Wahmans Powershell Blog

Remove-WSManInstance

Understanding Remove-WSManInstance in PowerShell

Welcome back to Wahmans Powershell Blog! Today, we’re diving into a cmdlet that may not be widely used but is powerful when managing Windows Remote Management (WinRM) configurations: Remove-WSManInstance.

According to Microsoft, this cmdlet “Deletes a management resource instance.” But what does that really mean in practical terms for PowerShell users? In short, Remove-WSManInstance allows you to delete specific instances of management resources made available via WS-Management (such as listeners, services, etc.). This can be particularly helpful in trimming down unnecessary configuration or resetting WinRM to a cleaner state.

Basic Syntax

Remove-WSManInstance [-ResourceURI] <string> [-SelectorSet <IDictionary>] [-ComputerName <string>] [-Credential <PSCredential>] [-Authentication <Authentication>]

The key parameter here is -SelectorSet which identifies the specific instance you want to delete. You also need to provide the -ResourceURI, which defines the resource type you are working with.

Example 1: Delete a WSMan Listener (Beginner)

Let’s say you want to delete a WinRM listener on the local machine that is listening on HTTP.

$selector = @{ Address="*"; Transport="HTTP" }
Remove-WSManInstance -ResourceURI "winrm/config/Listener" -SelectorSet $selector

This will remove the HTTP listener identified by the selector parameters.

Example 2: Remove a Service Configuration Property (Intermediate)

Suppose you want to delete a configuration property under the WinRM service. Selectors allow you to target very specific elements.

$selector = @{Name="AllowUnencrypted"}
Remove-WSManInstance -ResourceURI "winrm/config/service" -SelectorSet $selector

This attempts to remove the instance of the AllowUnencrypted setting from the service configuration. Note: Not all properties can be removed—some might require resetting instead.

Example 3: Delete WinRM Configuration on a Remote Machine (Advanced)

Let’s clean up a listener on a remote computer named Server01 over HTTPS.

$selector = @{ Address="*"; Transport="HTTPS" }
Remove-WSManInstance -ResourceURI "winrm/config/Listener" -SelectorSet $selector -ComputerName "Server01" -Authentication Default

This command targets the HTTPS listener on the remote server Server01. Ensure WSMan connection access and proper credentials are in place.

Example 4: Scripted Cleanup of All HTTP Listeners (Advanced)

Here’s a more advanced approach using PowerShell logic to remove all HTTP listeners dynamically.

$listeners = Get-WSManInstance -ResourceURI "winrm/config/Listener"
foreach ($listener in $listeners) {
    if ($listener.Transport -eq "HTTP") {
        $selector = @{ Address=$listener.Address; Transport="HTTP" }
        Remove-WSManInstance -ResourceURI "winrm/config/Listener" -SelectorSet $selector
        Write-Host "Removed listener for address $($listener.Address)"
    }
}

This script checks all listeners and removes each one that uses HTTP as the transport protocol.

Conclusion

Remove-WSManInstance is a valuable cmdlet when managing WinRM configurations across local and remote computers. Whether you’re cleaning up unused listeners, managing access settings, or automating infrastructure configuration resets, this tool provides the flexibility you need to keep your environment clean and efficient.

Happy scripting, and I will see you in the next post!

Leave a Reply

Your email address will not be published. Required fields are marked *