<powershell>
# turn off PowerShell execution policy restrictions
Set-ExecutionPolicy -ExecutionPolicy Bypass -Scope LocalMachine
write-output "Running AWS User Data Script"
write-host "(host) Running AWS User Data Script"
# Configure WinRM
# First, remove HTTP listener
Remove-Item -Path WSMan:\Localhost\listener\listener* -Recurse
cmd.exe /c winrm quickconfig -q
write-output "Setting http transport..."
cmd.exe /c winrm quickconfig '-transport:http'
write-output "setting remainder of winrm configs..."
cmd.exe /c winrm set "winrm/config/winrs" '@{MaxMemoryPerShellMB="1024"}'
cmd.exe /c winrm set "winrm/config" '@{MaxTimeoutms="7200000"}'
cmd.exe /c winrm set "winrm/config/service" '@{AllowUnencrypted="true"}'
cmd.exe /c winrm set "winrm/config/client" '@{AllowUnencrypted="true"}'
cmd.exe /c winrm set "winrm/config/service/auth" '@{Basic="true"}'
cmd.exe /c winrm set "winrm/config/client/auth" '@{Basic="true"}'
cmd.exe /c winrm set "winrm/config/service/auth" '@{CredSSP="true"}'
cmd.exe /c winrm set "winrm/config/listener?Address=*+Transport=HTTP"
'@{Port="5985"}'
write-output "Done with WinRM settings"
cmd.exe /c netsh advfirewall firewall add rule name="WinRM 5985"
protocol=TCP dir=in localport=5985 action=allow
cmd.exe /c net stop winrm
cmd.exe /c sc config winrm start= auto
cmd.exe /c net start winrm
# Set temporary Administrator password only for Packer building
net user Administrator 'terriblepw'
wmic useraccount where "name='Administrator'" set PasswordExpires=FALSE
</powershell>
I should mention that I *can* connect successfully via WinRM to the
instance when using this script. But for whatever reason Packer can't.
Thanks!
On Friday, September 1, 2017 at 3:26:57 PM UTC-4, Matthew Hooker wrote:
>
> Can you post your script for enabling winrm? It should look something like
>
> <powershell>
> winrm quickconfig -q
> winrm set winrm/config/winrs '@{MaxMemoryPerShellMB="300"}'
> winrm set winrm/config '@{MaxTimeoutms="1800000"}'
> winrm set winrm/config/service '@{AllowUnencrypted="true"}'
> winrm set winrm/config/service/auth '@{Basic="true"}'
>
> netsh advfirewall firewall add rule name="WinRM 5985" protocol=TCP dir=in
> localport=5985 action=allow
> netsh advfirewall firewall add rule name="WinRM 5986" protocol=TCP dir=in
> localport=5986 action=allow
>
> net stop winrm
> sc config winrm start=auto
> net start winrm
>
> Set-ExecutionPolicy -ExecutionPolicy Bypass -Scope LocalMachine
> </powershell>
>
> On Fri, Sep 1, 2017 at 11:58 AM Khalid Hosein <[email protected]
> <javascript:>> wrote:
>
>> Hello,
>>
>> I'm building Windows AMIs in AWS, and am having trouble connecting via
>> WinRM to Win 2012 and 2016 versions. However, the same configs work for Win
>> 2008 R2.
>>
>> When I enabled Packer debugging, I see the following errors (repeated
>> until it hits the *winrm_timeout*):
>>
>> 2017/09/01 18:18:19 packer: 2017/09/01 18:18:19 [ERROR] connection error:
>> http response error: 503 - invalid content type
>> 2017/09/01 18:18:19 packer: 2017/09/01 18:18:19 [ERROR] WinRM connection
>> err: http response error: 503 - invalid content type
>>
>>
>> (BTW, searching for these errors either associated with 'winrm' and/or
>> 'packer' does not return much. I also have a sense that the 'invalid
>> content type' message is returned from Go.)
>>
>> Running packer build using Linux' strace didn't produce anything
>> valuable.
>>
>> When the temporary instance boots, I can connect successfully to the
>> WinRM port including using the *_pywinrm_* library to create a session
>> using the credentials in my JSON config, so I know that my user data script
>> is successfully enabling WinRM and setting the credentials.
>>
>> Is there something in particular that changed since Windows 2008?
>> Is there a neat way to capture the WinRM commands/traffic that Packer is
>> sending/receiving?
>>
>> Thanks!
>>
>> -- Khalid
>>
>> --
>> This mailing list is governed under the HashiCorp Community Guidelines -
>> https://www.hashicorp.com/community-guidelines.html. Behavior in
>> violation of those guidelines may result in your removal from this mailing
>> list.
>>
>> GitHub Issues: https://github.com/mitchellh/packer/issues
>> IRC: #packer-tool on Freenode
>> ---
>> You received this message because you are subscribed to the Google Groups
>> "Packer" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to [email protected] <javascript:>.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/packer-tool/dc92c327-457f-43f3-bcd1-c56a0d215c39%40googlegroups.com
>>
>> <https://groups.google.com/d/msgid/packer-tool/dc92c327-457f-43f3-bcd1-c56a0d215c39%40googlegroups.com?utm_medium=email&utm_source=footer>
>> .
>> For more options, visit https://groups.google.com/d/optout.
>>
>
--
This mailing list is governed under the HashiCorp Community Guidelines -
https://www.hashicorp.com/community-guidelines.html. Behavior in violation of
those guidelines may result in your removal from this mailing list.
GitHub Issues: https://github.com/mitchellh/packer/issues
IRC: #packer-tool on Freenode
---
You received this message because you are subscribed to the Google Groups
"Packer" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/packer-tool/68b79977-02a3-41f7-b696-4241cd245261%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
