From 2cb97352942a703956527107f352d038556819b0 Mon Sep 17 00:00:00 2001
From: Nicole Rappe <nicole.rappe@bunny-lab.io>
Date: Wed, 31 Jul 2024 18:58:11 -0600
Subject: [PATCH] Update Docker & Kubernetes/Servers/AWX/AWX Operator/Enable
 Kerberos WinRM.md

---
 .../AWX/AWX Operator/Enable Kerberos WinRM.md | 34 +++++++++++++------
 1 file changed, 24 insertions(+), 10 deletions(-)

diff --git a/Docker & Kubernetes/Servers/AWX/AWX Operator/Enable Kerberos WinRM.md b/Docker & Kubernetes/Servers/AWX/AWX Operator/Enable Kerberos WinRM.md
index 3975842..85dfcca 100644
--- a/Docker & Kubernetes/Servers/AWX/AWX Operator/Enable Kerberos WinRM.md	
+++ b/Docker & Kubernetes/Servers/AWX/AWX Operator/Enable Kerberos WinRM.md	
@@ -12,11 +12,27 @@ winrm quickconfig -force
 $cert = New-SelfSignedCertificate -CertStoreLocation Cert:\LocalMachine\My -DnsName "hyperv-host.local"
 $certThumbprint = $cert.Thumbprint
 
-# Delete existing HTTPS listener if it exists
-Write-Host "Removing existing HTTPS listener if it exists..."
-$existingListener = (winrm enumerate winrm/config/listener | Select-String -Pattern "Transport=HTTPS")
-if ($existingListener) {
-    winrm delete winrm/config/Listener?Address=*+Transport=HTTPS
+# Function to delete existing HTTPS listener
+function Remove-HTTPSListener {
+    Write-Host "Removing existing HTTPS listener if it exists..."
+    $listeners = Get-WSManInstance -ResourceURI winrm/config/listener -Enumerate
+    foreach ($listener in $listeners) {
+        if ($listener.Transport -eq "HTTPS") {
+            Write-Host "Deleting listener with Address: $($listener.Address) and Transport: $($listener.Transport)"
+            Remove-WSManInstance -ResourceURI winrm/config/listener -SelectorSet @{Address=$listener.Address; Transport=$listener.Transport}
+        }
+    }
+    Start-Sleep -Seconds 5  # Wait for a few seconds to ensure deletion
+}
+
+# Remove existing HTTPS listener
+Remove-HTTPSListener
+
+# Confirm deletion
+$existingListeners = Get-WSManInstance -ResourceURI winrm/config/listener -Enumerate
+if ($existingListeners | Where-Object { $_.Transport -eq "HTTPS" }) {
+    Write-Host "Failed to delete the existing HTTPS listener. Exiting script."
+    exit 1
 }
 
 # Create a new HTTPS listener
@@ -24,11 +40,9 @@ Write-Host "Creating a new HTTPS listener..."
 $listenerCmd = "winrm create winrm/config/Listener?Address=*+Transport=HTTPS '@{Hostname=`"hyperv-host.local`"; CertificateThumbprint=`"$certThumbprint`"}'"
 Invoke-Expression $listenerCmd
 
-# Set TrustedHosts to allow connections from the Ansible control node
-# Replace "ansible_control_node_ip" with the IP address of your Ansible control node
-$trustedHosts = "ansible_control_node_ip"
-Write-Host "Setting TrustedHosts to $trustedHosts..."
-winrm set winrm/config/client '@{TrustedHosts="' + $trustedHosts + '"}'
+# Set TrustedHosts to allow connections from any IP address
+Write-Host "Setting TrustedHosts to allow any IP address..."
+winrm set winrm/config/client '@{TrustedHosts="*"}'
 
 # Enable the firewall rule for WinRM over HTTPS
 Write-Host "Enabling firewall rule for WinRM over HTTPS..."