New-PSSession to localhost fails
我有一个脚本,用于打开到localhost的远程会话。
我需要此工具从登录脚本中在某些设备上安装NuGet。
1 2 3 4 5 | $Username ="Admin" $Password = ConvertTo-SecureString ‘adminPW’ -AsPlainText -Force $adminCredential = New-Object System.Management.Automation.PSCredential $Username, $Password $Session = New-PSSession -Credential $adminCredential Invoke-Command -Session $Session -ScriptBlock {Install-PackageProvider -Name NuGet -Verbose -MinimumVersion 2.8.5.201 -Force} |
每次尝试运行此命令时,都会出现以下错误:
1 2 3 4 5 6 7 8 9 | New-PSSession : [localhost] Connecting to remote server localhost failed with the following error message : The client cannot connect to the destination specified in the request. Verify that the service on the destination is running and is accepting requests. Consult the logs and documentation for the WS-Management service running on the destination, most commonly IIS or WinRM. If the destination is the WinRM service, run the following command on the destination to analyze and configure the WinRM service:"winrm quickconfig". For more information, see the about_Remote_Troubleshooting Help topic. At C:\Users\Mike Holtackers\OneDrive - Foreign Trade Association\Scripts\OutlookSig\getAADconnectionOK.ps1:5 char:12 + $Session = New-PSSession -ConnectionUri $ConnectionURI -Credential $a ... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : OpenError: (System.Manageme....RemoteRunspace:RemoteRunspace) [New-PSSession], PSRemotingTransportException + FullyQualifiedErrorId : CannotConnect,PSSessionOpenFailed |
运行
以下是
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 | PS WSMan:\localhost\Listener\Listener_1084132640> winrm get winrm/config Config MaxEnvelopeSizekb = 500 MaxTimeoutms = 60000 MaxBatchItems = 32000 MaxProviderRequests = 4294967295 Client NetworkDelayms = 5000 URLPrefix = wsman AllowUnencrypted = false Auth Basic = true Digest = true Kerberos = true Negotiate = true Certificate = true CredSSP = false DefaultPorts HTTP = 5985 HTTPS = 5986 TrustedHosts = * Service RootSDDL = O:NSG:BAD:P(A;;GA;;;BA)(A;;GR;;;IU)S:P(AU;FA;GA;;;WD)(AU;SA;GXGW;;;WD) MaxConcurrentOperations = 4294967295 MaxConcurrentOperationsPerUser = 1500 EnumerationTimeoutms = 240000 MaxConnections = 300 MaxPacketRetrievalTimeSeconds = 120 AllowUnencrypted = false Auth Basic = false Kerberos = true Negotiate = true Certificate = false CredSSP = false CbtHardeningLevel = Relaxed DefaultPorts HTTP = 5985 HTTPS = 5986 IPv4Filter = 194.168.254.1-194.168.254.256 [Source="GPO"] IPv6Filter [Source="GPO"] EnableCompatibilityHttpListener = false EnableCompatibilityHttpsListener = false CertificateThumbprint AllowRemoteAccess = true [Source="GPO"] Winrs AllowRemoteShellAccess = true IdleTimeout = 7200000 MaxConcurrentUsers = 2147483647 MaxShellRunTime = 2147483647 MaxProcessesPerShell = 2147483647 MaxMemoryPerShellMB = 2147483647 MaxShellsPerUser = 2147483647 |
检查
1 2 3 4 5 | PS C:\> Get-Service winrm | ft -AutoSize Status Name DisplayName ------ ---- ----------- Running winrm Windows Remote Management (WS-Management) |
否则,尽管您已通过winrm进行了配置并已通过
问题是有人篡改了防火墙...感谢您的帮助!
基本上,防火墙GPO阻止了远程管理