] [-OpenTimeout <int>] [-OperationTimeout <int>] [-ProxyAccessType {None | IEConfig | WinHttpConfig | AutoDetect | NoProxyServer}] [-ProxyAuthentication {Default | Basic | Negotiate | NegotiateWithImplicitCredential | Credssp | Digest | Kerberos}] [-ProxyCredential <PSCredential>] [-SkipCACheck] [-SkipCNCheck] [-SkipRevocationCheck] [-UICulture <CultureInfo>] [-UseUTF16] [<CommonParameters>]

DESCRIPTION
    The New-PSSessionOption cmdlet creates an object that contains advanced options for a PSSession. You can use the object as the value of the SessionOption parameter of cmdlets that create a PSSession, such as New-PSSession, Enter-PSSession, and Invoke-Command.

    Without parameters, New-PSSessionOption generates an object that contains the default values for all of the options. Because all of the properties can be edited, you can use the resulting object as a template, and create standard option objects for your enterprise.

PARAMETERS
    -ApplicationArguments <PSPrimitiveDictionary>
        Specifies a hash table that is sent directly to the session configuration without interpretation. This hash table is available to the session configuration as a property of the PSSenderInfo class.

        Required?                    false
        Position?                    named
        Default value
        Accept pipeline input?     false
        Accept wildcard characters? false

    -CancelTimeout <int>
        Determines how long Windows PowerShell waits for a cancel operation (CTRL + C) to complete before terminating it. Enter a value in milliseconds.

        The default value is 60000 (one minute). A value of 0 (zero) means no timeout; the command continues indefinitely.

        Required?                    false
        Position?                    named
        Default value                60000
        Accept pipeline input?     false
        Accept wildcard characters? false

    -Culture <CultureInfo>
        Specifies the culture to use for the PSSession. Enter a culture name in <languagecode2>-<country/regioncode2> format, such as “ja-jP”, a Variable that contains a CultureInfo object, or a command that gets a CultureInfo object, such as “Get-Culture“.

        The default value is $null, and the culture that is set in the operating system when the PSSession is created is used in the PSSession.

        Required?                    false
        Position?                    named
        Default value                Current culture
        Accept pipeline input?     false
        Accept wildcard characters? false

    -IdleTimeout <int>
        Determines how long the PSSession stays open if the remote computer does not receive any communication from the local computer, including the heartbeat signal. When the interval expires, the PSSession closes.

        Enter a value in milliseconds. The default value is 240000 (4 minutes). The minimum value is 60000 (1 minute).

        If both the local and remote computers specify an idle timeout value, the PSSession uses the shorter timeout value. The local computer can set an idle timeout value by using this parameter or by setting an idle timeout in the $PSSessionOption preference Variable. The remote computer can specify an idle timeout value in the WS-Management configuration (WSMAN:\localhost\shell\idletimeout).

        Required?                    false
        Position?                    named
        Default value                240000
        Accept pipeline input?     false
        Accept wildcard characters? false

    -MaximumReceivedDataSizePerCommand <int>
        Specifies the maximum number of bytes that the local computer can receive from the remote computer in a single command. Enter a value in bytes. By default, there is no data size limit.

        This option is designed to protect the resources on the client computer.

        Required?                    false
        Position?                    named
        Default value                No limit
        Accept pipeline input?     false
        Accept wildcard characters? false

    -MaximumReceivedObjectSize <int>
        Specifies the maximum size of an object that the local computer can receive from the remote computer. Enter a value in bytes. By default, there is no data size limit.

        This option is designed to protect the resources on the client computer.

        Required?                    false
        Position?                    named
        Default value                No limit
        Accept pipeline input?     false
        Accept wildcard characters? false

    -MaximumRedirection <int>
        Determines how many times Windows PowerShell redirects a connection to an alternate Uniform Resource Identifier (URI) before the connection fails. The default value is 5. A value of 0 (zero) prevents all redirection.

        This option is used in the PSSession only when the AllowRedirection parameter is used in the command that creates the PSSession.

        Required?                    false
        Position?                    named
        Default value                5
        Accept pipeline input?     false
        Accept wildcard characters? false

    -NoCompression [<SwitchParameter>]
        Turns off packet compression in the PSSession. Compression uses more processor cycles, but it makes transmission faster.

        Required?                    false
        Position?                    named
        Default value                False
        Accept pipeline input?     false
        Accept wildcard characters? false

    -NoEncryption [<SwitchParameter>]
        Turns off data encryption.

        Required?                    false
        Position?                    named
        Default value                False
        Accept pipeline input?     false
        Accept wildcard characters? false

    -NoMachineProfile [<SwitchParameter>]
        Prevents loading the user’s Windows user profile. As a result, the PSSession might be created faster, but user-specific Registry settings, items such as Environment Variables, and Certificates are not available in the PSSession.

        Required?                    false
        Position?                    named
        Default value                False
        Accept pipeline input?     false
        Accept wildcard characters? false

    -OpenTimeout <int>
        Determines how long the client computer waits for the session connection to be established. When the interval expires, the command to establish the connection fails. Enter a value in milliseconds.

        The default value is 180000 (3 minutes). A value of 0 (zero) means no time-out; the command continues indefinitely.

        Required?                    false
        Position?                    named
        Default value                180000
        Accept pipeline input?     false
        Accept wildcard characters? false

    -OperationTimeout <int>
        Determines the maximum time that any operation in the PSSession can run. When the interval expires, the operation fails. Enter a value in milliseconds.

        The default value is 180000 (3 minutes). A value of 0 (zero) means no time-out; the operation continues indefinitely.

        Required?                    false
        Position?                    named
        Default value                180000
        Accept pipeline input?     false
        Accept wildcard characters? false

    -ProxyAccessType <ProxyAccessType>
        Determines which mechanism is used to resolve the host name. Valid values are IEConfig, WinHttpConfig, AutoDetect, NoProxyServer and None. The default value is None.

        For information about the values of this parameter, see the description of the System.Management.Automation.Remoting.ProxyAccessType enumeration in the MSDN (Microsoft Developer Network) Library at http://go.microsoft.com/fwlink/?LinkId=144756.

        Required?                    false
        Position?                    named
        Default value                None
        Accept pipeline input?     false
        Accept wildcard characters? false

    -ProxyAuthentication <AuthenticationMechanism>
        Specifies the authentication method that is used for proxy resolution. Valid values are Basic, Digest, and Negotiate. The default value is Negotiate.

        For information about the values of this parameter, see the description of the System.Management.Automation.Runspaces.AuthenticationMechanism enumeration in the MSDN library at http://go.microsoft.com/fwlink/?LinkID=144382.

        Required?                    false
        Position?                    named
        Default value                Negotiate
        Accept pipeline input?     false
        Accept wildcard characters? false

    -ProxyCredential <PSCredential>
        Specifies the credentials to use for proxy authentication. Enter a Variable that contains a PSCredential object or a command that gets a PSCredential object, such as Get-Credential. If this option is not set, no credentials are specified.

        Required?                    false
        Position?                    named
        Default value                None
        Accept pipeline input?     false
        Accept wildcard characters? false

    -SkipCACheck [<SwitchParameter>]
        Specifies that when connecting over HTTPS, the client does not validate that the server Certificate is signed by a trusted Certificate authority (CA).

        Use this option only when the remote computer is trusted by using another mechanism, such as when the remote computer is part of a network that is physically secure and isolated, or the remote computer is listed as a trusted host in a WinRM configuration.

        Required?                    false
        Position?                    named
        Default value                False
        Accept pipeline input?     false
        Accept wildcard characters? false

    -SkipCNCheck [<SwitchParameter>]
        Specifies that the Certificate common name (CN) of the server does not need to match the hostname of the server. This option is used only in remote operations that use the HTTPS protocol.

        Use this option only for trusted computers.

        Required?                    false
        Position?                    named
        Default value                False
        Accept pipeline input?     false
        Accept wildcard characters? false

    -SkipRevocationCheck [<SwitchParameter>]
        Does not validate the revocation status of the server Certificate.

        Required?                    false
        Position?                    named
        Default value                False
        Accept pipeline input?     false
        Accept wildcard characters? false

    -UICulture <CultureInfo>
        Specifies the UI culture to use for the PSSession.

        Enter a culture name in <languagecode2>-<country/regioncode2> format, such as “ja-jP”, a Variable that contains a CultureInfo object, or a command that gets a CultureInfo object, such as Get-Culture.

        The default value is $null, and the UI culture that is set in the operating system when the PSSession is created is used in the PSSession.

        Required?                    false
        Position?                    named
        Default value                Current UI culture
        Accept pipeline input?     false
        Accept wildcard characters? false

    -UseUTF16 [<SwitchParameter>]
        Encode the request in UTF16 format rather than UTF8 format.

        Required?                    false
        Position?                    named
        Default value                False (UTF8 encoding)
        Accept pipeline input?     false
        Accept wildcard characters? false

    <CommonParameters>
        This cmdlet supports the common parameters: Verbose, Debug,
        ErrorAction, ErrorVariable, WarningAction, WarningVariable,
        OutBuffer and OutVariable. For more information, type,
        “Get-Help about_CommonParameters“.

INPUTS
    None
        You cannot pipe input to this cmdlet.

OUTPUTS
    System.Management.Automation.Remoting.PSSessionOption

NOTES

        If the SessionOption parameter is not used in a command to create a PSSession, the session options are determined by the property values of the $PSSessionOption preference Variable, if it is set. For more information about the $PSSessionOption Variable, see about_preference_variables.

    ————————– EXAMPLE 1 ————————–

    C:\PS>New-PSSessionOption

    MaximumConnectionRedirectionCount : 5
    NoCompression                     : False
    NoMachineProfile                 : False
    ProxyAccessType                 : IEConfig
    ProxyAuthentication             : Negotiate
    ProxyCredential                 :
    SkipCACheck                     : False
    SkipCNCheck                     : False
    SkipRevocationCheck             : False
    OperationTimeout                 : 00:03:00
    NoEncryption                     : False
    UseUTF16                         : False
    Culture                         :
    UICulture                         :
    MaximumReceivedDataSizePerCommand :
    MaximumReceivedObjectSize         :
    ApplicationArguments             :
    OpenTimeout                     : 00:03:00
    CancelTimeout                     : 00:01:00
    IdleTimeout                     : 00:04:00

    Description
    ———–
    This command creates a session option object with all of the default values.

    ————————– EXAMPLE 2 ————————–

    C:\PS>$pso = New-PSSessionoption -Culture “fr-fr” -MaximumReceivedObjectSize 10MB

    C:\PS> New-PSSession -computerName Server01 -SessionOption $pso

    Description
    ———–
    This example shows how to use a session option object to configure a session.

    The first command creates a new session option object and saves it in the value of the $pso Variable.

    The second command uses the New-PSSession cmdlet to create a PSSession on the Server01 remote computer. The command uses the session option object in the value of the $pso Variable as the value of the SessionOption parameter of the command.

    ————————– EXAMPLE 3 ————————–

    C:\PS>Enter-PSSession -computername Server01 -sessionOption (New-PSSessionoption -NoEncryption -NoCompression)

    Description
    ———–
    This command uses the Enter-PSSession cmdlet to start an interactive session with the Server01 computer. The value of the SessionOption parameter is a New-PSSessionOption command with the NoEncryption and NoCompression switch parameters.

    The New-PSSessionOption command is enclosed in parentheses to make sure that it runs before the Enter-PSSession command.

    ————————– EXAMPLE 4 ————————–

    C:\PS>$a = New-PSSessionoption

    MaximumConnectionRedirectionCount : 5
    NoCompression                     : False
    NoMachineProfile                 : False
    ProxyAccessType                 : IEConfig
    ProxyAuthentication             : Negotiate
    ProxyCredential                 :
    SkipCACheck                     : False
    SkipCNCheck                     : False
    SkipRevocationCheck             : False
    OperationTimeout                 : 00:03:00
    NoEncryption                     : False
    UseUTF16                         : False
    Culture                         :
    UICulture                         :
    MaximumReceivedDataSizePerCommand :
    MaximumReceivedObjectSize         :
    ApplicationArguments             :
    OpenTimeout                     : 00:03:00
    CancelTimeout                     : 00:01:00
    IdleTimeout                     : 00:04:00

    C:\PS> $a.UICulture = (UIGet-Culture)
    C:\PS> $a.OpenTimeout = (New-TimeSpan -minutes 4)
    C:\PS> $a.MaximumConnectionRedirectionCount = 1

    C:\PS> $a

    MaximumConnectionRedirectionCount : 1
    NoCompression                     : False
    NoMachineProfile                 : False
    ProxyAccessType                 : IEConfig
    ProxyAuthentication             : Negotiate
    ProxyCredential                 :
    SkipCACheck                     : False
    SkipCNCheck                     : False
    SkipRevocationCheck             : False
    OperationTimeout                 : 00:03:00
    NoEncryption                     : False
    UseUTF16                         : False
    Culture                         :
    UICulture                         : en-US
    MaximumReceivedDataSizePerCommand :
    MaximumReceivedObjectSize         :
    ApplicationArguments             :
    OpenTimeout                     : 00:04:00
    CancelTimeout                     : 00:01:00
    IdleTimeout                     : 00:04:00

    Description
    ———–
    This example demonstrates that you can edit the session option object. All properties have read/write values.

    Use this method to create a standard session object for your enterprise, and then create customized versions of it for particular uses.

    ————————– EXAMPLE 5 ————————–

    C:\PS>$PSSessionOption = New-PSSessionOption -OpenTimeout 120000

    Description
    ———–
    This command creates a $PSSessionOption preference Variable.

    When the $PSSessionOption preference Variable exists in the session, it establishes default values for options in the PSSessions that are created by using the New-PSSession, Enter-PSSession, and Invoke-Command cmdlets.

    To make the $PSSessionOption Variable available in all sessions, add it to your Windows PowerShell session and to your Windows PowerShell profile.

    For more information about the $PSSessionOption Variable, see about_preference_variables. For more information about profiles, see about_profiles.

    ————————– EXAMPLE 6 ————————–

    C:\PS>$skipCN = New-PSSessionoption -SkipCNCheck

    C:\PS> New-PSSession -computername 171.09.21.207 -UseSSL -credential domain01\user01 -sessionOption $skipCN

    Description
    ———–
    This example shows how to use a SessionOption object to fulfill the requirements for a remote session configuration.

    The first command uses the New-PSSessionOption cmdlet to create a session option object with the SkipCNCheck property. The command saves the resulting session object in the $skipCN Variable.

    The second command uses the New-PSSession cmdlet to create a new PSSession on a remote computer. The $skipCN check Variable is used in the value of the SessionOption parameter.

    Because the computer is identified by its IP address, the value of the ComputerName parameter does not match any of the common names in the Certificate used for Secure Sockets Layer (SSL). As a result, the SkipCNCheck option is required.

RELATED LINKS
    Online version: http://go.microsoft.com/fwlink/?LinkID=144305
    Enter-PSSession
    New-PSSession
    Invoke-Command