使用Http启用WinRM连接到Azure虚拟机

时间:2018-04-16 14:10:03

标签: azure azure-virtual-machine winrm

我可以使用http://terraformrg.southeastasia.cloudapp.azure.com/访问我的azure vm(windows),并且无法使用https://terraformrg.southeastasia.cloudapp.azure.com/访问(机器中没有SSL)。但是我在这个VM中为https启用了443端口。我看到在我的VM中运行的http和https WinRM监听器,即没有拇指指甲的http和带拇指指甲的https。

  

我的问题是我可以使用连接到启用WinRM的azure VM   HTTP?或者这是https的强制性要求吗?

1 个答案:

答案 0 :(得分:1)

关于启用Azure VM WinRM,您应该将端口5985添加到Azure VM的 NSG入站规则,并将端口5985添加到 Windows防火墙入站规则

然后使用此脚本创建会话:

$username = 'user'
$pass = ConvertTo-SecureString -string 'password' -AsPlainText -Force
$cred = New-Object -typename System.Management.Automation.PSCredential -argumentlist $username, $pass
$s = New-PSSession -ConnectionUri 'http://xx.xx.xx.xx:5985' -Credential $cred -SessionOption (New-PSSessionOption -SkipCACheck -SkipCNCheck -SkipRevocationCheck)

希望这有帮助。

<强>更新

以下是我的步骤:

WinRM服务器:

PS C:\Users\jason> Enable-PSRemoting -force
PS C:\Users\jason> winrm quickconfig
WinRM service is already running on this machine.
WinRM is not set up to allow remote access to this machine for management.
The following changes must be made:

Configure LocalAccountTokenFilterPolicy to grant administrative rights remotely to local users.

Make these changes [y/n]? y

WinRM has been updated for remote management.

Configured LocalAccountTokenFilterPolicy to grant administrative rights remotely to local users.

客户端:

PS C:\Users\jason> winrm set winrm/config/client '@{TrustedHosts = "13.78.103.201"}'
Client
    NetworkDelayms = 5000
    URLPrefix = wsman
    AllowUnencrypted = false
    Auth
        Basic = true
        Digest = true
        Kerberos = true
        Negotiate = true
        Certificate = true
        CredSSP = false
    DefaultPorts
        HTTP = 5985
        HTTPS = 5986
    TrustedHosts = 13.78.103.201

PS C:\Users\jason> $username = 'jason'
PS C:\Users\jason> $pass = ConvertTo-SecureString -string '122130869@qq' -AsPlainText -Force
PS C:\Users\jason> $cred = New-Object -typename System.Management.Automation.PSCredential -argumentlist $username, $pass
PS C:\Users\jason> $s = New-PSSession -ConnectionUri 'http://13.78.103.201:5985' -Credential $cred -SessionOption (New-PSSessionOption -SkipCACheck -SkipCNCheck -SkipRevocationCheck)

PS C:\Users\jason> Enter-PSSession -ConnectionUri 'http://13.78.103.201:5985' -Credential $cred
[13.78.103.201]: PS C:\Users\jason\Documents>
[13.78.103.201]: PS C:\Users\jason\Documents>
[13.78.103.201]: PS C:\Users\jason\Documents>

注意:将端口5985添加到NSG入站规则和Windows防火墙设置。

相关问题
最新问题