diff options
author | Matt Davis <nitzmahone@users.noreply.github.com> | 2016-02-29 22:28:53 +0000 |
---|---|---|
committer | Matt Davis <nitzmahone@users.noreply.github.com> | 2016-02-29 22:28:53 +0000 |
commit | 840cda741df10e0d20610772b6f227799a9ad42e (patch) | |
tree | 9975744369d17dc4168f646821f72cb0ebf1a3b8 /examples | |
parent | e9fe5f201f5830167d2ca6168c08822c930efb41 (diff) | |
parent | fc0801e69bd2615c0bd254ecf2bbe58b44b81eaf (diff) | |
download | ansible-840cda741df10e0d20610772b6f227799a9ad42e.tar.gz |
Merge pull request #12363 from breathe/devel
allow ConfigureRemotingForAnsible.ps1 script from public zone
Diffstat (limited to 'examples')
-rw-r--r-- | examples/scripts/ConfigureRemotingForAnsible.ps1 | 17 |
1 files changed, 14 insertions, 3 deletions
diff --git a/examples/scripts/ConfigureRemotingForAnsible.ps1 b/examples/scripts/ConfigureRemotingForAnsible.ps1 index a70dc0354d..e7c71352f5 100644 --- a/examples/scripts/ConfigureRemotingForAnsible.ps1 +++ b/examples/scripts/ConfigureRemotingForAnsible.ps1 @@ -4,9 +4,13 @@ # This script checks the current WinRM/PSRemoting configuration and makes the # necessary changes to allow Ansible to connect, authenticate and execute # PowerShell commands. -# +# # Set $VerbosePreference = "Continue" before running the script in order to # see the output messages. +# Set $SkipNetworkProfileCheck to skip the network profile check. Without +# specifying this the script will only run if the device's interfaces are in +# DOMAIN or PRIVATE zones. Provide this switch if you want to enable winrm on +# a device with an interface in PUBLIC zone. # # Written by Trond Hindenes <trond@hindenes.com> # Updated by Chris Church <cchurch@ansible.com> @@ -19,6 +23,7 @@ Param ( [string]$SubjectName = $env:COMPUTERNAME, [int]$CertValidityDays = 365, + [switch]$SkipNetworkProfileCheck, $CreateSelfSignedCert = $true ) @@ -28,7 +33,7 @@ Function New-LegacySelfSignedCert [string]$SubjectName, [int]$ValidDays = 365 ) - + $name = New-Object -COM "X509Enrollment.CX500DistinguishedName.1" $name.Encode("CN=$SubjectName", 0) @@ -96,8 +101,14 @@ ElseIf ((Get-Service "WinRM").Status -ne "Running") # WinRM should be running; check that we have a PS session config. If (!(Get-PSSessionConfiguration -Verbose:$false) -or (!(Get-ChildItem WSMan:\localhost\Listener))) { - Write-Verbose "Enabling PS Remoting." + if ($SkipNetworkProfileCheck) { + Write-Verbose "Enabling PS Remoting without checking Network profile." + Enable-PSRemoting -SkipNetworkProfileCheck -Force -ErrorAction Stop + } + else { + Write-Verbose "Enabling PS Remoting" Enable-PSRemoting -Force -ErrorAction Stop + } } Else { |