使用本地帐户连接python winrm

Question

我试图通过使用winrm的CentOS上的python 2.7.13连接到Windows server 2012。服务器不是域的一部分。我创建了一个单独的本地管理员帐户来连接它。

使用winrm configSDDL default向用户提供所有访问权限。

将我的客户机添加到可信主机。

PS C:\Windows\system32> Get-Item WSMan:\localhost\Client\TrustedHosts 


    WSManConfig: Microsoft.WSMan.Management\WSMan::localhost\Client 

Type   Name       SourceOfValue Value 
----   ----       ------------- ----- 
System.String TrustedHosts         172.27.150.95 

在防火墙中添加了异常，并确保服务已启动。

PS C:\Windows\system32> netsh advfirewall firewall add rule name="WinRM-HTTP" dir=in localport=5985 protocol=TCP action=allow 
Ok. 

PS C:\Windows\system32> Get-Service -ComputerName abc -Name winrm | Select Status 

                                         Status 
                                         ------ 
                                         Running 


PS C:\Windows\system32> 

为WinRM客户端设置：

PS C:\Windows\system32> winrm get winrm/config/client 
Client 
    NetworkDelayms = 5000 
    URLPrefix = wsman 
    AllowUnencrypted = true 
    Auth 
     Basic = true 
     Digest = true 
     Kerberos = true 
     Negotiate = true 
     Certificate = true 
     CredSSP = false 
    DefaultPorts 
     HTTP = 5985 
     HTTPS = 5986 
    TrustedHosts = 172.27.150.95 

的Telnet工作：

xyz:~ # telnet 172.27.148.29 5985 
Trying 172.27.148.29... 
Connected to abc (172.27.148.29). 
Escape character is '^]'. 
^] 
telnet> quit 
Connection closed. 
xyz:~ # 

但还是：

>>> s = winrm.Session('abc', auth=('abc\script-runner', 'xxx'))     
>>> r = s.run_cmd('ipconfig', ['/all']) 
Traceback (most recent call last): 
    File "<stdin>", line 1, in <module> 
    File "/usr/local/lib/python2.7/site-packages/winrm/__init__.py", line 37, in run_cmd 
    shell_id = self.protocol.open_shell() 
    File "/usr/local/lib/python2.7/site-packages/winrm/protocol.py", line 132, in open_shell 
    res = self.send_message(xmltodict.unparse(req)) 
    File "/usr/local/lib/python2.7/site-packages/winrm/protocol.py", line 207, in send_message 
    return self.transport.send_message(message) 
    File "/usr/local/lib/python2.7/site-packages/winrm/transport.py", line 190, in send_message 
    raise InvalidCredentialsError("the specified credentials were rejected by the server") 
winrm.exceptions.InvalidCredentialsError: the specified credentials were rejected by the server 
>>> 

而且，我启用审计失败/成功登录但我没有看到任何辉带领或成功为我的连接尝试。

请告诉我缺少什么？我想通过本地用户连接。

感谢您的协助。

Answer 1

1. 请确保在目标Windows计算机上的网络连接类型是“私人”，如果它是“公共”winrm不会被配置。

2. 打开命令提示符，然后输入：

   winrm qc winrm set winrm/config/service @{AllowUnencrypted="true"}

3. 打开PowerShell和类型：

   enable-psremoting set-item WSMan:\localhost\Client\TrustedHosts * （ '*' 的所有主机，你可以指定你想要的主机）

4. 在你的python脚本中：

   import winrm s = winrm.Session('yourWindowsHost', auth=('yourLocalAdmin', 'passwordInPlainText'), transport='ntlm') r = s.run_cmd('ipconfig', ['/all'])