1. 首頁
  2. 問答
  3. 廚師bootstrap出域IP

廚師bootstrap出域IP

2016-11-03 40 views
0

我發現,如果我嘗試引導Windows 2012服務器,我得到這個錯誤。廚師bootstrap出域IP

knife bootstrap windows winrm 192.0.2.0 -N foobar -x vagrant -P vagrant -r "role[foo]" -E dev -V

Waiting for remote response before bootstrap.ERROR: Failed to authenticate to 192.0.2.0 as vagrant 
Response: WinRM::WinRMAuthorizationError 
Hint: Make sure to prefix domain usernames with the correct domain name. 
Hint: Local user names should be prefixed with computer name or IP address. 
EXAMPLE: my_domain\user_namer

解決方法是將包括IP地址作爲用戶名

192.0.2.0\vagrant

knife bootstrap windows winrm 192.0.2.0 -N foobar -x 192.0.2.0\vagrant -P vagrant -r "role[foo]" -E dev -V

我WinRM配置與封隔器創建的一部分。

# https://github.com/mwrock/packer-templates/blob/b46ec4e1c3eafcaa64042f32ceab7de2d3789dba/scripts/package.ps1#L28-L45 

netsh advfirewall firewall add rule name="WinRM-HTTP" dir=in localport=5985 protocol=TCP action=allow 

[email protected]{Force=$true} 
try { 
$command=Get-Command Enable-PSRemoting 
    if($command.Parameters.Keys -contains "skipnetworkprofilecheck"){ 
     $enableArgs.skipnetworkprofilecheck=$true 
    } 
} 
catch { 
    $global:error.RemoveAt(0) 
} 
Enable-PSRemoting @enableArgs 
winrm set winrm/config/client/auth '@{Basic="true"}' 
winrm set winrm/config/service/auth '@{Basic="true"}' 
winrm set winrm/config/service '@{AllowUnencrypted="true"}'

爲什麼我只能用

來源

2016-11-03 spuder

回答

0

引導大量的試驗和錯誤之後,我發現Enable-PSRemoting就像我認爲他們是winrm quickconfig是不等價的命令。

將以下兩行添加到winrm安裝程序可修復此問題。 Bootstrap現在不再需要使用IP地址作爲名稱。

winrm quickconfig -q 
winrm quickconfig -transport:http

全部配置

netsh advfirewall firewall add rule name="WinRM-HTTP" dir=in localport=5985 protocol=TCP action=allow 
winrm quickconfig -q 
winrm quickconfig -transport:http 
[email protected]{Force=$true} 
try { 
$command=Get-Command Enable-PSRemoting 
    if($command.Parameters.Keys -contains "skipnetworkprofilecheck"){ 
     $enableArgs.skipnetworkprofilecheck=$true 
    } 
} 
catch { 
    $global:error.RemoveAt(0) 
} 
Enable-PSRemoting @enableArgs 
#Enable-WSManCredSSP -Force -Role Server #TODO What does this do, do I need it? 
winrm set winrm/config/client/auth '@{Basic="true"}' 
winrm set winrm/config/service/auth '@{Basic="true"}' 
winrm set winrm/config/service '@{AllowUnencrypted="true"}'

注意,允許基本身份驗證和加密WinRM的是不是用於生產安全。

來源

2016-11-03 20:01:49 spuder

相關問題

 相關問題