Chinaunix首页 | 论坛 | 博客
  • 博客访问: 243172
  • 博文数量: 112
  • 博客积分: 10
  • 博客等级: 民兵
  • 技术积分: 800
  • 用 户 组: 普通用户
  • 注册时间: 2010-12-29 13:41
文章分类

全部博文(112)

文章存档

2020年(1)

2018年(10)

2017年(27)

2016年(18)

2015年(31)

2014年(25)

分类: LINUX

2017-08-08 17:01:04

1、ansible控制端配置:
   pip安装pywinrm(用于Windows远程管理(WinRM)的Python库)
   如果没有安装pip请参考:http://blog.chinaunix.net/uid-23123710-id-5758166.html

点击(此处)折叠或打开

  1. pip install pywinrm
  2. pip list

hosts配置内容:


2、windows系统配置:
    windows os : Microsoft Windows Server 2008 Enterprise with sp2 x64

点击(此处)折叠或打开

  1. 安装Framework 3.0+
  2. 下载地址:
  3. 请将powershell版本升级至3.0+
  4. 更改powershell策略为remotesigned
  5. PS C:\Users\Administrator> get-executionpolicy
  6. Restricted
  7. PS C:\Users\Administrator> set-executionpolicy remotesigned

  8. 执行策略更改
  9. 执行策略可帮助你防止执行不信任的脚本。更改执行策略可能会产生安全风险,如 中的 about_Execution_Policies 帮助主题所述。是否要更改执行策略?[Y] 是(Y)  [N] 否(N)  [S] 挂起(S)  [?] 帮助 (默认值为“Y”): Y
  10. PS C:\Users\Administrator> get-executionpolicy
  11. RemoteSigned


点击(此处)折叠或打开

  1. PS C:\Users\Administrator> get-host


  2. Name : ConsoleHost
  3. Version : 3.0
  4. InstanceId : 0a2c5eec-ea75-4a91-ad51-de7302284797
  5. UI : System.Management.Automation.Internal.Host.InternalHostUserInterface
  6. CurrentCulture : zh-CN
  7. CurrentUICulture : zh-CN
  8. PrivateData : Microsoft.PowerShell.ConsoleHost+ConsoleColorProxy
  9. IsRunspacePushed : False
  10. Runspace : System.Management.Automation.Runspaces.LocalRunspace
设置windows远端管理(WS-Management,WinRM)

点击(此处)折叠或打开

  1. 查看状态,无返回信息,则没有启动;
  2. PS C:\Users\Administrator> winrm enumerate winrm/config/listener
  3. Listener
  4.     Address = *
  5.     Transport = HTTP
  6.     Port = 5985
  7.     Hostname
  8.     Enabled = true
  9.     URLPrefix = wsman
  10.     CertificateThumbprint
  11.     ListeningOn = 127.0.0.1, 192.168.3.73, ::1, fe80::100:7f:fffe%12, fe80::5efe:192.168.3.73%11, fe80::8cb4:1d6d:577c:5
  12. 5d4%10

  13. Listener
  14.     Address = *
  15.     Transport = HTTPS
  16.     Port = 5986
  17.     Hostname = WIN-PRHX9BK7A3E
  18.     Enabled = true
  19.     URLPrefix = wsman
  20.     CertificateThumbprint = 1A74B363EAB1FA671E0DA02E8693952F5D96D841
  21.     ListeningOn = 127.0.0.1, 192.168.3.73, ::1, fe80::100:7f:fffe%12, fe80::5efe:192.168.3.73%11, fe80::8cb4:1d6d:577c:5
  22. 5d4%10

  23. #对winrm service进行基础配置:
  24. PS C:\Users\Administrator> winrm quickconfig
  25. 已在此计算机上运行 WinRM 服务。
  26. 在此计算机上设置了 WinRM 以进行远程管理。

  27. 查看winrm service listener:
  1. PS C:\Users\Administrator> winrm e winrm/config/listener
  2. Listener
  3.     Address = *
  4.     Transport = HTTP
  5.     Port = 5985
  6.     Hostname
  7.     Enabled = true
  8.     URLPrefix = wsman
  9.     CertificateThumbprint
  10.     ListeningOn = 127.0.0.1, 192.168.3.73, ::1, fe80::100:7f:fffe%12, fe80::5efe:192.168.3.73%11, fe80::8cb4:1d6d:577c:5
  11. 5d4%10

  12. Listener
  13.     Address = *
  14.     Transport = HTTPS
  15.     Port = 5986
  16.     Hostname = WIN-PRHX9BK7A3E
  17.     Enabled = true
  18.     URLPrefix = wsman
  19.     CertificateThumbprint = 1A74B363EAB1FA671E0DA02E8693952F5D96D841
  20.     ListeningOn = 127.0.0.1, 192.168.3.73, ::1, fe80::100:7f:fffe%12, fe80::5efe:192.168.3.73%11, fe80::8cb4:1d6d:577c:5
  21. 5d4%10

  22. winrm service配置auth:
  1. PS C:\Users\Administrator> winrm set winrm/config/service/auth '@{Basic="true"}'
  2. Auth
  3.     Basic = true
  4.     Kerberos = true
  5.     Negotiate = true
  6.     Certificate = false
  7.     CredSSP = false
  8.     CbtHardeningLevel = Relaxed

  9. #winrm service配置加密方式为允许非加密:
  1. PS C:\Users\Administrator> winrm set winrm/config/service '@{AllowUnencrypted="true"}'
  2. Service
  3.     RootSDDL = O:NSG:BAD:P(A;;GA;;;BA)(A;;GR;;;IU)S:P(AU;FA;GA;;;WD)(AU;SA;GXGW;;;WD)
  4.     MaxConcurrentOperations = 4294967295
  5.     MaxConcurrentOperationsPerUser = 1500
  6.     EnumerationTimeoutms = 240000
  7.     MaxConnections = 300
  8.     MaxPacketRetrievalTimeSeconds = 120
  9.     AllowUnencrypted = true
  10.     Auth
  11.         Basic = true
  12.         Kerberos = true
  13.         Negotiate = true
  14.         Certificate = false
  15.         CredSSP = false
  16.         CbtHardeningLevel = Relaxed
  17.     DefaultPorts
  18.         HTTP = 5985
  19.         HTTPS = 5986
  20.     IPv4Filter = *
  21.     IPv6Filter = *
  22.     EnableCompatibilityHttpListener = false
  23.     EnableCompatibilityHttpsListener = false
  24.     CertificateThumbprint
  25.     AllowRemoteAccess = true

测试windows可用模块


执行powershell脚本:




乱码问题:
对命令输出的信息进行utf-8编码,修改winrm模块的protocol.py

点击(此处)折叠或打开

  1. sed -i "s#tdout_buffer.append(stdout)#tdout_buffer.append(stdout.decode('gbk').encode('utf-8'))#g" /usr/lib/python2.6/site-packages/winrm/protocol.py
  2. sed -i "s#stderr_buffer.append(stderr)#stderr_buffer.append(stderr.decode('gbk').encode('utf-8'))#g" /usr/lib/python2.6/site-packages/winrm/protocol.py

参考博文:
阅读(1540) | 评论(0) | 转发(0) |
给主人留下些什么吧!~~