0

我正在尝试将 zip 文件发送并解压缩到 azure VM,但无法连接到远程 Azure VM。

代码

$cred = Get-Credential
$SO = New-PSSessionOption -SkipCACheck -SkipCNCheck -SkipRevocationCheck
$session = New-PSSession -ConnectionUri 'http://xx.xx.xxx.xxx:3389' -Credential $cred -SessionOption $SO

Send-File -Path C:\testArchive.zip -Destination C:\ -Session $session
Expand-Archive -Path C:\testArchive.zip -DestinationPath C:\ -Session $session

错误

New-PSSession : [xx.xx.xxx.xxx] Connecting to remote server xx.xx.xxx.xxx 
failed with the following error message : The client cannot connect to the 
destination specified in the request. Verify that the service on the 
destination is running and is accepting requests. Consult the logs and 
documentation for the WS-Management service running on the destination, most 
commonly IIS or WinRM. If the destination is the WinRM service, run the 
following command on the destination to analyze and configure the WinRM 
service: "winrm quickconfig". For more information, see the 
about_Remote_Troubleshooting Help topic.
At line:4 char:12
+ $session = New-PSSession -ConnectionUri 'http://xx.xx.xxx.xxx:3389' - ...
+            ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : OpenError: (System.Manageme....RemoteRunspace:Re 
   moteRunspace) [New-PSSession], PSRemotingTransportException
    + FullyQualifiedErrorId : CannotConnect,PSSessionOpenFailed

以下是我在 azure VM 上运行“winrm quickconfig”命令时的输出

WinRM service is already running on this machine.
WinRM is already set up for remote management on this computer.

当我运行“Enter-PSSession -ComputerName LoadTestVm -Port 3389 -Credential qa-admin”时

Enter-PSSession : Connecting to remote server LoadTestVm failed with the following error 
message : The WinRM client cannot process the request because the server name cannot be 
resolved. For more information, see the about_Remote_Troubleshooting Help topic.
At line:1 char:1
+ Enter-PSSession -ComputerName LoadTestVm -Port 3389 -Credential qa-ad ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidArgument: (LoadTestVm:String) [Enter-PSSession], PSRem 
   otingTransportException
    + FullyQualifiedErrorId : CreateRemoteRunspaceFailed
4

2 回答 2

1

WINRM 将在端口 5985 和 5986 上运行。端口 5985 用于 HTTP,5986 用于 HTTPS。默认情况下,如果您没有指定它,它会使用端口 5985 -port。您应该指定端口 5985 而不是 3389,如果有,也应在 NSG 中启用它。这样你就可以跑了Enter-PSSession -ComputerName "PublicIPaddress of VM" -Port 5985 -Credential $cred

这对我有用。

Copy-Item -Path D:\nancy\4.zip -Destination C:\ –ToSession $session

Invoke-Command -Session $session -ScriptBlock { Expand-Archive -Path C:\4.zip -DestinationPath C:\ }

更多参考:

https://www.assistanz.com/access-azure-windows-vm-through-powershell/

https://geekdudes.wordpress.com/2016/11/16/enabling-remote-powershell-connection-to-azure-virtual-machine/

https://mohitgoyal.co/2016/11/10/enable-powershell-remoting-on-azure-rm-virtual-machines/

于 2020-02-20T06:28:57.840 回答
1

这实际上并不是风险管理/安全方面的最佳实践。

<#
$username = 'qa-admin'
$pass = ConvertTo-SecureString -string 'xxxxxxxx' -AsPlainText -Force
#>

这个 ...

<#
$cred = New-Object -typename System.Management.Automation.PSCredential -argumentlist $username, $pass
#>

...为此有一个内置的cmdlet。

永远不要在脚本中传递明文密码。任何一个:

  1. 提示他们
  2. 从安全的预创建文件中读取它们

快速安全地存储您的凭据 – PowerShell

在 Windows PowerShell 中使用密码、安全字符串和凭据

  1. 从 Windows 凭据管理器

凭证管理器 2.0

从 PowerShell 访问 Windows 凭据管理器

如何使用 CredentialManager 和 PowerShell 管理机密和密码

$cred = Get-Credential -Credential $env:USERNAME

这个...

$session = New-PSSession -ConnectionUri 'http://xx.xx.xxx.xxx:3389' -Credential $cred -SessionOption (New-PSSessionOption -SkipCACheck -SkipCNCheck -SkipRevocationCheck)

...是不正确的。你不能做这个。您需要将上述结果传递给 -SessionOption 参数。

Get-Help -Name New-PSSessionOption -Examples

<#
NAME
    New-PSSessionOption

SYNOPSIS
    Creates an object that contains advanced options for a PSSession.


Example 1: Create a default session option

    PS C:\>New-PSSessionOption
...

This command creates a session option object that has all of the default values.
Example 2: Configure a session by using a session option object

    PS C:\>$pso = New-PSSessionOption -Culture "fr-fr" -MaximumReceivedObjectSize 10MB
    PS C:\>New-PSSession -ComputerName Server01 -SessionOption $pso

...

Example 3: Start an interactive session

    PS C:\>Enter-PSSession -ComputerName Server01 -SessionOption (New-PSSessionOption -NoEncryption -NoCompression)

...
Example 4: Modify a session option object

    PS C:\>$a = New-PSSessionOption
...

PS C:\> $a.UICulture = (Get-UICulture)
PS C:\> $a.OpenTimeout = (New-Timespan -Minutes 4)
PS C:\> $a.MaximumConnectionRedirectionCount = 1
PS C:\> $a

...

Example 5: Create a preference variable

    PS C:\>$PSSessionOption = New-PSSessionOption -OpenTimeOut 120000

...

Example 6: Fulfill the requirements for a remote session configuration

    PS C:\>$skipCN = New-PSSessionOption -SkipCNCheck
    PS C:\>New-PSSession -ComputerName 171.09.21.207 -UseSSL -Credential Domain01\User01 -SessionOption $SkipCN

...

Example 7: Make arguments available to a remote session

    PS C:\>$team = @{Team="IT"; Use="Testing"}
    PS C:\>$TeamOption = New-PSSessionOption -ApplicationArguments $team
    PS C:\>$s = New-PSSession -ComputerName Server01 -SessionOption $TeamOption
    PS C:\>Invoke-Command -Session $s {$PSSenderInfo.SpplicationArguments}

...

    PS C:\>Invoke-Command -Session $s {if ($PSSenderInfo.ApplicationArguments.Use -ne "Testing") {.\logFiles.ps1} else {"Just testing."}}
...
#>

所以,你的是...

$SO       = New-PSSessionOption -SkipCACheck -SkipCNCheck -SkipRevocationCheck
$session  = New-PSSession -ConnectionUri 'http://xx.xx.xxx.xxx:3389' -Credential $cred -SessionOption $SO

# Process other actions
Send-File -Path C:\testArchive.zip -Destination C:\ -Session $session
Expand-Archive -Path C:\testArchive.zip -DestinationPath C:\ -Session $session
于 2020-02-20T05:49:43.530 回答