search

StefanScherer / packer-windows

Windows Templates for Packer: Windows 11, Windows 10, Windows Server 2022, 2019, 2016, also with Docker
MIT License
1.29k stars 434 forks source link

With-windows-updates doesnt start WinRM service #314

Open blschatz opened 2 years ago

blschatz commented 2 years ago

I've successfully uncommented the "WITHOUT .. UPDATES" and commented the "WITH .. UPDATES" stanzas in the windows 10 Autounattend.xml, and had packer successfully connect and orchestrate running scripts via winrm.

I've now reverted this to do updates, but winrm won't connect after the updates are installed. Looking at the provided Autounattend.xml, there's no stanza in the "WITH .. UPDATES" stanzas to re-enable winrm. Is it enabled in another way, or is this an omission?

I've tried copying the enable-winrm.ps1 SynconronousCommand stanza to after the win-updates.ps1 stanza, but it doesn't appear to get run. (Updates installed without issue).

Any suggestions the best way to achieve this?

Thanks!

marcus3876 commented 2 years ago

Hi, I also observed a similar issue recently and do also not understand why enable-winrm.ps1 is only part of the "WITHOUT UPDATES" block. I had no time to investigate deeper, so only a thought: Have you increased the <order> value for "Enable WinRM" block (e.g. to 101) to make sure it is executed after win updates?

goproslowyo commented 2 years ago

@blschatz @marcus3876 the win-updates.ps1 script enables winrm after they finish or exceed the cycle count as far as I could tell this is the process.

See line #'s 36, 40, and 141 here.

serard-bimandco commented 1 year ago

The problem I face everytime is that the script fails at the end because it cannot get $connections

https://github.com/StefanScherer/packer-windows/blob/02c28376379d68d7e03f0056cfedd241e93879b3/scripts/enable-winrm.ps1#L3

serard-bimandco commented 1 year ago

When no update : everything is okay.

serard-bimandco commented 1 year ago

image

serard-bimandco commented 1 year ago

Following seems to fix the build with update : @blschatz 

try {
    $NetworkListManager = [Activator]::CreateInstance([Type]::GetTypeFromCLSID([Guid]"{DCB00C01-570F-4A9B-8D69-199FDBA5723B}"))
    $Connections = $NetworkListManager.GetNetworkConnections()
    $Connections | ForEach-Object { $_.GetNetwork().SetCategory(1) }
} catch {
    $_
}

try {
    Get-NetConnectionProfile | Where-Object NetworkCategory -eq "Public" | Set-NetConnectionProfile -NetworkCategory Private
} catch { 
    $_
}

Enable-PSRemoting -Force
winrm quickconfig -q
winrm quickconfig -transport:http
winrm set winrm/config '@{MaxTimeoutms="1800000"}'
winrm set winrm/config/winrs '@{MaxMemoryPerShellMB="800"}'
winrm set winrm/config/service '@{AllowUnencrypted="true"}'
winrm set winrm/config/service/auth '@{Basic="true"}'
winrm set winrm/config/client/auth '@{Basic="true"}'
winrm set winrm/config/listener?Address=*+Transport=HTTP '@{Port="5985"}'
netsh advfirewall firewall set rule group="Windows Remote Administration" new enable=yes
netsh advfirewall firewall set rule name="Windows Remote Management (HTTP-In)" new enable=yes action=allow remoteip=any
Set-Service winrm -startuptype "auto"
Restart-Service winrm

When I up the vmware vagrant box, I get uninstalled updates :

image

serard-bimandco commented 1 year ago

I have ran it with 6h timeout and it ran well : it made me a vagrant box. Not sure how to get all updates installed.