<powershell>
# Set administrator password
net user Administrator SOMETHINGGOOD
wmic useraccount where "name='Administrator'" set PasswordExpires=FALSE
# First, make sure WinRM can't be connected to
netsh advfirewall firewall set rule name="Windows Remote Management
(HTTP-In)" new enable=yes action=block
# Delete any existing WinRM listeners
winrm delete winrm/config/listener?Address=*+Transport=HTTP 2>$Null
winrm delete winrm/config/listener?Address=*+Transport=HTTPS 2>$Null
# Create a new WinRM listener and configure
winrm create winrm/config/listener?Address=*+Transport=HTTP
winrm set winrm/config/winrs '@{MaxMemoryPerShellMB="0"}'
winrm set winrm/config '@{MaxTimeoutms="7200000"}'
winrm set winrm/config/service '@{AllowUnencrypted="true"}'
winrm set winrm/config/service '@{MaxConcurrentOperationsPerUser="12000"}'
winrm set winrm/config/service/auth '@{Basic="true"}'
winrm set winrm/config/service/auth '@{Certificate="true"}'
winrm set winrm/config/client/auth '@{Basic="true"}'
winrm set winrm/config/client/auth '@{Certificate="true"}'
# Configure UAC to allow privilege elevation in remote shells
$Key = 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System'
$Setting = 'LocalAccountTokenFilterPolicy'
Set-ItemProperty -Path $Key -Name $Setting -Value 1 -Force
# Configure and restart the WinRM Service; Enable the required firewall
exception
Stop-Service -Name WinRM
Set-Service -Name WinRM -StartupType Automatic
netsh advfirewall firewall set rule name="Windows Remote Management
(HTTP-In)" new action=allow localip=any remoteip=any
Start-Service -Name WinRM
</powershell>
Here is my user_data.txt file from the line
"user_data_file": "scripts/user_data.txt.
As you can see, I want to be able to use a predetermined password.
==> amazon-ebs: Force Deregister flag found, skipping prevalidating AMI Name
171
amazon-ebs: Found Image ID: ami-0eb7fbcc77e5e6ec6
172
==> amazon-ebs: Creating temporary keypair:
packer_5f720690-c3aa-4a5b-103b-b244e5cfaf67
173
==> amazon-ebs: Creating temporary security group for this instance:
packer_5f720692-6518-386c-fcfb-64088f3bdde8
174
==> amazon-ebs: Authorizing access to port 5986 from [0.0.0.0/0] in the
temporary security groups...
175
==> amazon-ebs: Launching a source AWS instance...
176
==> amazon-ebs: Adding tags to source instance
177
amazon-ebs: Adding tag: "Name": "Packer Builder"
178
amazon-ebs: Instance ID: i-076f324e8ca7a0f28
179
==> amazon-ebs: Waiting for instance (i-076f324e8ca7a0f28) to become
ready...
180
==> amazon-ebs: Waiting for auto-generated password for instance...
181
amazon-ebs: It is normal for this process to take up to 15 minutes,
182
amazon-ebs: but it usually takes around 5. Please wait.
183
==> amazon-ebs: Error waiting for password: retry count exhausted. Last
err: Error retrieving auto-generated instance password:
UnauthorizedOperation: You are not authorized to perform this operation.
Encoded authorization failure message:
On Monday, September 28, 2020 at 11:57:24 AM UTC-4 i255d wrote:
{
"variables": {
"region": "{{env `region`}}",
"environment": "{{env `env`}}",
"lob": "{{env `lob`}}",
"vpc_id": "{{env `vpc_id`}}",
"subnet_id": "{{env `subnet_id`}}",
"account": "{{env `account`}}",
"role": "{{env `iam_instance_profile`}}",
"kms_key": "{{env `kms_key_id`}}"
},
"builders": [
{
"type": "amazon-ebs",
"region": "{{user `region`}}",
"vpc_id": "{{user `vpc_id`}}",
"subnet_id": "{{user `subnet_id`}}",
"instance_type": "t2.medium",
"source_ami_filter": {
"filters": {
"virtualization-type": "hvm",
"name": "Windows_Server-2019-English-Full-Base-*",
"root-device-type": "ebs"
},
"most_recent": true,
"owners": "amazon"
},
"ami_name": "test-ansible-packer",
"user_data_file": "scripts/user_data.txt",
"communicator": "winrm",
"force_deregister": true,
"winrm_insecure": true,
"winrm_username": "Administrator",
"winrm_use_ssl": true,
"iam_instance_profile": "{{user `role`}}",
"skip_profile_validation" : true
}
],
"provisioners": [
{
"type": "ansible",
"playbook_file": "./playbook.yml",
"user": "Administrator",
"use_proxy": false,
"extra_arguments": ["-e", "ansible_winrm_server_cert_validation=ignore"]
}
]
}
Here is my win2019.json file.
On Monday, September 28, 2020 at 11:57:24 AM UTC-4 i255d wrote:
> {
> "variables": {
> "region": "{{env `region`}}",
> "environment": "{{env `env`}}",
> "lob": "{{env `lob`}}",
> "vpc_id": "{{env `vpc_id`}}",
> "subnet_id": "{{env `subnet_id`}}",
> "account": "{{env `account`}}",
> "role": "{{env `iam_instance_profile`}}",
> "kms_key": "{{env `kms_key_id`}}"
> },
> "builders": [
> {
> "type": "amazon-ebs",
> "region": "{{user `region`}}",
> "vpc_id": "{{user `vpc_id`}}",
> "subnet_id": "{{user `subnet_id`}}",
> "instance_type": "t2.medium",
> "source_ami_filter": {
> "filters": {
> "virtualization-type": "hvm",
> "name": "Windows_Server-2019-English-Full-Base-*",
> "root-device-type": "ebs"
> },
> "most_recent": true,
> "owners": "amazon"
> },
> "ami_name": "test-ansible-packer",
> "user_data_file": "scripts/user_data.txt",
> "communicator": "winrm",
> "force_deregister": true,
> "winrm_insecure": true,
> "winrm_username": "Administrator",
> "winrm_use_ssl": true,
> "iam_instance_profile": "{{user `role`}}",
> "skip_profile_validation" : true
> }
> ],
> "provisioners": [
> {
> "type": "ansible",
> "playbook_file": "./playbook.yml",
> "user": "Administrator",
> "use_proxy": false,
>
> "extra_arguments": ["-e", "ansible_winrm_server_cert_validation=ignore"]
> }
> ]
> }
> Here is my win2019.json file.
>
>
--
This mailing list is governed under the HashiCorp Community Guidelines -
https://www.hashicorp.com/community-guidelines.html. Behavior in violation of
those guidelines may result in your removal from this mailing list.
GitHub Issues: https://github.com/hashicorp/packer/issues
IRC: #packer-tool on Freenode
---
You received this message because you are subscribed to the Google Groups
"Packer" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/packer-tool/7675fe9a-a1a0-46fa-9ae4-22125bfb5df3n%40googlegroups.com.
