Windows Remote Management (WS-Management)

The Windows Remote Management (WinRM) service implements the WS-Management protocol for remote management. WS-Management is a standard Web services protocol that is used to manage remote software and hardware. The Windows Remote Management service listens on the network for WS-Management requests and processes them. The Windows Remote Management service must be configured with a listener by using the Winrm command-line tool or by using a Group Policy setting for it to listen to the network.

The Windows Remote Management service provides access to WMI data, and it enables event collection. Event collection and subscription to events require that the service is running. The Windows Remote Management service messages use HTTP and HTTPS as transports. This service does not depend on IIS, but it is preconfigured to share a port with IIS on the same computer. The Windows Remote Management service reserves the /wsman URL prefix. To prevent conflicts with IIS, administrators should verify that websites hosted on IIS do not use the /wsman URL prefix.

A server that has a baseboard management controller (BMC) that supports the WS-Management standard, can be managed by applications and scripts using the Windows Remote Management service to communicate directly with the BMC, even when the operating system is offline (for example, before the system boots or if there is a system failure).

When a server does not have a BMC, the Windows Remote Management service can still connect to WMI remotely in situations where the DCOM communication is impeded, for example, across a firewall. This usage is possible because the WS-Management standard uses a single port that is configurable by the system administrator.

The Windows Remote Management service exposes an application programming interface (API) for scripting. The scripting API communicates with WMI by using syntax that is different from standard WMI scripts. The syntax for the Windows Remote Management service is documented in the WinRM section of MSDN. Hardware management uses a plug-in to expose WMI classes to the Windows Remote Management service. To call these classes, the WMI namespace and class must be converted into a Uniform Resource Identifier (URI).

As a security measure, you should configure the Windows Remote Management service to use the HTTPS protocol.

This service is installed by default, and its startup type is Manual.

When the Windows Remote Management service is started in its default configuration, it logs on by using the Network Service account.

The Windows Remote Management service is dependent on the following system components:

  • HTTP
  • Remote Procedure Call (RPC)
  • DCOM Server Process Launcher
  • RPC Endpoint Mapper

Related content