1. 首页
  2. 问答
  3. 厨师bootstrap出域IP

厨师bootstrap出域IP

2016-11-03 42 views
0

我发现,如果我尝试引导Windows 2012服务器,我得到这个错误。厨师bootstrap出域IP

knife bootstrap windows winrm 192.0.2.0 -N foobar -x vagrant -P vagrant -r "role[foo]" -E dev -V

Waiting for remote response before bootstrap.ERROR: Failed to authenticate to 192.0.2.0 as vagrant 
Response: WinRM::WinRMAuthorizationError 
Hint: Make sure to prefix domain usernames with the correct domain name. 
Hint: Local user names should be prefixed with computer name or IP address. 
EXAMPLE: my_domain\user_namer

解决方法是将包括IP地址作为用户名

192.0.2.0\vagrant

knife bootstrap windows winrm 192.0.2.0 -N foobar -x 192.0.2.0\vagrant -P vagrant -r "role[foo]" -E dev -V

我WinRM配置与封隔器创建的一部分。

# https://github.com/mwrock/packer-templates/blob/b46ec4e1c3eafcaa64042f32ceab7de2d3789dba/scripts/package.ps1#L28-L45 

netsh advfirewall firewall add rule name="WinRM-HTTP" dir=in localport=5985 protocol=TCP action=allow 

[email protected]{Force=$true} 
try { 
$command=Get-Command Enable-PSRemoting 
    if($command.Parameters.Keys -contains "skipnetworkprofilecheck"){ 
     $enableArgs.skipnetworkprofilecheck=$true 
    } 
} 
catch { 
    $global:error.RemoveAt(0) 
} 
Enable-PSRemoting @enableArgs 
winrm set winrm/config/client/auth '@{Basic="true"}' 
winrm set winrm/config/service/auth '@{Basic="true"}' 
winrm set winrm/config/service '@{AllowUnencrypted="true"}'

为什么我只能用

来源

2016-11-03 spuder

回答

0

引导大量的试验和错误之后,我发现Enable-PSRemoting就像我认为他们是winrm quickconfig是不等价的命令。

将以下两行添加到winrm安装程序可修复此问题。 Bootstrap现在不再需要使用IP地址作为名称。

winrm quickconfig -q 
winrm quickconfig -transport:http

全部配置

netsh advfirewall firewall add rule name="WinRM-HTTP" dir=in localport=5985 protocol=TCP action=allow 
winrm quickconfig -q 
winrm quickconfig -transport:http 
[email protected]{Force=$true} 
try { 
$command=Get-Command Enable-PSRemoting 
    if($command.Parameters.Keys -contains "skipnetworkprofilecheck"){ 
     $enableArgs.skipnetworkprofilecheck=$true 
    } 
} 
catch { 
    $global:error.RemoveAt(0) 
} 
Enable-PSRemoting @enableArgs 
#Enable-WSManCredSSP -Force -Role Server #TODO What does this do, do I need it? 
winrm set winrm/config/client/auth '@{Basic="true"}' 
winrm set winrm/config/service/auth '@{Basic="true"}' 
winrm set winrm/config/service '@{AllowUnencrypted="true"}'

注意,允许基本身份验证和加密WinRM的是不是用于生产安全。

来源

2016-11-03 20:01:49 spuder

相关问题

 相关问题