endless "Waiting for WinRM to become available"

[shurick81]

I have got a fresh Windows 10 x64 on my host machine.

First, I install dependencies in PowerShell.
Packer:

$releaseZipUrl = "https://releases.hashicorp.com/packer/1.1.0/packer_1.1.0_windows_amd64.zip?_ga=2.126128971.795379335.1507324222-290923388.1505150799"
$zipFile = "$env:TEMP\packer_1.1.0_windows_amd64.zip"
Start-BitsTransfer -Source $releaseZipUrl -Destination $zipFile
$targetFolder = "$env:ProgramFiles\Packer"
[System.Reflection.Assembly]::LoadWithPartialName( 'System.IO.Compression.FileSystem' ) | Out-Null
[System.IO.Compression.ZipFile]::ExtractToDirectory( $zipFile, "$targetFolder" )
$env:Path="$env:Path;$targetFolder"
[Environment]::SetEnvironmentVariable("Path", $env:Path, [EnvironmentVariableTarget]::Machine)

VirtualBox:

$releaseExeUrl = "http://download.virtualbox.org/virtualbox/5.1.28/VirtualBox-5.1.28-117968-Win.exe"
$exeFile = "$env:TEMP\VirtualBox-5.1.28-117968-Win.exe"
Start-BitsTransfer -Source $releaseExeUrl -Destination $exeFile 
Start-Process $exeFile -Wait -ArgumentList "--silent"

Chef SDK:

$releaseMsiUrl = "https://packages.chef.io/files/stable/chefdk/2.3.4/windows/2012r2/chefdk-2.3.4-1-x64.msi"
$msiFile = "$env:TEMP\chefdk-2.3.4-1-x64.msi"
Start-BitsTransfer -Source $releaseMsiUrl -Destination $msiFile
Start-Process msiexec.exe -Wait -ArgumentList "/I $msiFile /quiet"

Git:

$releaseExeUrl = "https://github.com/git-for-windows/git/releases/download/v2.14.2.windows.2/Git-2.14.2.2-64-bit.exe"
$exeFile = "$env:TEMP\Git-2.14.2.2-64-bit.exe"
Invoke-RestMethod -Uri $releaseExeUrl -OutFile $exeFile
Start-Process $exeFile -Wait -ArgumentList "/SILENT"

Then I open a new cmd window to clone and run the project:

cd \
md projects
cd projects
md projects-packer-templates
cd projects-packer-templates
git clone https://github.com/mwrock/packer-templates.git c:\projects\projects-packer-templates
cd cookbooks/packer-templates
berks vendor ../../vendor/cookbooks
cd ..\..
packer build -force -only virtualbox-iso .\vbox-2012r2.json

As a result, it endeavors on following stage:

So it opens the virtual machine but never continues provisioning.

[shurick81]

However, when I run vbox-2016.json, it works as expected and I get image prepared:

The sequence for this one is almost the same as for Win 2012 R2:

cd c:\projects\projects-packer-templates
Remove-item .\cookbooks\packer-templates\Berksfile.lock
cd cookbooks/packer-templates
berks vendor ../../vendor/cookbooks
cd ..\..
packer build -force -only virtualbox-iso .\vbox-2016.json

[shurick81]

After some time it actually fails with timeout. However, the machine was fully alive and responsive...

[eeevans]

@shurick81, I've had similar experiences creating a Windows 10 box on Hyper-V. One of the things I found is that it is not able to run the a:\winrm.ps1 file as the ExecutionPolicy is not set so that it can be run. Even after setting the ExecutionPolicy to unrestriced for the machine however, it still runs with errors. If I run the commands manually in a powershell window, it completes correctly and the packer build continues. Hope this helps.

[ilovemysillybanana]

@eeevans did you ever find a solution for this?

[eeevans]

@ilovemysillybanana yes, I renamed it to winrm.bat and removed the single quotes from the set commands and changed the entry in the floppy_files section.

I'm just now creating the box again as my 90 days are about up and ran into this again and luckily found this post again or else I would have tried a couple of more days before discovering the solution again.

[Vagrantin]

I'm experiencing the same issue on a windows server 2012 R2 box, and I checked winRM is properly running, and the script could run properly as well…

Anyone found the root cause, of this issue ?

[its-saurabhjain]

I am facing similar issues, with Windows 2012R2 and Windows 2016 VM on Hyper-V with host OS as windows 10. The same scripts worked some 1 week back and today none is working. Started to feel that Packer is unreliable and if it is worth spending time on fixing issues which could have been abstracted...Need to evaluate other tools now..

[Joohansson]

I was facing the same win Win server 2019. I followed the exact windows guide here:
https://packer.io/intro/getting-started/build-image.html

Solved it by skipping setting the password:

• Removed the "set admin password" in bootstrap_win.txt
• Removed "winrm_password" from the packer json file (kept the winrm_username)

Now the packer will actually wait for the real password to become available which take about 5-10min and automatically use that for the winrm connection! Maybe not the best solution, but it works.

[msrinivascharan]

My case, increased WinRM connection time out ("winrm_timeout": "30m") to 30m from 2m. it didn't took 30 mins. and successful.

[vedat227]

in my case it was firewall issue. port "5986" is blocked on firewall. I updated bootstrap script to use port 443 and set "winrm_port" to 443 in the json file

[Razique]

If others are still struggling, here's what I ended up using. works fine on server 2019:

<powershell>
  Write-Output "Disabling WinRM over HTTP..."
  Disable-NetFirewallRule -Name "WINRM-HTTP-In-TCP"
  Disable-NetFirewallRule -Name "WINRM-HTTP-In-TCP-PUBLIC"
  Get-ChildItem WSMan:\Localhost\listener | Remove-Item -Recurse

  Write-Output "Configuring WinRM for HTTPS..."
  Set-Item -Path WSMan:\LocalHost\MaxTimeoutms -Value '1800000'
  Set-Item -Path WSMan:\LocalHost\Shell\MaxMemoryPerShellMB -Value '1024'
  Set-Item -Path WSMan:\LocalHost\Service\AllowUnencrypted -Value 'false'
  Set-Item -Path WSMan:\LocalHost\Service\Auth\Basic -Value 'true'
  Set-Item -Path WSMan:\LocalHost\Service\Auth\CredSSP -Value 'true'

  New-NetFirewallRule -Name "WINRM-HTTPS-In-TCP" `
      -DisplayName "Windows Remote Management (HTTPS-In)" `
      -Description "Inbound rule for Windows Remote Management via WS-Management. [TCP 5986]" `
      -Group "Windows Remote Management" `
      -Program "System" `
      -Protocol TCP `
      -LocalPort "5986" `
      -Action Allow `
      -Profile Domain,Private

  # New-NetFirewallRule -Name "WINRM-HTTPS-In-TCP-PUBLIC" `
  #     -DisplayName "Windows Remote Management (HTTPS-In)" `
  #     -Description "Inbound rule for Windows Remote Management via WS-Management. [TCP 5986]" `
  #     -Group "Windows Remote Management" `
  #     -Program "System" `
  #     -Protocol TCP `
  #     -LocalPort "5986" `
  #     -Action Allow `
  #     -Profile Public

  $Hostname = [System.Net.Dns]::GetHostByName((hostname)).HostName.ToUpper()
  $pfx = New-SelfSignedCertificate -CertstoreLocation Cert:\LocalMachine\My -DnsName $Hostname
  $certThumbprint = $pfx.Thumbprint
  $certSubjectName = $pfx.SubjectName.Name.TrimStart("CN = ").Trim()

  New-Item -Path WSMan:\LocalHost\Listener -Address * -Transport HTTPS -Hostname $certSubjectName -CertificateThumbPrint $certThumbprint -Port "5986" -force

  Write-Output "Restarting WinRM Service..."
  Stop-Service WinRM
  Set-Service WinRM -StartupType "Automatic"
  Start-Service WinRM
</powershell>

[Qflament]

I have the same problem with Windows 10 and i have no more idea. Did you find an other solution to create a VM ? or did you find a new way to connect winrm? thank for your help

[pavelterex]

@Qflament recently I was also struggling with deployment of Windows 10 which was always hanging on infinite "Waiting for WinRM" no matter what I did. Meanwhile Win Server 2022 with same Communicator settings did not have such problem and WinRM got detected almost instantly.

Interesting fact was that actually on Windows 10 WinRM was accessible from outside and I was able to perform any actions, but still packer was waiting fro WinRM anyway.

After several attempts of investigation I found that problem was in Network type which was Public (I already had Firewall disabled for all types of network) and winrm configuration was not properly applied. I added this line in bootstrap script BEFORE "winrm quickconfig -quiet"

# Switch any existing Public connections to Private
Get-NetConnectionProfile -NetworkCategory Public | Set-NetConnectionProfile -NetworkCategory Private

and it totally solved the problem - WinRM gets detected instantly

2024-02-12T12:59:49+01:00: ==> vsphere-iso.windows-desktop-pro: Waiting for WinRM to become available...
2024-02-12T12:59:58+01:00:     vsphere-iso.windows-desktop-pro: WinRM connected.
2024-02-12T12:59:58+01:00: ==> vsphere-iso.windows-desktop-pro: Connected to WinRM!

[kasimbazidesdery]

My name is Dezidery,

i have been trying to install windows 11 to vmware workstation using packer hashicorp. The process goes smoothly up the end, but it ends by not installing all artifact throwing an error of "vmware-iso.windows11: Waiting for WinRM to become available..." when it reach at the end it deletes all files from vm-output. if there is any assistance will be much appriciated.

[kasimbazidesdery]

here is my xml file

en-US 0409:00000409 en-US en-US en-US en-US B:\ 250 1 Primary 2 true Primary 1 1 NTFS Boot true 2 2 NTFS System 0 true /IMAGE/INDEX 1 0 2 OnError false true 1 BypassTPMCheck cmd /c reg add "HKLM\SYSTEM\Setup\LabConfig" /v "BypassTPMCheck" /t REG_DWORD /d 1 2 BypassSecureBootCheck cmd /c reg add "HKLM\SYSTEM\Setup\LabConfig" /v "BypassSecureBootCheck" /t REG_DWORD /d 1 3 BypassRAMCheck cmd /c reg add "HKLM\SYSTEM\Setup\LabConfig" /v "BypassRAMCheck" /t REG_DWORD /d 1 false Central Standard Time false true Remote Desktop all 2 1 true true en-US en-US en-US en-US packer1234 <PlainText>true</PlainText> 2 administrator true %SystemRoot%\System32\reg.exe ADD HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ /v HideFileExt /t REG_DWORD /d 0 /f 1 Show file extensions in Explorer %SystemRoot%\System32\reg.exe ADD HKLM\SYSTEM\CurrentControlSet\Control\Power\ /v HibernateFileSizePercent /t REG_DWORD /d 0 /f 2 Zero Hibernation File %SystemRoot%\System32\reg.exe ADD HKLM\SYSTEM\CurrentControlSet\Control\Power\ /v HibernateEnabled /t REG_DWORD /d 0 /f 3 Disable Hibernation Mode cmd.exe /c wmic useraccount where "name='administrator'" set PasswordExpires=FALSE 4 Disable password expiration for packer user 5 powershell -ExecutionPolicy Bypass -File c:\appx.ps1 Remove AppxPackages true 6 powershell -ExecutionPolicy Bypass -File c:\winrm-update.bat Enable ;OLLLL service true false true true true true true Home 1 packer1234 <PlainText>true</PlainText> packer1234 <PlainText>true</PlainText> administrators administrator administrator packer User

[kasimbazidesdery]

This is my hcl file

packer {
required_plugins {
vmware = {
version = ">= 1.0.0"
source = "github.com/hashicorp/vmware"
}
vsphere = {
version = ">= 1.0.0"
source = "github.com/hashicorp/vsphere"
}
}
}

variable "autounattend_file" {
type = string
default = "answer_file/autounattend.xml"
}

variable "cpu_num" {
type = number
default = 2
}

variable "disk_size" {
type = number
default = 65000
}

variable "mem_size" {
type = number
default = 4096
}

variable "os_iso_checksum" {
type = string
default = "b9e788226074441ca400d802b6cecd602931b14a2eacb0f3646a93403ab04914"
}

variable "os_iso_url" {
type = string
default = "D:/final_windows_11_installation/iso/SW_DVD9_Win_Pro_11_23H2.3_64BIT_English_Pro_Ent_EDU_N_MLF_X23-69671.ISO"
}

variable "winrm_password" {
type = string
default = "packer1234"
sensitive = true
}

variable "winrm_username" {
type = string
default = "administrator"
}

source "vmware-iso" "windows11" {
iso_url = var.os_iso_url
iso_checksum = var.os_iso_checksum

disk_size = var.disk_size
disk_type_id = 0
guest_os_type = "windows11-64"
vm_name = "Win_11_template_base"

communicator = "winrm"
winrm_username = var.winrm_username
winrm_password = var.winrm_password
winrm_timeout = "3h"

floppy_files = [var.autounattend_file, "setup/winrm-update.bat"]
output_directory = "win11_out_vmware"
keep_registered = true
shutdown_command = "shutdown /s /t 5 /f /d p:4:1 /c "Packer Shutdown""

vmx_data = {
"numvcpus" = var.cpu_num
"memsize" = var.mem_size
"scsi0.virtualDev" = "pvscsi"
}
}

build {
sources = ["source.vmware-iso.windows11"]

provisioner "powershell" {
scripts = ["setup/setup.ps1"]
pause_before = "30s"
}

provisioner "powershell" {
scripts = ["setup/vmtools.ps1"]
pause_before = "1m"
}

provisioner "powershell" {
scripts = ["setup/win-update.ps1"]
}
provisioner "windows-restart" {
restart_timeout = "30m"
}

provisioner "windows-shell" {
inline = ["dir c:\"]
}
}

[kasimbazidesdery]

here is my winrmfile.bat

"$ErrorActionPreference = "SilentlyContinue"

Switch network connection to private mode

Required for WinRM firewall rules

Switch any existing Public connections to Private

Get-NetConnectionProfile -NetworkCategory Public | Set-NetConnectionProfile -NetworkCategory Private
$profile = Get-NetConnectionProfile

Switch any existing Public connections to Private

Get-NetConnectionProfile -NetworkCategory Public | Set-NetConnectionProfile -NetworkCategory Private

Disable Network discovery

reg ADD HKLM\SYSTEM\CurrentControlSet\Control\Network\NewNetworkWindowOff /f
netsh advfirewall firewall set rule group="Network Discovery" new enable=No

$profile = Get-NetConnectionProfile

While ($profile.Name -eq "Identifying..."){

Start-Sleep -Seconds 10

$profile = Get-NetConnectionProfile

}

Set-NetConnectionProfile -Name $profile.Name -NetworkCategory Private

Enable Windows Remote Management in the Windows Firewall.

Write-Output "Enabling Windows Remote Management in the Windows Firewall..."
$NetworkListManager = [Activator]::CreateInstance([Type]::GetTypeFromCLSID([Guid]"{DCB00C01-570F-4A9B-8D69-199FDBA5723B}"))
$Connections = $NetworkListManager.GetNetworkConnections()
$Connections | ForEach-Object { $_.GetNetwork().SetCategory(1) }

Set the Windows Remote Management configuration.

Write-Output "Setting the Windows Remote Management configuration..."
Enable-PSRemoting -Force
winrm quickconfig -q
winrm quickconfig -transport:http
winrm set winrm/config '@{MaxTimeoutms="1800000"}'
winrm set winrm/config/winrs '@{MaxMemoryPerShellMB="800"}'
winrm set winrm/config/service '@{AllowUnencrypted="true"}'
winrm set winrm/config/service/auth '@{Basic="true"}'
winrm set winrm/config/client/auth '@{Basic="true"}'
winrm set winrm/config/listener?Address=*+Transport=HTTP '@{Port="5985"}'

Allow Windows Remote Management in the Windows Firewall.

Write-Output "Allowing Windows Remote Management in the Windows Firewall..."
netsh advfirewall firewall set rule group="Windows Remote Administration" new enable=yes
netsh advfirewall firewall set rule name="Windows Remote Management (HTTP-In)" new enable=yes action=allow

Restart Windows Remote Management service.

Write-Output "Restarting Windows Remote Management service..."
Set-Service winrm -startuptype "auto"
Restart-Service winrm
"

am new to packer hcl, if some one can help me how to overcome the problem will be much appreciated

thank you for your cooperation.