Forum Discussion
Enable WinRM through Intune
Hey PatrickF11,
you need to have a look at the Policy CSP documentation here: https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-remotemanagement#remotemanagement-allowremoteservermanagement and be careful if it is a ADMX-backed policy. Then you have to deal with the correct way of defining the value, which configures the policy.
In your case you have to carefully lookup the value definitions in the admx file and then you well get to the result like this:
./Vendor/MSFT/Policy/Config/RemoteManagement/AllowRemoteServerManagementValue (string):
<enabled/>
<data id="AllowAutoConfig_IPv4Filter" value="*" />
<data id="AllowAutoConfig_IPv6Filter" value="" />
this works and is the correct way to address the value which you want to configure.
But! for this particular policy you have a way more convenient way to configure it, it is available in the Administrative templates:
best,
Oliver
Oliver Kieselbach Thank you very much.
Unfortunately enabling WinRM isn't enough.
- To achive remote management for registry i need to remotely enable the service "RemoteRegistry". How to deal with this via intune?
- To achive remote management for EventViewer i need to remotely enable the firewall rules Remote Event Log Management (RPC). How to deal with this via intune? I've found out that i can configure firewall rules inside of the endpoint protection profile. Unfortunately i don't know how to enable the rule which is already present but disabled. Inside of the GUI "Windows Defender Firewall with Advanced Security" i already found the rule but i don't know how to depict the "local port = RPC Dynamic Ports" in intune.