Merge pull request #13 from Microsoft/pavanadepu2-patch-1
Refactored the script, removed the winrmconf.cmd dependency.
This commit is contained in:
Pavan Adepu
GitHub
Коммит
929c60b820
|
|
@ -9,7 +9,7 @@
|
|||
param
|
||||
(
|
||||
[string] $hostname,
|
||||
[string] $protocol="5986"
|
||||
[string] $protocol
|
||||
)
|
||||
|
||||
#################################################################################################################################
|
||||
|
|
@ -29,9 +29,7 @@ $helpMsg = "Usage:
|
|||
|
||||
|
||||
function Is-InputValid
|
||||
{
|
||||
param([string] $hostname)
|
||||
|
||||
{
|
||||
$isInputValid = $true
|
||||
|
||||
if(-not $hostname -or ($protocol -ne "http" -and $protocol -ne "https"))
|
||||
|
|
@ -59,9 +57,6 @@ function Delete-WinRMListener
|
|||
|
||||
function Configure-WinRMListener
|
||||
{
|
||||
param([string] $hostname,
|
||||
[string] $protocol)
|
||||
|
||||
Write-Verbose -Verbose "Configuring the WinRM listener for $hostname over $protocol protocol. This operation takes little longer time, please wait..."
|
||||
|
||||
if($protocol -ne "http")
|
||||
|
|
@ -84,9 +79,6 @@ function Configure-WinRMHttpListener
|
|||
|
||||
function Configure-WinRMHttpsListener
|
||||
{
|
||||
param([string] $hostname,
|
||||
[string] $port)
|
||||
|
||||
# Delete the WinRM Https listener if it is already configured
|
||||
Delete-WinRMListener
|
||||
|
||||
|
|
@ -94,23 +86,17 @@ function Configure-WinRMHttpsListener
|
|||
$thumbprint = (New-SelfSignedCertificate -DnsName $hostname -CertStoreLocation "cert:\LocalMachine\My").Thumbprint
|
||||
if(-not $thumbprint)
|
||||
{
|
||||
.\makecert -r -pe -n CN=$hostname -b 01/01/2012 -e 01/01/2022 -eku 1.3.6.1.5.5.7.3.1 -ss my -sr localmachine -sky exchange -sp "Microsoft RSA SChannel Cryptographic Provider" -sy 12
|
||||
$thumbprint=(Get-ChildItem cert:\Localmachine\my | Where-Object { $_.Subject -eq "CN=" + $hostname } | Select-Object -Last 1).Thumbprint
|
||||
|
||||
if(-not $thumbprint)
|
||||
{
|
||||
throw "Failed to create the test certificate."
|
||||
}
|
||||
}
|
||||
throw "Failed to create the test certificate."
|
||||
}
|
||||
|
||||
# Configure WinRM
|
||||
cmd.exe /c .\winrmconf.cmd $hostname $thumbprint
|
||||
$WinrmCreate= "winrm create --% winrm/config/Listener?Address=*+Transport=HTTPS @{Hostname=`"$hostName`";CertificateThumbprint=`"$thumbPrint`"}"
|
||||
invoke-expression $WinrmCreate
|
||||
winrm set winrm/config/service/auth '@{Basic="true"}'
|
||||
}
|
||||
|
||||
function Add-FirewallException
|
||||
{
|
||||
param([string] $protocol)
|
||||
|
||||
if( $protocol -ne "http")
|
||||
{
|
||||
$port = $winrmHttpsPort
|
||||
|
|
@ -134,15 +120,8 @@ function Add-FirewallException
|
|||
# Configure WinRM #
|
||||
#################################################################################################################################
|
||||
|
||||
netsh advfirewall firewall set rule group="File and Printer Sharing" new enable=yes
|
||||
winrm quickconfig
|
||||
|
||||
# The default MaxEnvelopeSizekb on Windows Server is 500 Kb which is very less. It needs to be at 8192 Kb. The small envelop size if not changed
|
||||
# results in WS-Management service responding with error that the request size exceeded the configured MaxEnvelopeSize quota.
|
||||
winrm set winrm/config '@{MaxEnvelopeSizekb = "8192"}'
|
||||
|
||||
# Validate script arguments
|
||||
if(-not (Is-InputValid -hostname $hostname))
|
||||
if(-not (Is-InputValid))
|
||||
{
|
||||
Write-Warning "Invalid Argument exception:"
|
||||
Write-Host $helpMsg
|
||||
|
|
@ -150,19 +129,25 @@ if(-not (Is-InputValid -hostname $hostname))
|
|||
return
|
||||
}
|
||||
|
||||
netsh advfirewall firewall set rule group="File and Printer Sharing" new enable=yes
|
||||
winrm quickconfig
|
||||
|
||||
# The default MaxEnvelopeSizekb on Windows Server is 500 Kb which is very less. It needs to be at 8192 Kb. The small envelop size if not changed
|
||||
# results in WS-Management service responding with error that the request size exceeded the configured MaxEnvelopeSize quota.
|
||||
winrm set winrm/config '@{MaxEnvelopeSizekb = "8192"}'
|
||||
|
||||
|
||||
# Configure WinRM listener
|
||||
Configure-WinRMListener -hostname $hostname -protocol $protocol
|
||||
Configure-WinRMListener
|
||||
|
||||
# Add firewall exception
|
||||
Add-FirewallException -protocol $protocol
|
||||
Add-FirewallException
|
||||
|
||||
# List the listeners
|
||||
Write-Verbose -Verbose "Listing the WinRM listeners:"
|
||||
$config = winrm enumerate winrm/config/listener
|
||||
|
||||
Write-Verbose -Verbose "Querying WinRM listeners by running command: winrm enumerate winrm/config/listener"
|
||||
$config
|
||||
winrm enumerate winrm/config/listener
|
||||
|
||||
#################################################################################################################################
|
||||
#################################################################################################################################
|
||||
|
||||
|
|
|
|||
Загрузка…
Ссылка в новой задаче