It’s the case all too often that new operating systems include some really important and useful features that go largely unnoticed. Windows Server 2012 R2 contains one of those neat but largely unknown features in a new network protocol called Windows Remote Management (WinRM). To understand why WinRM is a great feature, let’s consider what WinRM is intended to replace: a protocol known as the Remote Procedure Call (RPC).
Even if you’ve never heard of RPC, chances are that you’ve been using it for years. RPC’s job is to allow one program to talk to another program, even if those programs are running on different computers. For example, if you’ve ever started up Outlook to read your email on an Exchange Server instance, then you’ve used RPC: it’s how Outlook can tap Exchange on the shoulder and say, “Can I have my email, please?” Or if you’ve ever used an MMC snap-in like DNS, DHCP, or Computer Management to remotely control those functions on a remote computer from your desktop, you’ve used RPC.
RPC is a protocol that has provided much service over the years, but it has one big problem: it’s hard to secure. Microsoft invented RPC back in the days when there was no Internet, and the vast majority of LANs extended no farther than the distance from the first floor to the top floor in an office building, so security wasn’t all that big a concern. Years later, when security became a big concern, Microsoft tried to retrofit security onto RPC with some optional changes wrought first by XP SP2, but by that point the horse was out of the barn, and requiring RPC security would just end up breaking hundreds or perhaps thousands of RPC-dependent applications. Clearly, the time had come for a change in how Windows programs talk to each other, so Microsoft decided to adopt a protocol that did the same sort of thing that RPC did, with a few changes:
◆ It’s not proprietary but is standards-based and platform-independent—there are similar implementations popping up on Linux and Mac OS.
◆ It’s a modified form of HTTPS.
◆ Its communications are encrypted.
◆ It requires authentication to use.
Components of Windows 2012 R2 that use WinRM include event log collection; the ability to use the new Server Manager snap-in on remote servers; and my personal favorite, a secure remote command shell called Windows Remote Shell, or winrs. If you need a secure, lowbandwidth remote-control tool, look to winrs.