channel that exists between the host and each VM. A new VSP/VSC pair is part of
Windows Server 2016, and the client side can be seen as a new user-mode service,
vmicvmsession (Hyper-V VM Session Service), which by default is set to start when
triggered; that is, PowerShell Direct is utilized. This is separate from vmicrdv, which is
used to enable the rich VMConnect experience that emulates RDP experience to VMs.
Credentials are still required to use within the VM, so this is not a way to bypass
security. Think of this as a way to be able to use PowerShell, even with problems such
as networking misconfigurations that would typically prohibit management.
To use PowerShell Direct, leverage the new -VMName parameter for cmdlets such as
Invoke-Command and Enter-PSSession. For example:
Enter-PSSession -VMName VM01
Invoke-Command -VMName VM01 -ScriptBlock {}
Following is an example use that shows that the output is run on the target VM. The
prompt for values is a prompt for authentication.
PS C:> invoke‐command ‐VMName savdalvmm16 ‐ScriptBlock { $env:COMPUTERNAME }
cmdlet Invoke-Command at command pipeline position 1
Supply values for the following parameters:
SAVDALVMM16
Note that it is possible to pass a credential to avoid being prompted. In the following
example, I create a credential object using a text password that is used with Invoke-
Command. Replace the password and username with one that is valid in the target VM.
In most environments, you would not store passwords in plain text, and this is for
demonstration purposes only. Better approaches to store passwords in scripts can be
found at http://windowsitpro.com/development/save-password-securely-use-
powershell.
$securepassword = ConvertTo-SecureString -string "Password" `
-AsPlainText -Force
$cred = new-object System.Management.Automation.PSCredential
("savilltech\administrator", $securepassword)
invoke-command -VMName savdalvmm16 -Credential $cred `
-ScriptBlock { $env:COMPUTERNAME }