Assigning PowerShell remote access

If you want to allow some of your users to be able to run PowerShell commands on remote computers by way of PowerShell remoting, be aware of the following requirements:

  • The target computer needs to have the Centrify Client for Windows installed with the Privileged Access Service enabled.
  • Assign the user to a role with the "PowerShell remote access is allowed" system right granted.

  • If you're using the Centrify Audit & Monitoring Service, when a user attempts to run PowerShell remotely on a computer, the system triggers an audit trail event. Centrify Audit & Monitoring Service is an optional service.
  • To assign PowerShell remote access to a user:

    1. In the Access Manager console, open the zone that the Windows system to be managed belongs to (Access Manager is not necessarily installed on the machine with the Windows client).

    2. Under Role Definitions, right-click a role that you'd like to assign PowerShell remote access permission to and select Properties.

    3. Under System Rights > Windows rights, select PowerShell remote access is allowed.
    4. Right-click Role > Assignment and select Assign Role.

    5. Select the role as defined above and assign the Windows account to it.