Decided to try out Windows Nano Server 2016 today in a HyperV VHD. Microsoft provides a VHD for Nano on their evaluation site or you can create your own VHD.
https://www.microsoft.com/en-us/evalcenter/evaluate-windows-server-2016
https://technet.microsoft.com/en-us/windows-server-docs/get-started/nano-server-quick-start
Nano is a headless operating system. This means you can’t remote into it like other Windows Server OS versions because it doesn’t have the UI features. You must interact with it via a command-line interface. Obviously PowerShell is the commandline tool we would use for this. In attempting to follow some of the tutorials out there I kept getting the following error:
PS C:\WINDOWS\system32> $cn = "192.168.2.89"
PS C:\WINDOWS\system32> $cred = Get-Credential
cmdlet Get-Credential at command pipeline position 1
Supply values for the following parameters:
Credential
PS C:\WINDOWS\system32> Enter-PSSession -ComputerName $cn -Credential $cred
Enter-PSSession : Connecting to remote server 192.168.2.89 failed with the following error message : The WinRM client
cannot process the request. If the authentication scheme is different from Kerberos, or if the client computer is not
joined to a domain, then HTTPS transport must be used or the destination machine must be added to the TrustedHosts
configuration setting. Use winrm.cmd to configure TrustedHosts. Note that computers in the TrustedHosts list might not
be authenticated. You can get more information about that by running the following command: winrm help config. For
more information, see the about_Remote_Troubleshooting Help topic.
At line:1 char:1
+ Enter-PSSession -ComputerName $cn
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (192.168.2.89:String) [Enter-PSSession], PSRemotingTransportException
+ FullyQualifiedErrorId : CreateRemoteRunspaceFailed
I first tried to connect using SSL but I think SSL wasn’t enabled in VHD.
PS C:\WINDOWS\system32> Enter-PSSession -ComputerName $cn -UseSSL
Enter-PSSession : Connecting to remote server 192.168.2.89 failed with the following error message : WinRM cannot
complete the operation. Verify that the specified computer name is valid, that the computer is accessible over the
network, and that a firewall exception for the WinRM service is enabled and allows access from this computer. By
default, the WinRM firewall exception for public profiles limits access to remote computers within the same local
subnet. For more information, see the about_Remote_Troubleshooting Help topic.
At line:1 char:1
+ Enter-PSSession -ComputerName $cn -UseSSL
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (192.168.2.89:String) [Enter-PSSession], PSRemotingTransportException
+ FullyQualifiedErrorId : CreateRemoteRunspaceFailed
So next I tried adding adding the target IP to the TrustedHosts list:
PS C:\WINDOWS\system32> $cn = "192.168.2.89" PS C:\WINDOWS\system32> $cred = Get-Credential cmdlet Get-Credential at command pipeline position 1 Supply values for the following parameters: Credential PS C:\WINDOWS\system32> Set-Item WSMan:\localhost\Client\TrustedHosts $cn WinRM Security Configuration. This command modifies the TrustedHosts list for the WinRM client. The computers in the TrustedHosts list might not be authenticated. The client might send credential information to these computers. Are you sure that you want to modify this list? [Y] Yes [N] No [S] Suspend [?] Help (default is "Y"): PS C:\WINDOWS\system32> get-Item WSMan:\localhost\Client\TrustedHosts WSManConfig: Microsoft.WSMan.Management\WSMan::localhost\Client Type Name SourceOfValue Value ---- ---- ------------- ----- System.String TrustedHosts 192.168.2.89
That did the trick.
PS C:\WINDOWS\system32> Enter-PSSession -ComputerName $cn -Credential $cred [192.168.2.89]: PS C:\Users\Administrator\Documents>
Hope this helps others.