How to revert changes made by Enable-PSRemoting? from http://blogs.technet.com/b/bshukla/archive/2011/04/28/how-revert-changes-made-by-enable-psremoting.aspx Some MS tools (like Best Practices Analyzers) automatically run "Enable-PSRemoting" and then don't clean up after themselves. To reverse these changes: Start an admin-mode powershell. Run "Disable-PSRemoting" This will output: PS C:\Windows\system32> Disable-PSRemoting WARNING: Disabling the session configurations does not undo all the changes made by the Enable-PSRemoting or Enable-PSSessionConfiguration cmdlet. You might have to manually undo the changes by following these steps. 1. Stop and disable the WinRM service. 2. Delete the listener that accepts requests on any IP address. 3. Disable the firewall exceptions for WS-Management communications. 4. Restore the value of the LocalAccountTokenFilterPolicy to 0, which restricts remote access to members of the Administrators group on the computer. Do not do step 1 yet. Instead: List the Windows Remote Management listeners: winrm enumerate winrm/config/listener Usually the listener with Address = * and Port = 5985 using Transport = HTTP is the one you want to remove. Delete it by running: winrm delete winrm/config/listener?address=*+transport=HTTP Then, remove the firewall exceptions for Windows Remote Managment Then, stop the windows remote management service: Stop-Service winrm And disable it: Set-Service -Name winrm -StartupType Disabled Finally, revert the LocalAccountTokenFilterPolicy setting to its default value of 0: Set-ItemProperty -Path HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System -Name LocalAccountTokenFilterPolicy -Value 0 -Type DWord Error messages/problems: this will happen if you followed the output of Disable-PSRemoting verbatim: WSManFault Message = The client cannot connect to the destination specified in the request. Verify that the service on the dest ination is running and is accepting requests. Consult the logs and documentation for the WS-Management service running on the destination, most commonly IIS or WinRM. If the destination is the WinRM service, run the following command on the destination to analyze and configure the WinRM service: "winrm quickconfig". This is why you need to leave WinRM enabled, delete the listeners, and *then* turn it off.