What is PowerShell?

PowerShell is a useful tool for TouchDesigner engineers who deploy computer clusters using Windows. This document covers how to setup PowerShell and Windows Security Policy to simplify management of TouchDesigner applications running over many computers on a network.

https://docs.microsoft.com/en-us/windows-server/administration/windows-commands/powershell

Setting up PowerShell - Quick Start

The following section covers how to configure Windows 10 / 11 computers for remote control.

Normalize Your Credentials

Ensure all your computers share the same username, and that user needs to have “Administrative” privileges. As well the User folder for this user should be the same on each computer.

Use Hostnames rather than IP addresses

In PowerShell remoting, using IP addresses instead of hostnames triggers stricter security measures by Windows. IP addresses face limitations with authentication, certificate validation, and name resolution. To overcome these challenges, it's recommended to use hostnames whenever possible, as they provide better compatibility, security, and flexibility. The configuration tested in this document was only achieved using hostname computer identification.

Configure Remoting

You can run this script all at once or just step through manually in PowerShell. You must be in an elevated “Administrative” shell to perform these commands. You must run these commands on all computers that will be a part of this cluster - both servers and clients.

#Just execute each commands one at a time in an elevated PowerShell. 
#If they run without errors you are setup. Repeat this process
#for each computer. 

#Sets the network profile to Private  (Or Domain - but can't be Public)
Set-NetConnectionProfile -NetworkCategory Private

#Enable PSRemoting
Enable-PSRemoting

#It's better to scope trusted computers to their specific names. Do not use
#IP addresses unless you understand the security implications.
Set-Item WSMan:\\localhost\\Client\\TrustedHosts -Value "Server1, Client1, Client2"
#OR
Set-Item WSMan:\\localhost\\Client\\TrustedHosts -Value "192.168.1.*, 10.0.0.1-100, 172.16.0.0/16"

#Sets Trusted Hosts - * means any computers
#Set-Item WSMan:\\localhost\\Client\\TrustedHosts -Value "*" -Force

#Enable Filesharing
#netsh advfirewall firewall set rule group="File and Printer Sharing" new enable=Yes
Set-NetFirewallRule -DisplayGroup "File and Printer Sharing" -Enabled True

#Set Execution Policy
Set-ExecutionPolicy RemoteSigned -Force

#Set 
#Create self signed certificats
$cert = New-SelfSignedCertificate -Type CodeSigningCert -Subject "CN=MyCodeSigningCert" -CertStoreLocation "Cert:\\CurrentUser\\My"

Install YAML

PowerShell module for serializing and deserializing YAML. YAML is the chosen file format for the customization of cluster configuration.

#<https://www.powershellgallery.com/packages/powershell-yaml/0.4.0>
Install-Module -Name powershell-yaml

Download PSTools

PSTools is a suite of command-line tools developed by Microsoft. These tools are designed to assist engineers in managing and troubleshooting Windows systems. PSTools includes a variety of utilities that can be used for tasks such as process management, network diagnostics, system information retrieval, and remote administration.

PsTools - Sysinternals