windows vista (currently rc1, build 5536) ships with winrm installed but the service is only started automatically on longhorn server: if you want to use winrm on vista the service has to be started manually. whether this is still the case in the final product, or which versions of it, remains to be seen. it's presence currently is no surprise given the shared code base of ws2003 and vista, but significant changes have been made to the winrm configuration schema in vista.

the winrm configuration now includes the settings for winrs - windows remote shell - and allows these to be set programatically. also, though, administering winrm in vista is now possible via the group policy editor.

there's also now a quickconfig
command which sets winrm up as a server - starts the service,
creates a listener on all ips, and adds the firewall exceptions. 


this it what the revised schema looks like:

config
maxenvelopesizekb = 150
maxtimeoutms = 60000
maxbatchitems = 20
soaptraceenabled = false
maxproviderrequests = 25
client
networkdelayms = 5000
urlprefix = wsman
allowunencrypted = false
auth
basic = false
digest = true
kerberos = true
windowsintegratedauthentication = true
defaultports
http = 80
https = 443
trustedhosts
service
rootsddl = o:nsg:bad:p(a;;ga;;;ba)s:p(au;fa;ga;;;wd)(au;sa;gwgx;;;wd)
maxconcurrentoperations = 100
enumerationtimeoutms = 60000
maxconnections = 5
allowunencrypted = false
auth
basic = false
kerberos = true
windowsintegratedauthentication = true
defaultports
http = 80
https = 443
ipv4filter = *
ipv6filter = *
winrs
allowremoteshellaccess = true
idletimeout = 4294967295
maxconcurrentusers = 5
maxshellruntime = 4294967295
maxprocessespershell = 10
maxmemorypershell = 83886080
maxshellsperuser = 5

to test vista as a client using http, the basic auth property must be set to true. to do this, use xml files, the group policy editor, or script:

winrm set winrm/config/client/auth @{basic="true"}

to test vista as a server using http to connect, basic authentication needs to be enabled for the winrm service and an http listener created just like for ws2003r2 (although group policy has a setting to "allow automatic configuration of listeners" this does not create the listener itself).

the listener uses the newer config uri and introduces some subtle changes from the previous version. the ip selector has been replaced by address, which has several options: * listens on all ip addresses on the machine,  ip:192.168.1.1 listens only on the specified ip address, and mac:...     listens only on ip addresses for the specified mac.

this foxpro code creates, enumrates, and then deletes an http listener which listens on all ip addresses:

* create, enumerate and destroy a listener - vista
owsman = createobject("wsman.automation")
osession = owsman.createsession()
cschema = "wsman:microsoft.com/wsman/2005/12/"

ccomputername = "vista_vm1"
cresource = cschema + "config/listener?address=*+transport=http"

cxml = [<cfg:listener xmlns:cfg="] + cschema + [config/listener.xsd">]
cxml = cxml + "<cfg:hostname>" + ccomputername + "</cfg:hostname>"
cxml = cxml + "</cfg:listener>"

* create the listener
cresponse = osession.create(cresource, cxml)
messagebox(cresponse)

* enumerate it:
cresponse = osession.enumerate(cschema + "config/listener").readitem()
messagebox(cresponse)

* now delete it: there is no response to this operation if it is successful
cresponse = osession.delete(cresource)

Leave a Reply

Your email address will not be published. Required fields are marked *