WinRM: Difference between revisions
(→WinRM) |
|||
(12 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
Test WinRM | == WinRM == | ||
== TCP Port 5986 == | |||
HTTPS SSL over port 5986 | |||
== Test WinRM == | |||
Not a valid API call, but verifies if WinRM service is listening: | Not a valid API call, but verifies if WinRM service is listening: | ||
Line 24: | Line 30: | ||
Example: | Example: | ||
<pre> | |||
mkdir c:\ci | |||
$url = "https://raw.githubusercontent.com/ansible/ansible-documentation/ae8772176a5c645655c91328e93196bcf741732d/examples/scripts/ConfigureRemotingForAnsible.ps1" | |||
$file = "c:\ci\ConfigureRemotingForAnsible.ps1" | |||
(New-Object -TypeName System.Net.WebClient).DownloadFile($url, $file) | |||
powershell.exe -ExecutionPolicy ByPass -File $file | |||
winrm id | |||
</pre> | |||
Service - | Service - | ||
Line 43: | Line 55: | ||
net stop WinRM | net stop WinRM | ||
net start WinRM | net start WinRM | ||
== Firewall == | |||
netsh advfirewall firewall add rule name="WinRM" dir=in action=allow protocol=TCP localport=5986 | |||
netsh advfirewall firewall show rule name="WinRM" | |||
== Windows Remote Management Command Line Tool == | == Windows Remote Management Command Line Tool == | ||
=== Remote Query === | === Remote Query === | ||
NOTE: Only useful if you have setup actual certificates. Have yet to figure out how to use the winrm cli tool with self signed certificates. For that use the Powershell calls instead. Alternatively you can enable INSECURE unencrypted connections and use HTTP. | |||
<pre> | <pre> | ||
Line 57: | Line 77: | ||
</pre> | </pre> | ||
winrm get winrm/config -remote:SOMESERVER -username:X -password:X | winrm get winrm/config -remote:https://SOMESERVER:5986 -username:X -password:X | ||
winrm OPERAION -remote:https://SOMESERVER:5986 -username:X -password:X | |||
winrm get winrm/config -remote:SOMESERVER -username:X -password:X -usessl | |||
winrm get winrm/config -remote:SOMESERVER -username:X -password:X -usessl -skipCAcheck -skipCNcheck | |||
winrs -r:https://SOMESERVER:5986 -username:X -password:X | |||
=== Check if running === | |||
<pre> | |||
winrm id[entify] -? Determines if a WS-Management implementation is | |||
running on the remote machine. | |||
</pre> | |||
winrm id | |||
<pre> | |||
PS C:\> winrm id | |||
IdentifyResponse | |||
ProtocolVersion = http://schemas.dmtf.org/wbem/wsman/1/wsman.xsd | |||
ProductVendor = Microsoft Corporation | |||
ProductVersion = OS: 10.0.19045 SP: 0.0 Stack: 3.0 | |||
SecurityProfiles | |||
SecurityProfileName = http://schemas.dmtf.org/wbem/wsman/1/wsman/secprofile/http/basic, http://schemas.dmtf.org/wbem/wsman/1/wsman/secprofile/https/basic, http://schemas.dmtf.org/wbem/wsman/1/wsman/secprofile/http/spnego-kerberos, http://schemas.dmtf.org/wbem/wsman/1/wsman/secprofile/https/spnego-kerberos | |||
</pre> | |||
winrm id -r:host.example.com -usessl | |||
winrm id -r:host.example.com -usessl -skipcacheck -skipcncheck | |||
winrm id -r:host.example.com -usessl -skipcacheck -skipcncheck -username:XXX | |||
winrm id -r:host.example.com -usessl -skipcacheck -skipcncheck -username:XXX -password:XXX | |||
=== Check Config === | === Check Config === | ||
Line 101: | Line 151: | ||
winrm help switches Other switches such as formatting, options, etc. | winrm help switches Other switches such as formatting, options, etc. | ||
winrm help proxy Providing proxy information. | winrm help proxy Providing proxy information. | ||
</pre> | |||
== Powershell == | |||
<pre> | |||
$hostname = 'MYHOST' | |||
$winrmport = "5986" | |||
$user = 'MYUSER' | |||
$pass = 'MYPASS' | ConvertTo-SecureString -AsPlainText -Force | |||
$cred = [PSCredential]::New($user, $pass) | |||
$soptions = New-WSManSessionOption -SkipCACheck -SkipCNCheck | |||
Test-WSMan -ComputerName $hostName | |||
if($?) { | |||
echo "winrm is enabled on remote system" | |||
} else { | |||
echo "winrm is NOT enabled on remote system" | |||
} | |||
Connect-WSMan -ComputerName $hostName -Credential $cred -SessionOption $soptions -UseSSL | |||
... do more winrm commands ... | |||
echo "--------------------------" | |||
Disconnect-WSMan -ComputerName $hostName | |||
</pre> | |||
Better option: | |||
<pre> | |||
$session = New-PSSession -ComputerName $hostName -Port $winrmPort -Credential $cred -SessionOption $ssoptions -UseSSL | |||
# Invoke-Command -Session $session -FilePath C:\scripts\test.ps1 | |||
# Invoke ref: https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.core/invoke-command?view=powershell-7.4 | |||
$a = Invoke-Command -Session $session -ScriptBlock { dir c:\ } | |||
echo $a | |||
</pre> | |||
ref: https://learn.microsoft.com/en-us/windows/win32/winrm/winrm-powershell-commandlets | |||
Invoke ref: https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.core/invoke-command?view=powershell-7.4 | |||
=== Powershell Enter Remote Session Interactively === | |||
<pre> | |||
... | |||
# Enter session interactively - not sure how useful this is in a script? | |||
#$soptions = New-PSSessionOption -SkipCACheck -SkipCNCheck | |||
#Enter-PSSession -ComputerName $hostName -Port $winrmPort -Credential $cred -SessionOption $soptions -UseSSL | |||
</pre> | </pre> | ||
== keywords == | == keywords == |
Latest revision as of 16:40, 2 August 2024
WinRM
TCP Port 5986
HTTPS SSL over port 5986
Test WinRM
Not a valid API call, but verifies if WinRM service is listening:
# curl -i -k https://moonshadow.home.lab:5986 HTTP/2 404 content-type: text/html; charset=us-ascii server: Microsoft-HTTPAPI/2.0 date: Thu, 28 Mar 2024 18:24:22 GMT content-length: 315 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"> <HTML><HEAD><TITLE>Not Found</TITLE> <META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD> <BODY><h2>Not Found</h2> <hr><p>HTTP Error 404. The requested resource is not found.</p> </BODY></HTML>
WinRM Service
Enable with script from: [1]
https://raw.githubusercontent.com/ansible/ansible-documentation/ae8772176a5c645655c91328e93196bcf741732d/examples/scripts/ConfigureRemotingForAnsible.ps1
Example:
mkdir c:\ci $url = "https://raw.githubusercontent.com/ansible/ansible-documentation/ae8772176a5c645655c91328e93196bcf741732d/examples/scripts/ConfigureRemotingForAnsible.ps1" $file = "c:\ci\ConfigureRemotingForAnsible.ps1" (New-Object -TypeName System.Net.WebClient).DownloadFile($url, $file) powershell.exe -ExecutionPolicy ByPass -File $file winrm id
Service -
Service: "WinRM" - "Windows Remote Management (WS-Management)" C:\Windows\System32\svchost.exe -k NetworkService -p
Windows Remote Management (WinRM) service implements the WS-Management protocol for remote management. WS-Management is a standard web services protocol used for remote software and hardware management. The WinRM service listens on the network for WS-Management requests and processes them. The WinRM Service needs to be configured with a listener using winrm.cmd command line tool or through Group Policy in order for it to listen over the network. The WinRM service provides access to WMI data and enables event collection. Event collection and subscription to events require that the service is running. WinRM messages use HTTP and HTTPS as transports. The WinRM service does not depend on IIS but is preconfigured to share a port with IIS on the same machine. The WinRM service reserves the /wsman URL prefix. To prevent conflicts with IIS, administrators should ensure that any websites hosted on IIS do not use the /wsman URL prefix.
Restart service:
net stop WinRM net start WinRM
Firewall
netsh advfirewall firewall add rule name="WinRM" dir=in action=allow protocol=TCP localport=5986
netsh advfirewall firewall show rule name="WinRM"
Windows Remote Management Command Line Tool
Remote Query
NOTE: Only useful if you have setup actual certificates. Have yet to figure out how to use the winrm cli tool with self signed certificates. For that use the Powershell calls instead. Alternatively you can enable INSECURE unencrypted connections and use HTTP.
winrm help auth winrm OPERATION -remote:VALUE [-authentication:VALUE] [-username:USERNAME] [-password:PASSWORD]
winrm get winrm/config -remote:https://SOMESERVER:5986 -username:X -password:X
winrm OPERAION -remote:https://SOMESERVER:5986 -username:X -password:X winrm get winrm/config -remote:SOMESERVER -username:X -password:X -usessl winrm get winrm/config -remote:SOMESERVER -username:X -password:X -usessl -skipCAcheck -skipCNcheck
winrs -r:https://SOMESERVER:5986 -username:X -password:X
Check if running
winrm id[entify] -? Determines if a WS-Management implementation is running on the remote machine.
winrm id
PS C:\> winrm id IdentifyResponse ProtocolVersion = http://schemas.dmtf.org/wbem/wsman/1/wsman.xsd ProductVendor = Microsoft Corporation ProductVersion = OS: 10.0.19045 SP: 0.0 Stack: 3.0 SecurityProfiles SecurityProfileName = http://schemas.dmtf.org/wbem/wsman/1/wsman/secprofile/http/basic, http://schemas.dmtf.org/wbem/wsman/1/wsman/secprofile/https/basic, http://schemas.dmtf.org/wbem/wsman/1/wsman/secprofile/http/spnego-kerberos, http://schemas.dmtf.org/wbem/wsman/1/wsman/secprofile/https/spnego-kerberos
winrm id -r:host.example.com -usessl winrm id -r:host.example.com -usessl -skipcacheck -skipcncheck winrm id -r:host.example.com -usessl -skipcacheck -skipcncheck -username:XXX winrm id -r:host.example.com -usessl -skipcacheck -skipcncheck -username:XXX -password:XXX
Check Config
winrm get winrm/config
Help
C:\>winrm Windows Remote Management Command Line Tool Windows Remote Management (WinRM) is the Microsoft implementation of the WS-Management protocol which provides a secure way to communicate with local and remote computers using web services. Usage: winrm OPERATION RESOURCE_URI [-SWITCH:VALUE [-SWITCH:VALUE] ...] [@{KEY=VALUE[;KEY=VALUE]...}] For help on a specific operation: winrm g[et] -? Retrieving management information. winrm s[et] -? Modifying management information. winrm c[reate] -? Creating new instances of management resources. winrm d[elete] -? Remove an instance of a management resource. winrm e[numerate] -? List all instances of a management resource. winrm i[nvoke] -? Executes a method on a management resource. winrm id[entify] -? Determines if a WS-Management implementation is running on the remote machine. winrm quickconfig -? Configures this machine to accept WS-Management requests from other machines. winrm configSDDL -? Modify an existing security descriptor for a URI. winrm helpmsg -? Displays error message for the error code. For help on related topics: winrm help uris How to construct resource URIs. winrm help aliases Abbreviations for URIs. winrm help config Configuring WinRM client and service settings. winrm help certmapping Configuring client certificate access. winrm help remoting How to access remote machines. winrm help auth Providing credentials for remote access. winrm help input Providing input to create, set, and invoke. winrm help switches Other switches such as formatting, options, etc. winrm help proxy Providing proxy information.
Powershell
$hostname = 'MYHOST' $winrmport = "5986" $user = 'MYUSER' $pass = 'MYPASS' | ConvertTo-SecureString -AsPlainText -Force $cred = [PSCredential]::New($user, $pass) $soptions = New-WSManSessionOption -SkipCACheck -SkipCNCheck Test-WSMan -ComputerName $hostName if($?) { echo "winrm is enabled on remote system" } else { echo "winrm is NOT enabled on remote system" } Connect-WSMan -ComputerName $hostName -Credential $cred -SessionOption $soptions -UseSSL ... do more winrm commands ... echo "--------------------------" Disconnect-WSMan -ComputerName $hostName
Better option:
$session = New-PSSession -ComputerName $hostName -Port $winrmPort -Credential $cred -SessionOption $ssoptions -UseSSL # Invoke-Command -Session $session -FilePath C:\scripts\test.ps1 # Invoke ref: https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.core/invoke-command?view=powershell-7.4 $a = Invoke-Command -Session $session -ScriptBlock { dir c:\ } echo $a
ref: https://learn.microsoft.com/en-us/windows/win32/winrm/winrm-powershell-commandlets
Powershell Enter Remote Session Interactively
... # Enter session interactively - not sure how useful this is in a script? #$soptions = New-PSSessionOption -SkipCACheck -SkipCNCheck #Enter-PSSession -ComputerName $hostName -Port $winrmPort -Credential $cred -SessionOption $soptions -UseSSL