Assigning PowerShell remote access

If you want to allow some of your users to be able to run PowerShell commands on remote computers by way of PowerShell remoting, be aware of the following requirements:

  • The target computer needs to have the Centrify Client for Windows installed with the Centrify Privileged Access Service enabled.
  • Assign the user to a role with the "PowerShell remote access is allowed" system right granted.

  • If you're using the Centrify Auditing and Monitoring Service, when a user attempts to run PowerShell remotely on a computer, the system triggers an audit trail event. Centrify Auditing and Monitoring Service is an optional service.
  • To assign PowerShell remote access to a user:

    1. In the Centrify Access Manager console, open the zone that the Windows system to be managed belongs to (Centrify Access Manager is not necessarily installed on the machine with the Windows client).

    2. Under Role Definitions, right-click a role that you'd like to assign PowerShell remote access permission to and select Properties.

    3. Under System Rights > Windows rights, select PowerShell remote access is allowed.
    4. Right-click Role > Assignment and select Assign Role.

    5. Select the role as defined above and assign the Windows account to it.