【发布时间】:2015-01-15 17:21:03
【问题描述】:
我有一个 c# 中的 asp .net webservice,它通过调用命令工具 (winrm) 在远程主机中执行 powershell 脚本。 如果我直接从 powershell 执行调用命令,这工作正常。
Invoke-Command -ConnectionURI http://localhost:5985 -ScriptBlock {new-item c:\\dir1 -itemtype directory} -Credential $mycreds
其中 $mycreds 设置为用户名和密码
但是当我尝试从 c# 执行相同的操作时
String cmd = "$secpasswd = ConvertTo-SecureString 'password' -AsPlainText -force;
$mycreds = New-Object System.Management.Automation.PSCredential ('Administrador', $secpasswd);
Invoke-Command -ConnectionURI http://localhost:5985 -ScriptBlock {new-item c:\\dir1 -itemtype directory} -Credential $mycreds";
Runspace runspace = RunspaceFactory.CreateRunspace();
runspace.Open();
Pipeline pipeline = runspace.CreatePipeline();
pipeline.Commands.AddScript(cmd);
Collection<PSObject> results = pipeline.Invoke();
return (results.Count).ToString();
计数返回 0,但如果我为此更改脚本:
String cmd = "$secpasswd = ConvertTo-SecureString 'password' -AsPlainText -force;
echo $secpasswd";
计数返回 1,并打印:“System.Security.SecureString”。然后我确定 c# 脚本没问题,但我在 PowerShell 中有某种权限问题。
我的winrm配置是:
> PS C:\Users\Administrador> winrm get winrm/config Config
> MaxEnvelopeSizekb = 150
> MaxTimeoutms = 60000
> MaxBatchItems = 32000
> MaxProviderRequests = 4294967295
> Client
> NetworkDelayms = 5000
> URLPrefix = wsman
> AllowUnencrypted = false
> Auth
> Basic = true
> Digest = true
> Kerberos = true
> Negotiate = true
> Certificate = true
> CredSSP = false
> DefaultPorts
> HTTP = 5985
> HTTPS = 5986
> TrustedHosts = *
> Service
> RootSDDL = O:NSG:BAD:P(A;;GA;;;BA)S:P(AU;FA;GA;;;WD)(AU;SA;GWGX;;;WD)
> MaxConcurrentOperations = 4294967295
> MaxConcurrentOperationsPerUser = 15
> EnumerationTimeoutms = 60000
> MaxConnections = 25
> MaxPacketRetrievalTimeSeconds = 120
> AllowUnencrypted = false
> Auth
> Basic = false
> Kerberos = true
> Negotiate = true
> Certificate = false
> CredSSP = false
> CbtHardeningLevel = Relaxed
> DefaultPorts
> HTTP = 5985
> HTTPS = 5986
> IPv4Filter = *
> IPv6Filter = *
> EnableCompatibilityHttpListener = false
> EnableCompatibilityHttpsListener = false
> CertificateThumbprint
> Winrs
> AllowRemoteShellAccess = true
> IdleTimeout = 180000
> MaxConcurrentUsers = 5
> MaxShellRunTime = 2147483647
> MaxProcessesPerShell = 15
> MaxMemoryPerShellMB = 150
> MaxShellsPerUser = 5
我也跑:
Enable-PsRemoting -Force
我设置
Set-ExecutionPolicy Unrestricted
在我的 Session_Configuration 我得到:
PS C:\Users\Administrador> Get-PSSessionConfiguration | Format-List -Property Name, Permission
Name : microsoft.powershell
Permission : BUILTIN\Administradores AccessAllowed
Name : Microsoft.PowerShell32
Permission :
Name : microsoft.ServerManager
Permission : BUILTIN\Administradores AccessAllowed
我猜 microsoft.ServerManager 是 IIS。
我的 winrm 版本:
PS C:\Users\Administrador> winrm id
IdentifyResponse
ProtocolVersion = http://schemas.dmtf.org/wbem/wsman/1/wsman.xsd
ProductVendor = Microsoft Corporation
ProductVersion = OS: 6.1.7601 SP: 1.0 Stack: 2.0
和 PowerShell 版本:
PS C:\Users\Administrador> 获取主机
名称:控制台主机 版本:2.0 实例 ID:5eb97936-a0a4-450d-b2cc-57069d1ea7e6 用户界面:System.Management.Automation.Internal.Host.InternalHostUserInterface CurrentCulture : es-CO 当前UICulture : es-ES 私有数据:Microsoft.PowerShell.ConsoleHost+ConsoleColorProxy IsRunspacePushed : 假 运行空间:System.Management.Automation.Runspaces.LocalRunspace
【问题讨论】:
标签: c# powershell winrm