/// <summary> /// Method to begin processing. /// </summary> protected override void BeginProcessing() { // If not running elevated, then throw an "elevation required" error message. WSManHelper.ThrowIfNotAdministrator(); helper = new WSManHelper(this); IWSManSession m_SessionObj = null; try { IWSManEx wsmanObject = (IWSManEx) new WSManClass(); m_SessionObj = (IWSManSession)wsmanObject.CreateSession(null, 0, null); string result = m_SessionObj.Get(helper.CredSSP_RUri, 0); XmlNode node = helper.GetXmlNode(result, helper.CredSSP_SNode, helper.CredSSP_XMLNmsp); if (node == null) { InvalidOperationException ex = new InvalidOperationException(); ErrorRecord er = new ErrorRecord(ex, helper.GetResourceMsgFromResourcetext("WinrmNotConfigured"), ErrorCategory.InvalidOperation, null); WriteError(er); return; } // The application name MUST be "wsman" as wsman got approval from security // folks who suggested to register the SPN with name "wsman". const string applicationname = "wsman"; string credsspResult = GetDelegateSettings(applicationname); if (string.IsNullOrEmpty(credsspResult)) { WriteObject(helper.GetResourceMsgFromResourcetext("NoDelegateFreshCred")); } else { WriteObject(helper.GetResourceMsgFromResourcetext("DelegateFreshCred") + credsspResult); } // Get the server side settings result = m_SessionObj.Get(helper.Service_CredSSP_Uri, 0); node = helper.GetXmlNode(result, helper.CredSSP_SNode, helper.Service_CredSSP_XMLNmsp); if (node == null) { InvalidOperationException ex = new InvalidOperationException(); ErrorRecord er = new ErrorRecord(ex, helper.GetResourceMsgFromResourcetext("WinrmNotConfigured"), ErrorCategory.InvalidOperation, null); WriteError(er); return; } if (node.InnerText.Equals("true", StringComparison.OrdinalIgnoreCase)) { WriteObject(helper.GetResourceMsgFromResourcetext("CredSSPServiceConfigured")); } else { WriteObject(helper.GetResourceMsgFromResourcetext("CredSSPServiceNotConfigured")); } } catch (UnauthorizedAccessException ex) { ErrorRecord er = new ErrorRecord(ex, "UnauthorizedAccess", ErrorCategory.PermissionDenied, null); WriteError(er); } catch (SecurityException ex) { ErrorRecord er = new ErrorRecord(ex, "SecurityException", ErrorCategory.InvalidOperation, null); WriteError(er); } catch (ArgumentException ex) { ErrorRecord er = new ErrorRecord(ex, "InvalidArgument", ErrorCategory.InvalidOperation, null); WriteError(er); } catch (System.Xml.XPath.XPathException ex) { ErrorRecord er = new ErrorRecord(ex, "XPathException", ErrorCategory.InvalidOperation, null); WriteError(er); } finally { if (!string.IsNullOrEmpty(m_SessionObj.Error)) { helper.AssertError(m_SessionObj.Error, true, null); } if (m_SessionObj != null) { Dispose(m_SessionObj); } } }
/// <summary> /// </summary> /// <exception cref="InvalidOperationException"> /// </exception> private void EnableClientSideSettings() { string query = helper.GetResourceMsgFromResourcetext("CredSSPContinueQuery"); string caption = helper.GetResourceMsgFromResourcetext("CredSSPContinueCaption"); if (!force && !ShouldContinue(query, caption)) { return; } IWSManSession m_SessionObj = CreateWSManSession(); if (m_SessionObj == null) { return; } try { // get the credssp node to check if wsman is configured on this machine string result = m_SessionObj.Get(helper.CredSSP_RUri, 0); XmlNode node = helper.GetXmlNode(result, helper.CredSSP_SNode, helper.CredSSP_XMLNmsp); if (node == null) { InvalidOperationException ex = new InvalidOperationException(); ErrorRecord er = new ErrorRecord(ex, helper.GetResourceMsgFromResourcetext("WinrmNotConfigured"), ErrorCategory.InvalidOperation, null); WriteError(er); return; } const string newxmlcontent = @"<cfg:Auth xmlns:cfg=""http://schemas.microsoft.com/wbem/wsman/1/config/client/auth""><cfg:CredSSP>true</cfg:CredSSP></cfg:Auth>"; try { XmlDocument xmldoc = new XmlDocument(); // push the xml string with credssp enabled xmldoc.LoadXml(m_SessionObj.Put(helper.CredSSP_RUri, newxmlcontent, 0)); // set the Registry using GroupPolicyObject if (Thread.CurrentThread.GetApartmentState() == ApartmentState.STA) { this.UpdateCurrentUserRegistrySettings(); } else { ThreadStart start = new ThreadStart(this.UpdateCurrentUserRegistrySettings); Thread thread = new Thread(start); thread.SetApartmentState(ApartmentState.STA); thread.Start(); thread.Join(); } if (helper.ValidateCreadSSPRegistryRetry(true, delegatecomputer, applicationname)) { WriteObject(xmldoc.FirstChild); } else { helper.AssertError(helper.GetResourceMsgFromResourcetext("EnableCredSSPPolicyValidateError"), false, delegatecomputer); } } catch (COMException) { helper.AssertError(m_SessionObj.Error, true, delegatecomputer); } } finally { if (!string.IsNullOrEmpty(m_SessionObj.Error)) { helper.AssertError(m_SessionObj.Error, true, delegatecomputer); } if (m_SessionObj != null) { Dispose(m_SessionObj); } } }