So… I am reworking our GPO that enables us to run powershell commands on remote machines to make it correct instead of expedient. Boss asks me why we need exceptions for WinRM and WSMan on 5985 in the GPO. I didn’t think anything would run without those exceptions but I tested anyway. I disabled that part of the GPO and everything ran! Still! What am I missing? I thought you had to open that port for anything to work. We have two built-in exceptions in that GPO: Remote Eventlog Management, and Windows Remote Management.
Everything (the commands I tested):
The part of the GPO that I removed for the test is found in Computer Configuration, Adminstrative Templates, Network, Network Connections, Windows Firewall, Domain Profile, Windows Firewall: Define inbound program exceptions. At the moment it is set to Disabled for testing.