%3CLINGO-SUB%20id%3D%22lingo-sub-571480%22%20slang%3D%22en-US%22%3EWhat%20port%20does%20PowerShell%20remoting%20use%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-571480%22%20slang%3D%22en-US%22%3E%3CP%3E%3CSTRONG%3E%20First%20published%20on%20TECHNET%20on%20Jun%2020%2C%202012%20%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3ESo%20I%20had%20written%20a%20script%20for%20a%20customer%20to%20update%20all%20the%20SharePoint%20servers%20in%20a%20farm%20and%20then%20run%20PSConfig%20and%20it%20worked%20great%20(More%20of%20that%20later)%20but%20one%20of%20the%20production%20farms%20is%20in%20the%20DMZ%20with%20firewalls%2C%20etc%20so%20being%20able%20to%20update%20all%20farms%20from%20one%20central%20machine%20was%20a%20concern.%26nbsp%3B%20Did%20some%20digging%2C%20and%20here%20is%20what%20I%20found%20for%20them%3A%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EBy%20default%20PowerShell%20will%20use%20the%20following%20ports%20for%20communication%20(They%20are%20the%20same%20ports%20as%20WinRM)%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3ETCP%2F5985%20%3D%20HTTP%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3ETCP%2F5986%20%3D%20HTTPS%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EWhile%20I%20would%20recommend%20you%20stay%20with%20the%20defaults%2C%20If%20you%20are%20not%20happy%20with%20this%20or%20your%20security%20team%20is%20not%20happy%20with%20this%20there%20are%20some%20other%20choices%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EYou%20can%20set%20PowerShell%20remoting%20to%20use%2080%20(HTTP%20and%20443%20(HTTPS)%20by%20running%20the%20following%20commands%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3ESet-Item%20WSMan%3A%5Clocalhost%5CService%5CEnableCompatibilityHttpListener%20-Value%20true%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3ESet-Item%20WSMan%3A%5Clocalhost%5CService%5CEnableCompatibilityHttpsListener%20-Value%20true%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EYou%20can%20set%20powershell%20to%20use%20any%20other%20port%20that%20we%20desire%20by%20performing%20the%20following%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EOn%20each%20SharePoint%20server%20run%20the%20following%20command%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3ESet-Item%20wsman%3A%5Clocalhost%5Clistener%5Clistener*%5Cport%20%E2%80%93value%20%3CPORT%3E%3C%2FPORT%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EThen%20in%20your%20code%20you%20would%20declare%20that%20your%20connecting%20over%20the%20same%20port%20using%20the%20following%20commands(There%20are%20other%20commands%20to%20deal%20with%20Sessions)%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3ENew-PSSession%20%E2%80%93ComputerName%20%3CNETBIOS%3E%20-Port%20%3CPORT%3E%3C%2FPORT%3E%3C%2FNETBIOS%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EEnter-PSSession%20%E2%80%93ComputerName%20%3CNETBIOS%3E%20-Port%20%3CPORT%3E%3C%2FPORT%3E%3C%2FNETBIOS%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EInvoke-Command%20%E2%80%93ComputerName%20%3CNETBIOS%3E%20-Port%20%3CPORT%3E%3C%2FPORT%3E%3C%2FNETBIOS%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EA%20few%20of%20the%20public%20articles%20that%20talk%20about%20this%20subject%3A%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CA%20href%3D%22http%3A%2F%2Fblogs.msdn.com%2Fb%2Fwmi%2Farchive%2F2009%2F07%2F22%2Fnew-default-ports-for-ws-management-and-powershell-remoting.aspx%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noopener%20noreferrer%20noopener%20noreferrer%22%3E%20http%3A%2F%2Fblogs.msdn.com%2Fb%2Fwmi%2Farchive%2F2009%2F07%2F22%2Fnew-default-ports-for-ws-management-and-powershell-remoting.aspx%20%3C%2FA%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CA%20href%3D%22http%3A%2F%2Fwww.powergui.org%2Fthread.jspa%3FthreadID%3D15929%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noopener%20noreferrer%20noopener%20noreferrer%22%3E%20http%3A%2F%2Fwww.powergui.org%2Fthread.jspa%3FthreadID%3D15929%20%3C%2FA%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CA%20href%3D%22http%3A%2F%2Ftechnet.microsoft.com%2Fen-us%2Flibrary%2Fdd347668.aspx%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noopener%20noreferrer%20noopener%20noreferrer%22%3E%20http%3A%2F%2Ftechnet.microsoft.com%2Fen-us%2Flibrary%2Fdd347668.aspx%20%3C%2FA%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CA%20href%3D%22http%3A%2F%2Ftechnet.microsoft.com%2Fen-us%2Flibrary%2Fdd315384.aspx%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noopener%20noreferrer%20noopener%20noreferrer%22%3E%20http%3A%2F%2Ftechnet.microsoft.com%2Fen-us%2Flibrary%2Fdd315384.aspx%20%3C%2FA%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CA%20href%3D%22http%3A%2F%2Ftechnet.microsoft.com%2Fen-us%2Flibrary%2Fdd347578.aspx%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noopener%20noreferrer%20noopener%20noreferrer%22%3E%20http%3A%2F%2Ftechnet.microsoft.com%2Fen-us%2Flibrary%2Fdd347578.aspx%20%3C%2FA%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-TEASER%20id%3D%22lingo-teaser-571480%22%20slang%3D%22en-US%22%3E%3CP%3EFirst%20published%20on%20TECHNET%20on%20Jun%2020%2C%202012%20So%20I%20had%20written%20a%20script%20for%20a%20customer%20to%20update%20all%20the%20SharePoint%20servers%20in%20a%20farm%20and%20then%20run%20PSConfig%20and%20it%20worked%20great%20(More%20of%20that%20later)%20but%20one%20of%20the%20production%20farms%20is%20in%20the%20DMZ%20with%20firewalls%2C%20etc%20so%20being%20able%20to%20update%20all%20farms%20from%20one%20central%20machine%20was%20a%20concern.%3C%2FP%3E%3C%2FLINGO-TEASER%3E%3CLINGO-LABS%20id%3D%22lingo-labs-571480%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EChrisWeaver%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E

First published on TECHNET on Jun 20, 2012

So I had written a script for a customer to update all the SharePoint servers in a farm and then run PSConfig and it worked great (More of that later) but one of the production farms is in the DMZ with firewalls, etc so being able to update all farms from one central machine was a concern.  Did some digging, and here is what I found for them:

 

By default PowerShell will use the following ports for communication (They are the same ports as WinRM)

 

TCP/5985 = HTTP

 

TCP/5986 = HTTPS

 

While I would recommend you stay with the defaults, If you are not happy with this or your security team is not happy with this there are some other choices

 

You can set PowerShell remoting to use 80 (HTTP and 443 (HTTPS) by running the following commands

 

Set-Item WSMan:\localhost\Service\EnableCompatibilityHttpListener -Value true

 

Set-Item WSMan:\localhost\Service\EnableCompatibilityHttpsListener -Value true

 

You can set powershell to use any other port that we desire by performing the following

 

On each SharePoint server run the following command

 

Set-Item wsman:\localhost\listener\listener*\port –value <Port>

 

Then in your code you would declare that your connecting over the same port using the following commands(There are other commands to deal with Sessions)

 

New-PSSession –ComputerName <Netbios> -Port <Port>

 

Enter-PSSession –ComputerName <Netbios> -Port <Port>

 

Invoke-Command –ComputerName <Netbios> -Port <Port>

 

A few of the public articles that talk about this subject:

 

http://blogs.msdn.com/b/wmi/archive/2009/07/22/new-default-ports-for-ws-management-and-powershell-r...

 

http://www.powergui.org/thread.jspa?threadID=15929

 

http://technet.microsoft.com/en-us/library/dd347668.aspx

 

http://technet.microsoft.com/en-us/library/dd315384.aspx

 

http://technet.microsoft.com/en-us/library/dd347578.aspx