allow ConfigureRemotingForAnsible.ps1 script to function from 'public' adapters

The current script fails on machines which have network interfaces designated
as connected to "Public" networks (choices for network designation being
Private, Domain, Public).  This commit changes the script to NOT prevent winrm
initialization when device is connected to a "Public" network.
This commit is contained in:
Nathaniel Cohen 2015-09-14 14:47:44 -07:00
parent 97b99e4517
commit be452c1b27

View file

@ -1,10 +1,10 @@
# Configure a Windows host for remote management with Ansible # Configure a Windows host for remote management with Ansible
# ----------------------------------------------------------- # -----------------------------------------------------------
# #
# This script checks the current WinRM/PSRemoting configuration and makes the # This script checks the current WinRM/PSRemoting configuration and makes the
# necessary changes to allow Ansible to connect, authenticate and execute # necessary changes to allow Ansible to connect, authenticate and execute
# PowerShell commands. # PowerShell commands.
# #
# Set $VerbosePreference = "Continue" before running the script in order to # Set $VerbosePreference = "Continue" before running the script in order to
# see the output messages. # see the output messages.
# #
@ -17,6 +17,7 @@
Param ( Param (
[string]$SubjectName = $env:COMPUTERNAME, [string]$SubjectName = $env:COMPUTERNAME,
[int]$CertValidityDays = 365, [int]$CertValidityDays = 365,
[switch]$SkipNetworkProfileCheck,
$CreateSelfSignedCert = $true $CreateSelfSignedCert = $true
) )
@ -27,7 +28,7 @@ Function New-LegacySelfSignedCert
[string]$SubjectName, [string]$SubjectName,
[int]$ValidDays = 365 [int]$ValidDays = 365
) )
$name = New-Object -COM "X509Enrollment.CX500DistinguishedName.1" $name = New-Object -COM "X509Enrollment.CX500DistinguishedName.1"
$name.Encode("CN=$SubjectName", 0) $name.Encode("CN=$SubjectName", 0)
@ -97,8 +98,14 @@ ElseIf ((Get-Service "WinRM").Status -ne "Running")
# WinRM should be running; check that we have a PS session config. # WinRM should be running; check that we have a PS session config.
If (!(Get-PSSessionConfiguration -Verbose:$false) -or (!(Get-ChildItem WSMan:\localhost\Listener))) If (!(Get-PSSessionConfiguration -Verbose:$false) -or (!(Get-ChildItem WSMan:\localhost\Listener)))
{ {
Write-Verbose "Enabling PS Remoting." if ($SkipNetworkProfileCheck) {
Write-Verbose "Enabling PS Remoting without checking Network profile."
Enable-PSRemoting -SkipNetworkProfileCheck -Force -ErrorAction Stop
}
else {
Write-Verbose "Enabling PS Remoting"
Enable-PSRemoting -Force -ErrorAction Stop Enable-PSRemoting -Force -ErrorAction Stop
}
} }
Else Else
{ {