前往小程序,Get更优阅读体验!
立即前往
发布
社区首页 >专栏 >Win10 Win11如何通过命令开启WinRM

Win10 Win11如何通过命令开启WinRM

原创
作者头像
Windows技术交流
修改2024-12-12 07:50:16
修改2024-12-12 07:50:16
1840
举报
文章被收录于专栏:Windows技术交流

通用Windows Server2012~2025系统的开启WinRM的命令在Win11上报错如下:

代码语言:txt
复制
+ cmd.exe /c winrm set "winrm/config" '@{MaxTimeoutms="1800000"}'
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (WSManFault:String) [], RemoteException
    + FullyQualifiedErrorId : NativeCommandError
 
    Message
        ProviderFault
            WSManFault
                Message = 由于此计算机上的网络连接类型之一设置为公用,因此 WinRM 防火墙例外将不运行。 将网络连接类型更改为域或专用,然后再次尝试。 
错误编号: -2144108183 0x80338169
由于此计算机上的网络连接类型之一设置为公用,因此 WinRM 防火墙例外将不运行。 将网络连接类型更改为域或专用,然后再次尝试。

针对报错的解决办法就是把网络属性从公有Public改成专有Private

Win1通过命令开启WinRM的完整powershell代码:

代码语言:txt
复制

Set-executionpolicy -ExecutionPolicy Unrestricted -Scope CurrentUser -Force;

Set-NetConnectionProfile -InterfaceAlias $((Get-NetConnectionProfile).InterfaceAlias) -NetworkCategory Private

chcp 437

#ps1


# MAKE SURE IN YOUR PACKER CONFIG TO SET:
#
#
#    "winrm_username": "Administrator",
#    "winrm_insecure": true,
#    "winrm_use_ssl": true,
#
#

#Start-Service winrm
if($(get-service winrm).Status -notmatch "Running"){cmd.exe /c net start winrm}

write-output "Running User Data Script"
write-host "(host) Running User Data Script"

Set-ExecutionPolicy Unrestricted -Scope LocalMachine -Force -ErrorAction Ignore

# Don't set this before Set-ExecutionPolicy as it throws an error
$ErrorActionPreference = "Continue"

# Remove HTTP listener
Remove-Item -Path WSMan:\Localhost\listener\listener* -Recurse -EA 0 2>&1 >$null

# Create a self-signed certificate to let ssl work
$Cert = New-SelfSignedCertificate -CertstoreLocation Cert:\LocalMachine\My -DnsName "packer"
New-Item -Path WSMan:\LocalHost\Listener -Transport HTTPS -Address * -CertificateThumbPrint $Cert.Thumbprint -Force -EA 0 2>&1 >$null

# WinRM
write-output "Setting up WinRM"
write-host "(host) setting up WinRM"

cmd.exe /c "winrm quickconfig -q -force 2>&1 >null"
cmd.exe /c "winrm quickconfig -q 2>&1 >null"

cmd.exe /c winrm set "winrm/config" '@{MaxTimeoutms="1800000"}'
cmd.exe /c winrm set "winrm/config/winrs" '@{MaxMemoryPerShellMB="1024"}'
cmd.exe /c winrm set "winrm/config/service" '@{AllowUnencrypted="true"}'
cmd.exe /c winrm set "winrm/config/client" '@{AllowUnencrypted="true"}'
cmd.exe /c winrm set "winrm/config/service/auth" '@{Basic="true"}'
cmd.exe /c winrm set "winrm/config/client/auth" '@{Basic="true"}'
cmd.exe /c winrm set "winrm/config/service/auth" '@{CredSSP="true"}'
cmd.exe /c winrm set "winrm/config/listener?Address=*+Transport=HTTPS" "@{Port=`"5986`";Hostname=`"packer`";CertificateThumbprint=`"$($Cert.Thumbprint)`"}"
cmd.exe /c netsh advfirewall firewall set rule group="remote administration" new enable=yes
cmd.exe /c netsh firewall add portopening TCP 5986 "Port 5986"
cmd.exe /c netsh firewall add portopening TCP 5985 "Port 5985"
cmd.exe /c net stop winrm
cmd.exe /c sc.exe config winrm start= auto
cmd.exe /c net start winrm

netsh firewall set service remotedesktop enable

netsh.exe firewall set service type=RemoteAdmin mode=ENABLE scope=ALL  profile=ALL
#netsh.exe firewall set service type=RemoteAdmin mode=ENABLE scope=ALL  profile=Domain
#netsh.exe firewall set service type=RemoteAdmin mode=ENABLE scope=ALL  profile=Standard

netsh firewall set service RemoteAdmin enable
#netsh.exe firewall set service type=RemoteAdmin mode=ENABLE scope=ALL
#netsh.exe firewall set service type=RemoteAdmin mode=ENABLE scope=ALL  profile=Current

netsh advfirewall firewall add rule name="Open Port 5985" dir=in action=allow protocol=TCP localport=5985
netsh advfirewall firewall add rule name="Open Port 5986" dir=in action=allow protocol=TCP localport=5986
# Restart WinRM, and set it so that it auto-launches on startup.
cmd.exe /c net stop winrm
cmd.exe /c sc.exe config winrm start= auto

winrm quickconfig -q -force 2>&1 > $null
winrm quickconfig -q 2>&1 > $null

Set-Item WSMan:localhost\client\trustedhosts -value * -Force -Confirm:$false -EA 0 2>&1 >$null

restart-service winrm 2>&1 > $null

netstat -ato|findstr ":5985 :5986"
winrs -r:http://127.0.0.1:5985 hostname

原创声明:本文系作者授权腾讯云开发者社区发表,未经许可,不得转载。

如有侵权,请联系 cloudcommunity@tencent.com 删除。

原创声明:本文系作者授权腾讯云开发者社区发表,未经许可,不得转载。

如有侵权,请联系 cloudcommunity@tencent.com 删除。

评论
登录后参与评论
0 条评论
热度
最新
推荐阅读
领券
问题归档专栏文章快讯文章归档关键词归档开发者手册归档开发者手册 Section 归档