我需要通过powershell为winrm/config/service以编程方式设置RootSDDL
PS C:\Windows\system32> winrm set winrm/config/service @{RootSDDL="O:NSG:BAD:P(A;;GA;;;BA)(A;;GA;;;RM)(A;;GR;;;IU)S:P(AU;FA;GA;;;WD)(AU;SA;GXGW;;;WD)"}
Error: Invalid use of command line. Type "winrm -?" for help.
PS C:\Windows\system32>winrm get winrm/config/service
Service
RootSDDL = O:NSG:BAD:P(A;;GA;;;BA)(A;;GR;;;IU)S:P(AU;FA;GA;;;WD)(AU;SA;GXGW;;;WD)
MaxConcurrentOperations = 4294967295
MaxConcurrentOperationsPerUser = 1500
EnumerationTimeoutms = 240000
MaxConnections = 300
MaxPacketRetrievalTimeSeconds = 120
AllowUnencrypted = true [Source="GPO"]
Auth
Basic = true [Source="GPO"]
Kerberos = true
Negotiate = true
Certificate = false
CredSSP = false
CbtHardeningLevel = Relaxed
DefaultPorts
HTTP = 5985
HTTPS = 5986
IPv4Filter = * [Source="GPO"]
IPv6Filter = * [Source="GPO"]
EnableCompatibilityHttpListener = true [Source="GPO"]
EnableCompatibilityHttpsListener = true [Source="GPO"]
CertificateThumbprint
AllowRemoteAccess = true [Source="GPO"]资源
https://docs.ansible.com/ansible/latest/user_guide/windows_winrm.html#non-administrator-accounts www.example.com
2条答案
按热度按时间8yparm6h1#
您可以使用
Set-PSSessionConfigurationcmdlet设置某些选项:https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.core/set-pssessionconfiguration?view=powershell-6或者,如果您对winrm/config/service设置感兴趣,您可以通过WSMan提供程序浏览它们:
cd wsmna:\localhost\service并使用*-itemcmdlet(Get-Item,Set-Item等)。如果您想在cd wsmna:\localhost\中查看其他WSMan详细信息。在PowerShell中,您可以创建自定义端点来连接和限制可用的PowerShell语言和cmdlet。更多详细信息:https://learn.microsoft.com/en-us/powershell/scripting/learn/remoting/jea/overview?view=powershell-6
希望它能帮上忙!最好的问候,伊万
xzv2uavs2#
您必须将@{stuf goes here}标记单引号起来。否则PowerShell会将其解释为散列,这不是winrm想要的。
winrm set winrm/config/service '@{RootSDDL=“O:NSG:BAD:P(A;GA; BA)(A;;GA;;;RM)(A;;GR;;;IU)S:P(Au;FA;GA;;;WD)(Au;SA;GXGW;;;WD)"}“