python-远程连接windows机器

1. python-远程连接windows机器

  • 安装远程连接windows机器库

    pip install pywinrm

  • 在远程连接windows机器开启winrm用于远程管理

    • 查看winrm服务状态,默认没有启动

      winrm enumerate winrm/config/listener

    • 执行开启winrm服务

       winrm quickconfig

      • 执行报错

        C:\WINDOWS\system32>winrm quickconfig
已在此计算机上运行 WinRM 服务。
WSManFault
    Message
        ProviderFault
            WSManFault
                Message = 由于此计算机上的网络连接类型之一设置为公用,因此 WinRM 防火墙例外将不运行。 将网络连接类型更改为域或专用,然后再次尝试。

错误编号: -2144108183 0x80338169
由于此计算机上的网络连接类型之一设置为公用,因此 WinRM 防火墙例外将不运行。 将网络连接类型更改为域或专用,然后再次尝试。

      • 我们需要打开网络和Internet设置
        python-远程连接windows机器-小白菜博客
        image

      • 再次运行

        C:\WINDOWS\system32>winrm quickconfig
已在此计算机上运行 WinRM 服务。
WinRM 没有设置成为了管理此计算机而允许对其进行远程访问。
必须进行以下更改:

启用 WinRM 防火墙异常。
配置 LocalAccountTokenFilterPolicy 以远程向本地用户授予管理权限。

执行这些更改吗[y/n]? y

WinRM 已经进行了更新,以用于远程管理。

WinRM 防火墙异常已启用。
已配置 LocalAccountTokenFilterPolicy 以远程向本地用户授予管理权限。

    • 查看winrm service listener(分为http和https):

      C:\WINDOWS\system32>winrm enumerate winrm/config/listener
Listener
    Address = *
    Transport = HTTP
    Port = 5985
    Hostname
    Enabled = true
    URLPrefix = wsman
    CertificateThumbprint
    ListeningOn = 10.0.0.4, 127.0.0.1, 172.16.128.98, 192.168.18.1, 192.168.176.1, ::1, fe80::3323:cbd2:b3ef:3e84%7, fe80::5976:b173:5426:9980%10, fe80::8b57:92c0:d677:6851%16, fe80::f5ab:4ac7:ee2e:9c20%8

    • 为winrm service 配置auth:

      C:\WINDOWS\system32>winrm set winrm/config/service/auth @{Basic="true"}
Auth
    Basic = true
    Kerberos = true
    Negotiate = true
    Certificate = false
    CredSSP = false
    CbtHardeningLevel = Relaxed

    • 为winrm service 配置加密方式为允许非加密:

      C:\WINDOWS\system32>winrm set winrm/config/service @{AllowUnencrypted="true"}
Service
    RootSDDL = O:NSG:BAD:P(A;;GA;;;BA)(A;;GR;;;IU)S:P(AU;FA;GA;;;WD)(AU;SA;GXGW;;;WD)
    MaxConcurrentOperations = 4294967295
    MaxConcurrentOperationsPerUser = 1500
    EnumerationTimeoutms = 240000
    MaxConnections = 300
    MaxPacketRetrievalTimeSeconds = 120
    AllowUnencrypted = true
    Auth
        Basic = true
        Kerberos = true
        Negotiate = true
        Certificate = false
        CredSSP = false
        CbtHardeningLevel = Relaxed
    DefaultPorts
        HTTP = 5985
        HTTPS = 5986
    IPv4Filter = *
    IPv6Filter = *
    EnableCompatibilityHttpListener = false
    EnableCompatibilityHttpsListener = false
    CertificateThumbprint
    AllowRemoteAccess = true

    • 查看winrm服务的配置:

      C:\WINDOWS\system32>winrm get winrm/config
Config
    MaxEnvelopeSizekb = 500
    MaxTimeoutms = 60000
    MaxBatchItems = 32000
    MaxProviderRequests = 4294967295
    Client
        NetworkDelayms = 5000
        URLPrefix = wsman
        AllowUnencrypted = true
        Auth
            Basic = true
            Digest = true
            Kerberos = true
            Negotiate = true
            Certificate = true
            CredSSP = false
        DefaultPorts
            HTTP = 5985
            HTTPS = 5986
        TrustedHosts = *
    Service
        RootSDDL = O:NSG:BAD:P(A;;GA;;;BA)(A;;GR;;;IU)S:P(AU;FA;GA;;;WD)(AU;SA;GXGW;;;WD)
        MaxConcurrentOperations = 4294967295
        MaxConcurrentOperationsPerUser = 1500
        EnumerationTimeoutms = 240000
        MaxConnections = 300
        MaxPacketRetrievalTimeSeconds = 120
        AllowUnencrypted = true
        Auth
            Basic = true
            Kerberos = true
            Negotiate = true
            Certificate = false
            CredSSP = false
            CbtHardeningLevel = Relaxed
        DefaultPorts
            HTTP = 5985
            HTTPS = 5986
        IPv4Filter = *
        IPv6Filter = *
        EnableCompatibilityHttpListener = false
        EnableCompatibilityHttpsListener = false
        CertificateThumbprint
        AllowRemoteAccess = true
    Winrs
        AllowRemoteShellAccess = true
        IdleTimeout = 7200000
        MaxConcurrentUsers = 2147483647
        MaxShellRunTime = 2147483647
        MaxProcessesPerShell = 2147483647
        MaxMemoryPerShellMB = 2147483647
        MaxShellsPerUser = 2147483647

  • 编写封装远程连接测试脚本test_winrm.py

    #!/usr/bin/env python3
# _*_ coding: utf-8 _*_
# Author:shichao
# File: .py

import winrm


def winCMD(hostname, username, password, cmd):
    '''
    在 windows 下执行命令
    '''
    wintest = winrm.Session('http://' + hostname + ':5985/wsman', auth=(username, password))
    ret = wintest.run_cmd(cmd)

    return ret.std_out.decode()


if __name__ == '__main__':
    result = winCMD("172.16.128.98", "admin", "sobey2021", "ipconfig")
    print(result)

  • 运行反馈后结果

    /Users/admin/virtualenvs/python_3.8_base/bin/python test_winrm.py

Windows IP Configuration


Ethernet adapter Ethernet0:

   Connection-specific DNS Suffix  . : 
   Link-local IPv6 Address . . . . . : fe80::5976:b173:5426:9980%10
   IPv4 Address. . . . . . . . . . . : 172.16.128.98
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : fe80::aab4:56ff:fec4:6a81%10
                                       172.16.128.1

Ethernet adapter Ethernet1:

   Connection-specific DNS Suffix  . : 
   Link-local IPv6 Address . . . . . : fe80::8b57:92c0:d677:6851%16
   IPv4 Address. . . . . . . . . . . : 10.0.0.4
   Subnet Mask . . . . . . . . . . . : 255.255.0.0
   Default Gateway . . . . . . . . . : 10.0.0.1

Ethernet adapter VMware Network Adapter VMnet1:

   Connection-specific DNS Suffix  . : 
   Link-local IPv6 Address . . . . . : fe80::3323:cbd2:b3ef:3e84%7
   IPv4 Address. . . . . . . . . . . : 192.168.18.1
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 

Ethernet adapter VMware Network Adapter VMnet8:

   Connection-specific DNS Suffix  . : 
   Link-local IPv6 Address . . . . . : fe80::f5ab:4ac7:ee2e:9c20%8
   IPv4 Address. . . . . . . . . . . : 192.168.176.1
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . :