使用本地帐户连接python winrm
问题描述:
我试图通过使用winrm的CentOS上的python 2.7.13连接到Windows server 2012。服务器不是域的一部分。我创建了一个单独的本地管理员帐户来连接它。使用本地帐户连接python winrm
使用winrm configSDDL default
向用户提供所有访问权限。
将我的客户机添加到可信主机。
PS C:\Windows\system32> Get-Item WSMan:\localhost\Client\TrustedHosts
WSManConfig: Microsoft.WSMan.Management\WSMan::localhost\Client
Type Name SourceOfValue Value
---- ---- ------------- -----
System.String TrustedHosts 172.27.150.95
在防火墙中添加了异常,并确保服务已启动。
PS C:\Windows\system32> netsh advfirewall firewall add rule name="WinRM-HTTP" dir=in localport=5985 protocol=TCP action=allow
Ok.
PS C:\Windows\system32> Get-Service -ComputerName abc -Name winrm | Select Status
Status
------
Running
PS C:\Windows\system32>
为WinRM客户端设置:
PS C:\Windows\system32> winrm get winrm/config/client
Client
NetworkDelayms = 5000
URLPrefix = wsman
AllowUnencrypted = true
Auth
Basic = true
Digest = true
Kerberos = true
Negotiate = true
Certificate = true
CredSSP = false
DefaultPorts
HTTP = 5985
HTTPS = 5986
TrustedHosts = 172.27.150.95
的Telnet工作:
xyz:~ # telnet 172.27.148.29 5985
Trying 172.27.148.29...
Connected to abc (172.27.148.29).
Escape character is '^]'.
^]
telnet> quit
Connection closed.
xyz:~ #
但还是:
>>> s = winrm.Session('abc', auth=('abc\script-runner', 'xxx'))
>>> r = s.run_cmd('ipconfig', ['/all'])
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "/usr/local/lib/python2.7/site-packages/winrm/__init__.py", line 37, in run_cmd
shell_id = self.protocol.open_shell()
File "/usr/local/lib/python2.7/site-packages/winrm/protocol.py", line 132, in open_shell
res = self.send_message(xmltodict.unparse(req))
File "/usr/local/lib/python2.7/site-packages/winrm/protocol.py", line 207, in send_message
return self.transport.send_message(message)
File "/usr/local/lib/python2.7/site-packages/winrm/transport.py", line 190, in send_message
raise InvalidCredentialsError("the specified credentials were rejected by the server")
winrm.exceptions.InvalidCredentialsError: the specified credentials were rejected by the server
>>>
而且,我启用审计失败/成功登录但我没有看到任何辉带领或成功为我的连接尝试。
请告诉我缺少什么?我想通过本地用户连接。
感谢您的协助。
答
- 请确保在目标Windows计算机上的网络连接类型是“私人”,如果它是“公共”winrm不会被配置。
-
打开命令提示符,然后输入:
winrm qc winrm set winrm/config/service @{AllowUnencrypted="true"}
-
打开PowerShell和类型:
enable-psremoting set-item WSMan:\localhost\Client\TrustedHosts *
( '*' 的所有主机,你可以指定你想要的主机) -
在你的python脚本中:
import winrm s = winrm.Session('yourWindowsHost', auth=('yourLocalAdmin', 'passwordInPlainText'), transport='ntlm') r = s.run_cmd('ipconfig', ['/all'])