Winrm python
Jump to navigation
Jump to search
Allow Python winrm
Steps
Create user
# Create the password object
$Password = ConvertTo-SecureString "myPassword" -AsPlainText -Force
# Create the user account
New-LocalUser -Name "test" `
-Password $Password `
-FullName "Test Automation User" `
-Description "User for WinRM access" `
-PasswordNeverExpires
Add-LocalGroupMember -Group "Remote Management Users" -Member "test"
Firewall rule
New-NetFirewallRule -DisplayName "Allow WinRM from Specific IP" `
-Direction Inbound `
-LocalPort 5986 `
-Protocol TCP `
-Action Allow `
-RemoteAddress 10.x.x.x
#
icm '10.x.x.x' -Cr $c -Port 5986 -UseSSL -SessionOption $o { "5986 OK" }
User must belong to this with Read & Execute for python winrm
winrm configSDDL default
Restart if needed
Restart-Service WinRM
Python
import winrm
s = winrm.Session(
'10.x.x.x', # IP/host is fine
auth=(r'test', 'mypassword'), # .\ for local user; DOMAIN\user for domain
transport='ssl', # HTTPS on 5986 with Basic over TLS
server_cert_validation='ignore', # OK for self-signed / lab
message_encryption='auto', # Optional; mostly irrelevant over HTTPS
)
try:
r = s.run_cmd('hostname')
print("Status:", r.status_code)
print("STDOUT:", r.std_out.decode(errors="ignore").strip())
print("STDERR:", r.std_err.decode(errors="ignore").strip())
except Exception as e:
print("Error:", e)