我开始在公司的服务器上安装 Dell OpenManage,很快遇到了下面的问题,除了一台服务器外,我一直无法解决:
The installer has detected that the HTTPS listener is not configured for Windows Remote
Management. You can either configure the HTTPS listener before installing Remote Enablement,
or install Remote Enablement now by selecting the "Custom" installation screen and configure
the HTTPS listener later. See the "Remote Enablement Requirements" section in the Server
Administrator Installation Guide for information on configuring the HTTPS listener. Note:
Remote Enablement is required to manage this system from a remote Server Administrator Web
Server and is applicable only for those systems that support Server Instrumentation. Click
here to configure HTTPS Listener for Windows Remote Management.
通过谷歌搜索,我找到了一些设置 WinRM HTTPS 侦听器的说明示例,例如 戴尔弄乱了 OpenManage 安装过程,忘记编写文档了?,但是我至少设法弄清楚了,他们假设某人的域中有一个服务器,该服务器设置为 Active Directory 证书服务、证书颁发机构,并在其中创建了一个计算机(机器)证书。
但是,完成此操作后,请求在所有其他服务器上使用的 [本地计算机] 证书(mmc.exe -> 添加/删除管理单元 -> 证书),并winrm create winrm/config/Listener?Address=*+Transport=HTTPS @{Hostname="<FQDN to Certificate Services server>";CertificateThumbprint="<thumbprint>"}用于设置 HTTPS 侦听器,从而产生:
ResourceCreated
Address = http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous
ReferenceParameters
ResourceURI = http://schemas.microsoft.com/wbem/wsman/1/config/listener
SelectorSet
Selector: Address = *, Transport = HTTPS
...其中只有一个可以消除上述 Dell OpenManage 预检查错误。我尝试单击Click here to configure HTTPS Listener for Windows Remote Management.上述错误中的链接,但它无法解决任何服务器上的问题。
我注意到的一个区别是,服务器在重新扫描时确实删除了上述先决条件检查错误,查询时有 3 行winrm enum winrm/config/Listener,如下所示:
C:\Windows\system32>winrm enum winrm/config/Listener
Listener
Address = *
Transport = HTTP
Port = 5985
Hostname
Enabled = true
URLPrefix = wsman
CertificateThumbprint
ListeningOn = 127.0.0.1, 192.168.<rest of IP>, ::1, fe80::<rest of IP>
Listener
Address = *
Transport = HTTPS
Port = 5986
Hostname = <FQDN of local server>
Enabled = true
URLPrefix = wsman
CertificateThumbprint = <thumbprint without spaces>
ListeningOn = 127.0.0.1, 192.168.<rest of IP>, ::1, fe80::<rest of IP>
Listener [Source="Compatibility"]
Address = *
Transport = HTTPS
Port = 443
Hostname = <FQDN of local server>
Enabled = true
URLPrefix = wsman
CertificateThumbprint = <thumbprint without spaces i.e., ab 32 ft... etc>
ListeningOn = 127.0.0.1, 192.168.<rest of IP>, ::1, fe80::<rest of IP>
其余具有先决条件检查错误的只有两个部分:
C:\Windows\system32>winrm enum winrm/config/Listener
Listener
Address = *
Transport = HTTP
Port = 5985
Hostname
Enabled = true
URLPrefix = wsman
CertificateThumbprint
ListeningOn = 127.0.0.1, 192.168.<rest of IP>, ::1, fe80::<rest of IP>, fe80::<rest of IP>
Listener
Address = *
Transport = HTTPS
Port = 5986
Hostname = <FQDN of local server>
Enabled = true
URLPrefix = wsman
CertificateThumbprint = <thumbprint without spaces>
ListeningOn = 127.0.0.1, 192.168.<rest of IP>, ::1, fe80::<rest of IP>, fe80::<rest of IP>, fe80::<rest of IP>
winrm 输出中的额外Listener [Source="Compatibility"]部分是解决方案吗(如果是,如何添加它,尤其是指纹中的空格是 winrm 不会接受的),还是其他解决方案?