Configuring PowerShell Remote Access

If you want to allow some of your users to be able to run PowerShell commands on remote computers by way of PowerShell remoting, be aware of the following requirements:

  • The target computer needs to have the Centrify Agent for Windows installed with the Centrify Privilege Elevation Service enabled.
  • Assign the user to a role with the "PowerShell remote access is allowed" system right granted.

  • If you're using the Centrify Audit & Monitoring Service, when a user attempts to run PowerShell remotely on a computer, the system triggers an audit trail event. Centrify Audit & Monitoring Service is an optional service.
  • To assign PowerShell remote access to a user:

    1. In the Centrify Access Manager console, open the zone that the Windows system to be managed belongs to (Centrify Access Manager is not necessary installed on the machine with the Windows agent).

    2. Under Role Definitions, right-click a role that you'd like to assign PowerShell remote access permission to and select Properties.

    3. Under System Rights > Windows rights, select PowerShell remote access is allowed.
    4. Right-click Role >Assignment and select Assign Role.

    5. Select the role as defined above and assign the Windows account to it.