Winrm is not avaliable on Windows Azure Windows VM

1
votes

I'm setting the following ConfigurationSet in Virtual Machine Deployment

            <ConfigurationSet xsi:type="WindowsProvisioningConfigurationSet">
                <ConfigurationSetType>WindowsProvisioningConfiguration</ConfigurationSetType>
                <ComputerName>ROLE173D</ComputerName>
                <AdminUsername>myname</AdminUsername>
                <AdminPassword>mypassword</AdminPassword>
                <WinRm>
                    <Listeners>
                        <Listener>
                            <Protocol>Http</Protocol>
                        </Listener>
                        <Listener>
                            <Protocol>Https</Protocol>
                        </Listener>
                    </Listeners>
                </WinRm>
                <DisableSshPasswordAuthentication>false</DisableSshPasswordAuthentication>
            </ConfigurationSet>

Although the Window VM created (and the endpoint is set) it seems like it doesn't start the winrm service.

Edit

It seems like the winrm does run on port 5985 and the Endpoint is set to allow 5985, but the Windows VM firewall is blocking the access, is there away to open the firewall on the deployment?

2
powershellazurepowershell-remotingwinrm
Have you configured an endpoint on the VM to allow external access? - Dennis Burton
Yes I did, and I checked and it's opened, the problem is that the Windows Server internal FireWall is closed by default. - Guy Korland

2 Answers

0
votes
            Seems the request what you have formed has to have a thumbprint
        if you intend to access winrm via https and the way how you pass
        the request seems to be little different. Can you pass your request like this?
        change the listener protocol to type

            <WinRm>
                  <Listeners>
                    <Listener>
                      <Type>Http</Type>
                    </Listener>
                    <Listener>
                      <Type>Https</Type>
                      <CertificateThumbprint>yourcertthumbprint</CertificateThumbprint>
                    </Listener>
                  </Listeners>
            </WinRm>

    This winrm request should add firewall exception rule. 


    Alternatively you can run the following powershell command for adding firewall policy for winrm service and you are all set.

    Enable-PSRemoting

Let me know if this helps!!
0
votes

The issue at the end of the day was a simple typo fix. The element should be WinRM and not WinRm. The fact that there's no schema nor runtime validation error really hidden the reason.

Once the typo was fixed a winrm/https on a public port was set using a self signed certificate. While Winrm/http was set only for the internal network.