NetWitness Community

Hi Sravan,

Is there a way to disable the script (RSA provided for winrm config) which has been executed earlier (part of rollback plan)?

Thanks,

Utsav Sejpal

Hi Utsav,

I can't give complete rollback for the script. But, I can give a shot for deleting https listener and removing the collection user from the group which will be created by the script.

• Run in windows command prompt winrm delete winrm/config/Listener?Address=*+Transport=HTTPS
• Remove collection user account from Event Log Readers group.

Hi Sravan,

Thanks for your inputs. 

One more doubt is it possible to delete listener running on custom port 5986 for HTTPs? Above command would delete all listeners associated with HTTPs service. 

Thanks,

Utsav Sejpal

Hi Utsav,

In Winrm 2, the default port is 5986 for https. If you have used custom port for configuration, Please use below command to remove.

Winrm delete winrm/config/listener?Address=*+Transport=HTTPS @{Port="<Custom_PORT_NUMBER>"}

Example:

Winrm delete winrm/config/listener?Address=*+Transport=HTTPS @{Port="2356"}

Hi Sraven,

No luck mate!! Using 6789 port number for listener

I ran all the below commands:

C:\>winrm delete winrm/config/listener?Address=*+Transport=HTTPS @{Port="6789"}
Error: Input was supplied to an operation that does not accept input.

C:\>winrm delete winrm/config/listener?Address=*+Transport=HTTPS @Port="6789"
Error: Input was supplied to an operation that does not accept input.

C:\>winrm delete winrm/config/listener?Address=*+Transport=HTTPS Port="6789"
Error: Invalid use of command line. Type "winrm -?" for help.

Thanks,

Utsav Sejpal 

Hi Utsav,

Sorry, I don't have test server to test the command. Try below command to change custom port 6789 to default 5986.

Winrm set winrm/config/listener?Address=*+Transport=HTTPS @{Port="5986"}