diff options
Diffstat (limited to 'examples')
-rw-r--r-- | examples/scripts/ConfigureRemotingForAnsible.ps1 | 17 |
1 files changed, 14 insertions, 3 deletions
diff --git a/examples/scripts/ConfigureRemotingForAnsible.ps1 b/examples/scripts/ConfigureRemotingForAnsible.ps1 index a70dc0354d..e7c71352f5 100644 --- a/examples/scripts/ConfigureRemotingForAnsible.ps1 +++ b/examples/scripts/ConfigureRemotingForAnsible.ps1 @@ -4,9 +4,13 @@ # This script checks the current WinRM/PSRemoting configuration and makes the # necessary changes to allow Ansible to connect, authenticate and execute # PowerShell commands. -# +# # Set $VerbosePreference = "Continue" before running the script in order to # see the output messages. +# Set $SkipNetworkProfileCheck to skip the network profile check. Without +# specifying this the script will only run if the device's interfaces are in +# DOMAIN or PRIVATE zones. Provide this switch if you want to enable winrm on +# a device with an interface in PUBLIC zone. # # Written by Trond Hindenes <trond@hindenes.com> # Updated by Chris Church <cchurch@ansible.com> @@ -19,6 +23,7 @@ Param ( [string]$SubjectName = $env:COMPUTERNAME, [int]$CertValidityDays = 365, + [switch]$SkipNetworkProfileCheck, $CreateSelfSignedCert = $true ) @@ -28,7 +33,7 @@ Function New-LegacySelfSignedCert [string]$SubjectName, [int]$ValidDays = 365 ) - + $name = New-Object -COM "X509Enrollment.CX500DistinguishedName.1" $name.Encode("CN=$SubjectName", 0) @@ -96,8 +101,14 @@ ElseIf ((Get-Service "WinRM").Status -ne "Running") # WinRM should be running; check that we have a PS session config. If (!(Get-PSSessionConfiguration -Verbose:$false) -or (!(Get-ChildItem WSMan:\localhost\Listener))) { - Write-Verbose "Enabling PS Remoting." + if ($SkipNetworkProfileCheck) { + Write-Verbose "Enabling PS Remoting without checking Network profile." + Enable-PSRemoting -SkipNetworkProfileCheck -Force -ErrorAction Stop + } + else { + Write-Verbose "Enabling PS Remoting" Enable-PSRemoting -Force -ErrorAction Stop + } } Else { |