Knife windows winrm question


#1

Knife windows winrm bootstrap question - What am I missing? I have an AWS Windows 2012 instance with 5985 open. On the windows server I have run the following to allow Winrm:

winrm quickconfig -q

set-item wsman:\localhost\shell\maxmemorypershellmb 1024

set-item wsman:\localhost\MaxTimeoutms 300000

set-item wsman:\localhost\service\allowunencrypted $true

set-item wsman:\localhost\service\auth\basic $true

But when I run knife bootstrap windows winrm IPADDRESS -N ChefWinTest --winrm-user Administrator --winrm-password "PASSWORD" --run-list 'role[system]'
Get the following;
Waiting for remote response before bootstrap.#<Thread:0x00000000078b5b80@/opt/chef-workstation/embedded/lib/ruby/gems/2.5.0/gems/logging-2.2.2/lib/logging/diagnostic_context.rb:471 run> terminated with exception (report_on_exception is true):
...........
ERROR: No response received from remote node after 3.33 minutes, giving up.
ERROR: Exception: execution expired
ERROR: HTTPClient::ConnectTimeoutError: execution expired

Any help very much appreciated!!!!


#2

Hi,
First test connection by using the next command :
knife wsman test [hostame] -m

it should return : Connected successfully to...

Next test that you can connect and execute remote command, for example :
winrm HOSTNAME "dir D:" -m -x DOMAIN\user -P 'PASSWORD'

Regards,


#3

Thanks for looking at this….

I ran the following on target node and was able to bootstrap:

Get-NetFirewallPortFilter | ?{_.LocalPort -eq 5985 } | Get-NetFirewallRule | ?{ .Direction -eq "Inbound" -and _.Profile -eq "Public" -and .Action -eq "Allow"} | Set-NetFirewallRule -RemoteAddress "Any"

But wsman test still fails..

knife wsman test ChefWinTest2 -m

WARNING: Failed to connect to ChefWinTest2 at http://ChefWinTest2:5985/wsman.

ERROR: Failed to connect to 1 nodes.