Before executing Ansible playbook WinRM should be enabled on Windows Hosts.
All script should be executed using elevated Powershell session (Run as Administrator).
To Enable WinRM, please run script Setup-WinRM.ps1 and pass -username <userName> and -password parameters with Administrator priviliges.
[System.Net.ServicePointManager]::SecurityProtocol = [System.Net.SecurityProtocolType]::Tls12
$url = "https://raw.githubusercontent.com/TargetProcess/onpremise_ansible-winrm/refs/heads/master/scripts/Setup-WinRM.ps1"
$file = "$env:temp\Setup-WinRM.ps1"
(New-Object -TypeName System.Net.WebClient).DownloadFile($url, $file)
powershell.exe -ExecutionPolicy ByPass -File $file -username <Username> -password <Password>
To Disable WinRM, please run script Disable-WinRM.ps1 with Administrator priviliges.
[System.Net.ServicePointManager]::SecurityProtocol = [System.Net.SecurityProtocolType]::Tls12
$url = "https://gitlab.tpondemand.net/onpremise/ansible-winrm/-/raw/master/scripts/Disable-WinRM.ps1"
$file = "$env:temp\Disable-WinRM.ps1"
(New-Object -TypeName System.Net.WebClient).DownloadFile($url, $file)
powershell.exe -ExecutionPolicy ByPass -File $file
Disable-WinRM.ps1 script will:
- Remove HTTPS and HTTP Listeners
- Remove Firewall rules for HTTPS (Leave HTTP as it’s system default)
- Disable PS Remoting
- Disable CredSSP authentication
- Stop and Disable WinRM service
- Set LocalAccountTokenFilterPolicy to 0