Last active
December 11, 2015 07:08
-
-
Save huksley/4563849 to your computer and use it in GitHub Desktop.
Full batch to setup WinRM in HTTPS for xebialabs/overthere
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
@echo off | |
REM Installs and configures WinRM in HTTPS mode | |
REM Execute this on target machine. | |
REM | |
REM xebialabs/overthere and rundeck-winrm-plugin | |
REM will work after this | |
REM | |
REM NOTE: You need accessible share with installation packages | |
REM and selfssl.exe and CertMgr.exe | |
REM Where to GET these? | |
REM - NetFx20SP2 | |
REM - KB968930 x32, x64 | |
REM - selfssl.exe - IIS 6.0 Resource Kit Tools - http://www.microsoft.com/en-us/download/details.aspx?id=17275 | |
REM - CertMgr.exe - Windows SDK - http://msdn.microsoft.com/en-us/windowsserver/bb980924.aspx | |
set WINRMFILES=#ENTERYOURPATHHERE# | |
:install | |
IF EXIST "%ProgramFiles(x86)%" ( | |
goto install64 | |
) ELSE ( | |
goto install32 | |
) | |
:install32 | |
echo Installing DotNet 2.0 SP2 | |
%WINRMFILES%\NetFx20SP2_x86.exe /q /norestart | |
echo Installing KB968930 | |
%WINRMFILES%\WindowsServer2003-KB968930-x86-ENG.exe /quiet /norestart | |
goto setup | |
:install64 | |
echo Installing DotNet 2.0 SP2 | |
%WINRMFILES%\NetFx20SP2_x64.exe /q /norestart | |
echo Installing KB968930 | |
%WINRMFILES%\WindowsServer2003-KB968930-x64-ENG.exe /quiet /norestart | |
goto setup | |
:setup | |
call winrm qc -q | |
net stop winrm | |
net start winrm | |
echo Creating WinRM HTTP Listener | |
call winrm set winrm/config/service/Auth @{Basic="true"} | |
call winrm set winrm/config/service/Auth @{Kerberos="true"} | |
call winrm set winrm/config/service @{AllowUnencrypted="true"} | |
call winrm set winrm/config/winrs @{MaxMemoryPerShellMB="1024"} | |
call winrm set winrm/config/client @{AllowUnencrypted="true"} | |
call winrm set winrm/config/client @{TrustedHosts="*"} | |
:findcert | |
set TOKEN= | |
FOR /F "skip=8 tokens=1-5" %%i IN ('%WINRMFILES%\certmgr -c -r localMachine -s my') DO ( | |
set TOKEN=%%i %%j %%k %%l %%m | |
goto found | |
) | |
:found | |
if "%TOKEN%"=="" %WINRMFILES%\selfssl.exe /T /N:cn=%COMPUTERNAME% /V:3650 /Q && goto findcert | |
:setuphttps | |
echo Creating WinRM HTTPS Listener with certificate %TOKEN% | |
call winrm delete winrm/config/Listener?Address=*+Transport=HTTPS >nul 2>nul | |
call winrm create winrm/config/Listener?Address=*+Transport=HTTPS @{Hostname="%COMPUTERNAME%"; CertificateThumbprint="%TOKEN%"} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment