1 | initial version |
To configure the RootSDDL for winrm/config/service through PowerShell, follow these steps:
Open PowerShell as an administrator.
Enter the following command to view the current RootSDDL for winrm/config/service:
Get-Item -Path WSMan:\localhost\Service\Configuration | Select-Object -ExpandProperty RootSDDL
If necessary, modify the RootSDDL by creating a new SDDL string using the Security Descriptor Definition Language (SDDL) syntax. For example:
$NewRootSDDL = 'O:NSG:BAD:P(A;CI;KR;;;BU)(A;CI;KA;;;BA)(A;CI;KA;;;SY)(A;CI;KA;;;LS)(A;;KR;;;NS)'
Apply the new RootSDDL to the winrm/config/service configuration:
Set-Item -Path WSMan:\localhost\Service\Configuration -Value @{RootSDDL=$NewRootSDDL}
Verify that the new RootSDDL has been applied:
Get-Item -Path WSMan:\localhost\Service\Configuration | Select-Object -ExpandProperty RootSDDL
Exit PowerShell.