Just another Foxite.COM Community Weblog site
windows vista (currently rc1, build 5536) ships with winrm installed but the service is only started automatically on longhorn server: if you want to use winrm on vista the service has to be started manually. whether this is still the case in the final product, or which versions of it, remains to be seen. it's presence currently is no surprise given the shared code base of ws2003 and vista, but significant changes have been made to the winrm configuration schema in vista.
the winrm configuration now includes the settings for winrs - windows remote shell - and allows these to be set programatically. also, though, administering winrm in vista is now possible via the group policy editor.
there's also now a quickconfig
command which sets winrm up as a server - starts the service,
creates a listener on all ips, and adds the firewall exceptions.
this it what the revised schema looks like:
config maxenvelopesizekb = 150 maxtimeoutms = 60000 maxbatchitems = 20 soaptraceenabled = false maxproviderrequests = 25 client networkdelayms = 5000 urlprefix = wsman allowunencrypted = false auth basic = false digest = true kerberos = true windowsintegratedauthentication = true defaultports http = 80 https = 443 trustedhosts service rootsddl = o:nsg:bad:p(a;;ga;;;ba)s:p(au;fa;ga;;;wd)(au;sa;gwgx;;;wd) maxconcurrentoperations = 100 enumerationtimeoutms = 60000 maxconnections = 5 allowunencrypted = false auth basic = false kerberos = true windowsintegratedauthentication = true defaultports http = 80 https = 443 ipv4filter = * ipv6filter = * winrs allowremoteshellaccess = true idletimeout = 4294967295 maxconcurrentusers = 5 maxshellruntime = 4294967295 maxprocessespershell = 10 maxmemorypershell = 83886080 maxshellsperuser = 5
to test vista as a client using http, the basic auth property must be set to true. to do this, use xml files, the group policy editor, or script:
winrm set winrm/config/client/auth @{basic="true"}
to test vista as a server using http to connect, basic authentication needs to be enabled for the winrm service and an http listener created just like for ws2003r2 (although group policy has a setting to "allow automatic configuration of listeners" this does not create the listener itself).
the listener uses the newer config uri and introduces some subtle changes from the previous version. the ip selector has been replaced by address, which has several options: * listens on all ip addresses on the machine, ip:192.168.1.1 listens only on the specified ip address, and mac:... listens only on ip addresses for the specified mac.
this foxpro code creates, enumrates, and then deletes an http listener which listens on all ip addresses:
* create, enumerate and destroy a listener - vistaowsman = createobject("wsman.automation")osession = owsman.createsession()cschema = "wsman:microsoft.com/wsman/2005/12/"
ccomputername = "vista_vm1"cresource = cschema + "config/listener?address=*+transport=http"
cxml = [<cfg:listener xmlns:cfg="] + cschema + [config/listener.xsd">]cxml = cxml + "<cfg:hostname>" + ccomputername + "</cfg:hostname>"cxml = cxml + "</cfg:listener>"
* create the listenercresponse = osession.create(cresource, cxml)messagebox(cresponse)
* enumerate it:cresponse = osession.enumerate(cschema + "config/listener").readitem()messagebox(cresponse)
* now delete it: there is no response to this operation if it is successfulcresponse = osession.delete(cresource)