First published on TECHNET on Jun 20, 2012
So I had written a script for a customer to update all the SharePoint servers in a farm and then run PSConfig and it worked great (More of that later) but one of the production farms is in the DMZ with firewalls, etc so being able to update all farms from one central machine was a concern. Did some digging, and here is what I found for them:
By default PowerShell will use the following ports for communication (They are the same ports as WinRM)
TCP/5985 = HTTP
TCP/5986 = HTTPS
While I would recommend you stay with the defaults, If you are not happy with this or your security team is not happy with this there are some other choices
You can set PowerShell remoting to use 80 (HTTP and 443 (HTTPS) by running the following commands
Set-Item WSMan:\localhost\Service\EnableCompatibilityHttpListener -Value true
Set-Item WSMan:\localhost\Service\EnableCompatibilityHttpsListener -Value true
You can set powershell to use any other port that we desire by performing the following
On each SharePoint server run the following command
Set-Item wsman:\localhost\listener\listener*\port –value <Port>
Then in your code you would declare that your connecting over the same port using the following commands(There are other commands to deal with Sessions)
New-PSSession –ComputerName <Netbios> -Port <Port>
Enter-PSSession –ComputerName <Netbios> -Port <Port>
Invoke-Command –ComputerName <Netbios> -Port <Port>
A few of the public articles that talk about this subject:
http://www.powergui.org/thread.jspa?threadID=15929
http://technet.microsoft.com/en-us/library/dd347668.aspx
http://technet.microsoft.com/en-us/library/dd315384.aspx