For an Azure VM in the classic portal (ASM) I was able to obtain<ol> <li>the required credentials with
With these two parameters I was able to successfully execute a
New-PSSession in an Azure-runbook.
<strong>Q</strong> What am I supposed to do to open a PS-Session in an Azure-runbook to an Azure-VM (ARM)?
command in runbook (ARM)
$vmSession = New-PSSession -ConnectionUri 'https://xxx.yyy.cloudapp.azure.com:5985' -Credential $creds -SessionOption (New-PSSessionOption -SkipCACheck -SkipCNCheck -SkipRevocationCheck)
New-PSSession : [xxx.yyy.cloudapp.azure.com] Connecting to remote server xxx.yyy.cloudapp.azure.com failed with the following error message : WinRM cannot complete the operation. Verify that the specified computer name is valid, that the computer is accessible over the network, and that a firewall exception for the WinRM service is enabled and allows access from this computer. By default, the WinRM firewall exception for public profiles limits access to remote computers within the same local subnet. For more information, see the about_Remote_Troubleshooting Help topic.
According to your error, it seems that the port 5985 is blocked by some firewalls. You could use
telnet to test connectivity.
telnet xxx.yyy.cloudapp.azure.com 5985
If it fails, you should check additionally:<ol> <li>
Open port 5985 on Windows Firewall(Inbound rules).</li> <li>
Open port 5985 on Azure NSG(Inbound rules). Pay attention to NSG could be associated to NIC or subnet, you had better check them all.</li> </ol>
On your server VM, execute cmdlet.
winrm quickconfig</li> </ol>
Ensure you can access port 5985, then test on your local PC, and then test on an Azure Runbook.
I use the following cmdlets, it works for me.
New-PSSession -ConnectionUri 'http://IP:5985' -Credential $creds -SessionOption (New-PSSessionOption -SkipCACheck -SkipCNCheck -SkipRevocationCheck)
Notes: If you don't configure a certificate on your server, you can not use
https and you should use
PS C:\Users\v-shshui> New-PSSession -ConnectionUri 'http://*.*.*.*:5985' -Credential $creds -SessionOption (New-PSSessionOption -SkipCACheck -SkipCNCheck -SkipRevocationCheck) Id Name ComputerName ComputerType State ConfigurationName Availability -- ---- ------------ ------------ ----- ----------------- ------------ 7 Session7 *.*.*.* RemoteMachine Opened Microsoft.PowerShell Available
Also, if you want to use
https, you need to configure a certificate as in shown in this link.
If you want to
winrm to your VM in an Azure Runbook, you should use
https. It means that you should open port 5986 (by default) on Azure NSG and Windows Firewall. Also, you need add a new certificate on the Azure VM.