Enabling Windows PowerShell Remoting for Remote Management and Remote Mounting

From a single IBM Spectrum Protect Snapshot installation, you can manage all of the IBM Spectrum Protect Snapshot installations in your organization.

Before you begin

To use the remote management features, you must have the minimum required Windows Powershell and Windows management framework installed. For more information, see the IBM Spectrum Protect Snapshot V8.1.7 hardware and software requirements: https://www-01.ibm.com/support/docview.wss?uid=ibm10792377.

Procedure

Enabling Windows PowerShell Remoting is a task outside the scope of this documentation. For reference, the following PowerShell cmdlets are provided.

Enable remote management for IBM Spectrum Protect Snapshot installations or the Remote Mounting feature by entering the following Windows PowerShell cmdlets.
```
Enable-PSRemoting -force
```
1. Add the IBM Spectrum Protect Snapshot servers to the trusted hosts list by entering the following command on each remote system:
```
Set-Item WSMan:\localhost\Client\TrustedHosts -Value  
remote_server_name -Force -Concatenate
```
  where remote_server_name specifies the remote server.
2. Restart the winrm service by entering the following command:
```
Restart-Service winrm
```
Optional: If you use the IBM Spectrum Protect Snapshot for Microsoft Exchange Server software, enable the Windows PowerShell Remoting feature with Credential Security Support Provider (CredSSP) authentication. Complete the following steps:
1. On the primary system, enter the following command to enable the Windows PowerShell Remoting feature with CredSSP:
```
enable-wsmancredssp -role client -delegatecomputer remote_computer_name 
```
  where remote_computer_name specifies the remote computer.
2. On each remote system that runs the IBM Spectrum Protect Snapshot for Microsoft Exchange Server software, enter the following command to enable the Windows PowerShell Remoting feature with CredSSP:
```
enable-wsmancredssp -role server
```
Verify that the Windows PowerShell Remoting feature is configured by using one of the following methods:
- Use the "Test-WSMan" cmdlet to test whether the WinRM service is running on the remote computer.
  a. On the primary system, enter the following cmdlet to verify that the Windows PowerShell Remoting feature is configured correctly:
```
Test-WSMan remote_server_name
```
  where remote_server_name specifies the remote server.
  
  b. On the remote system, enter the following cmdlet to verify that the Windows PowerShell Remoting feature is configured correctly:
```
Test-WSMan primary_server_name
```
  where primary_server_name specifies the primary server.
  
  Restriction: For the remote mount feature, you must use the same computer name that you use with the /RemoteComputer CLI option.
- To verify that the Windows PowerShell Remoting feature is configured, enter the following cmdlets:
  a. On the primary system and the remote system, enter the following cmdlet:
```
invoke-command -computername remote_server_name
```
```
-scriptblock {pwd} -Credential $creds
```
  where remote_server_name specifies the remote server.
  
  b. On the primary system and the remote system when Credential Security Support Provider (CredSSP) authentication is enabled, enter the following cmdlet:
```
invoke-command -computername remote_server_name 
```
```
-scriptblock {pwd} -Credential $creds -Authentication Credssp
```
  where remote_server_name specifies the remote server.
  
  Restriction: For the remote mount feature, you must use the same computer name that you use with the /RemoteComputer CLI option. In addition, when you use the CLI command for the remote mount feature, use the same user name and password that you use with the /RemoteComputerUser and /RemoteComputerPassword CLI options.

Adding remote systems

To remotely manage installations, complete the following steps to add remote systems.

Procedure

From Microsoft Management Console (MMC) > IBM Spectrum Protect Snapshot, in the Actions pane, click Manage Computers.
Verify that the local system is listed in both the Tree Nodes and Computers panes.
From the Tree Nodes pane, click the add icon.
The icon is green and resembles the symbol for addition.
Type the name and description for the new tree node.
From the Computers pane, click the add icon.
The computers that you add are associated with the tree node that you are creating. If you add only one computer, the tree node type can be either Dashboard or Group. If you add more than one computer, the tree node type is Group. If you add only one computer, from the Tree Nodes pane, you can toggle between the Dashboard and Group types.
Type the system name and a description. For systems that are not in the domain, provide the fully qualified address.
Alternatively, to select a system that is based on another system in the domain or to read a list of computers from a file, on the Computers pane, click Import. Clicking Import. displays a dialog called Add Computers. From the Add Computers dialog, there are two tabs: Active Directory and Import. To complete the Add Computers dialog window entries, complete the following steps:
1. For the Active Directory tab, complete these fields
  
  Domain
  
  The current domain is displayed. The domain cannot be changed.
  
  Location
  
  The organizational unit that is used to search for computers. The default value is displayed.
  
  Name
  
  By default, the wildcard character (*) is displayed. You can leave the default value or enter a specific name.
  
  Account
  
  The current account is displayed. If you want to use a different account, click Search to search the domain for other computers. The Search capability is enabled only when the Location and Name fields have values.
2. For the Import tab, browse to find a comma-separated values (.CSV) file that contains computer entries. After you find a .CSV file and click Import, the contents of the .CSV file are read as entries and are added to the list.
  The following .CSV file is an example of a valid .CSV file for the import activity:
```
NewNode1,Group1,CurrentUser,Test node 1 
NewNode2 
NewNode3,,Description of NewNode3 
NewNode4,Group2,CurrentUser,Test node 4 
```
  The first column (the node name) is required. The other data columns are optional. The list is processed by position. For the group, if a group does not exist, the group is created.
From the Computers pane, click Test Connection.
The test status is reported in the Message column of the Computers table.
Click OK to close the Manage Computers window.
Verify that the tree node is listed in the navigation tree.
The remote node does not have all of the functionality available for local systems. For example, entries for learning, online support, and favorite links are not displayed.
For tree node type Dashboard, the main window displays the Protect, Recover, and Automate tabs. For tree node type Group, the main window displays the Group Dashboard, Group Reports, and Group Commands tabs.
After you add systems, you can remove (delete) the systems. You can also select the system to edit the properties, including tree node type, that you entered when you added the system. If you want to change the order of the systems that are displayed in the navigation tree, from the Manage Computers window there are GUI controls that you can use to change the order.