From 8473a1148c123aad14a9405f034b6256f10a3000 Mon Sep 17 00:00:00 2001 From: Lee Spottiswood Date: Wed, 7 Jun 2017 12:08:12 +0100 Subject: [PATCH 1/3] Add 'winrm_use_ntlm' configuration directive for NTLM authentication support --- helper/communicator/config.go | 5 +++++ helper/communicator/config_test.go | 25 +++++++++++++++++++++++++ 2 files changed, 30 insertions(+) diff --git a/helper/communicator/config.go b/helper/communicator/config.go index 052cfe2ee..a39262abb 100644 --- a/helper/communicator/config.go +++ b/helper/communicator/config.go @@ -42,6 +42,7 @@ type Config struct { WinRMTimeout time.Duration `mapstructure:"winrm_timeout"` WinRMUseSSL bool `mapstructure:"winrm_use_ssl"` WinRMInsecure bool `mapstructure:"winrm_insecure"` + WinRMUseNTLM bool `mapstructure:"winrm_use_ntlm"` WinRMTransportDecorator func() winrm.Transporter } @@ -187,6 +188,10 @@ func (c *Config) prepareWinRM(ctx *interpolate.Context) []error { c.WinRMTimeout = 30 * time.Minute } + if c.WinRMUseNTLM == true { + c.WinRMTransportDecorator = func() winrm.Transporter { return &winrm.ClientNTLM{} } + } + var errs []error if c.WinRMUser == "" { errs = append(errs, errors.New("winrm_username must be specified.")) diff --git a/helper/communicator/config_test.go b/helper/communicator/config_test.go index a81dba53f..c5af24114 100644 --- a/helper/communicator/config_test.go +++ b/helper/communicator/config_test.go @@ -1,9 +1,11 @@ package communicator import ( + "reflect" "testing" "github.com/hashicorp/packer/template/interpolate" + "github.com/masterzen/winrm" ) func testConfig() *Config { @@ -101,6 +103,29 @@ func TestConfig_winrm_port_ssl(t *testing.T) { } +func TestConfig_winrm_use_ntlm(t *testing.T) { + c := &Config{ + Type: "winrm", + WinRMUser: "admin", + WinRMUseNTLM: true, + } + if err := c.Prepare(testContext(t)); len(err) > 0 { + t.Fatalf("bad: %#v", err) + } + + if c.WinRMTransportDecorator == nil { + t.Fatalf("WinRMTransportDecorator not set.") + } + + expected := &winrm.ClientNTLM{} + actual := c.WinRMTransportDecorator() + + if !reflect.DeepEqual(expected, actual) { + t.Fatalf("WinRMTransportDecorator isn't ClientNTLM.") + } + +} + func TestConfig_winrm(t *testing.T) { c := &Config{ Type: "winrm", From fe5c981843e24c9e81e3b0e25a367e82af7e26e8 Mon Sep 17 00:00:00 2001 From: Lee Spottiswood Date: Wed, 7 Jun 2017 15:18:31 +0100 Subject: [PATCH 2/3] add usage docs for winrm_use_ntlm directive --- website/source/docs/templates/communicator.html.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/website/source/docs/templates/communicator.html.md b/website/source/docs/templates/communicator.html.md index 470fdefe9..3b200f87e 100644 --- a/website/source/docs/templates/communicator.html.md +++ b/website/source/docs/templates/communicator.html.md @@ -127,3 +127,5 @@ The WinRM communicator has the following options. - `winrm_insecure` (boolean) - If true, do not check server certificate chain and host name + +- `winrm_use_ntlm` (boolean) - If true, use NTLM authentication for WinRM From f86e169564051ea35273d57588adc56e9a3c6682 Mon Sep 17 00:00:00 2001 From: Lee Date: Wed, 7 Jun 2017 20:59:55 +0100 Subject: [PATCH 3/3] update docs description for winrm_use_ntlm directive --- website/source/docs/templates/communicator.html.md | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/website/source/docs/templates/communicator.html.md b/website/source/docs/templates/communicator.html.md index 3b200f87e..1743eba49 100644 --- a/website/source/docs/templates/communicator.html.md +++ b/website/source/docs/templates/communicator.html.md @@ -128,4 +128,7 @@ The WinRM communicator has the following options. - `winrm_insecure` (boolean) - If true, do not check server certificate chain and host name -- `winrm_use_ntlm` (boolean) - If true, use NTLM authentication for WinRM +- `winrm_use_ntlm` (boolean) - If true, NTLM authentication will be used for WinRM, + rather than default (basic authentication), removing the requirement for basic + authentication to be enabled within the target guest. Further reading for remote + connection authentication can be found [here](https://msdn.microsoft.com/en-us/library/aa384295(v=vs.85).aspx). \ No newline at end of file