6

Exiting environment : Windows Server 2008 R2. I am in the process of migrating to Windows Server 2012 R2. I installed Windows Server 2012 R2 on HP DL380p G8 server. I am able to install role or feature using PowerShell but not via GUI ServerManager.

Now, when I go to add a any role or features using GUI ServerManager I am getting the following errors:

**Failed to open runspace pool. The Server Manager WinRM plug-in might be corrupt or missing**

I did the following troubleshooting already:

  • Run WinRM quickconfig which shows the service is running and setup for management.
  • Restored WinRM settings: winrm invoke restore winrm/config @{}
  • Restored WinRM plugin settings: winrm invoke restore winrm/config/plugin @{}
  • Add "127.0.0.1" and "::1" to the IP listen list
  • Disabled the firewall
  • Ensured the Windows Remote Management (WS-Management) service is running.
  • Granted the “Validated Write to Service Principal Name” permission to the NETWORK SERVICE using theADSIEDIT.msc

Following are the errors logged: Event ID 10154

The WinrRM failed to create the following SPNs:WSMAN/xxx.abc.com:WSMAN/xxx

Application and services log Event ID 142

WSMAN Operation CreateShell failed, error code 2150858811

I googled but nothing seems to help.

Any help will be highly appreciated.

prabsom
  • 61
  • 1
  • 1
  • 2

6 Answers6

1

This sounds like an issue with the OS installation. If possible, I would run a sfc /scannow on the server and see if that corrects it. If not, toss the OS CD in there and run a repair from that.

Jonas Lear
  • 460
  • 1
  • 3
  • 5
1

Use setspn to manually create the SPN https://technet.microsoft.com/en-us/library/dd348559%28v=ws.10%29.aspx

SETSPN -A WSMAN/{server-short-name}{domainshortname\server-short-name}
SETSPN -A WSMAN/{server-FQDN-name.}{domainshortname\server-short-name}
Mass Nerder
  • 997
  • 4
  • 6
1

This is usually due to a GPO setting in Windows Remote Management. As soon as you set the "Allow Remote Shell Access" to Not Configured it should work. Computer Configuration\Administrative Templates\Windows Components\Windows Remote Shell.

Erin
  • 11
  • 1
0

Looks like you may have duplicate SPNs. if you want to use WSMAN AND kerberos SSO, you will need to use CNAMEs

check for what user has the duplicate SPN

setspn -Q WSMAN/xxx.abc.com
setspn -Q WSMAN/xxx

You'll need to delete them from that user and re-assign them to the computer account (with setpn).

delete duplicate spn

SetSpn -D domain/user WSMAN/xxx.abc.com
SetSpn -D domain/user WSMAN/xxx

Reassign

SetSpn -A WSMAN/xxx.abc.com
SetSpn -A WSMAN/xxx

You will also need to do this for HTTP where you want to use WinRM.

Jacob Evans
  • 7,636
  • 3
  • 25
  • 55
0

For me, this was because I had an IP binding on the command line, and the server then wasn't bound on the localhost. To overcome this, I added a binding to 127.0.0.1:

netsh http add iplisten ipaddress=127.0.0.1 net stop http /y net start http net start w3svc

Once I did this, I could then add Roles and Features using the GUI.

Credit here: http://www.lukebrowning.com/sysadmin/windows/windows-server-2012-winrm-corrupt-or-missing/

5lovak
  • 422
  • 5
  • 11
-1

I realize you found the solution, but for anyone else who stumbles upon this error: I am almost ashamed to suggest this, but here is the obvious thing to try before going on a wild goose chase: Reboot.

I was having the same problem, and after a couple of hours of banging my head against the wall, it occured to me to try and restart the server. That did the trick, and it sure made me feel stupid for wasting the afternoon troubleshooting. Seems that WinRM was in some kind of faulty state.

Øystein Grande Jaren
  • 107
  • 1