Home > Uncategorized > netsh http on Windows XP with httpcfg.exe

netsh http on Windows XP with httpcfg.exe

WinRM allows for remote management via the WS-Management interface so that you can utilize remote tools, such as Powershell, Chef’s knife-windows, winrm for ruby, winrm for python, openwsman, and dtolab’s rundeck winrm node executor, to manage Windows systems from any platform. The benefit over other methods is very extensible and can be implemented securely.

I recently took on the task to remotely manage a set of workstations, some are Windows 7, some are XP.

After verifying the firewall was enabled (a requirement of WinRM), I attempted to configure WinRM using `winrm quickconfig`. After winrm.cmd attempted to start the service then connect, I received an error 0x80338012, and it could not connect.

I came across what appeared to be a valuable event log entry:

Event Type:	Error
Event Source:	WinRM
Event Category:	None
Event ID:	10128
The WinRM service is not listening for HTTP requests because there was a failure binding to the URL (http://+:47001/wsman/) in HTTP.SYS. 

 No remote requests will be serviced on that URL. 

 User Action 
 Please use "netsh http" to check if ACL for URL (http://+:47001/wsman/) is set to Network Service. 

 Additional Data 
 The error code received from HTTP.sys is 2: The system cannot find the file specified. 

Unfortunately, there is no http interface within netsh on Windows XP.

It took me quick some time, but I came across this technet article that describes httpcfg.exe, the program used to configure the HTTP service on Windows XP.

To query the ACL for URLs:

httpcfg.exe query urlacl

My result showed that the requested entry is present:

    URL : http://*:2869/
    ACL : D:(A;;GX;;;LS)
    URL : http://+:47001/wsman/ #<--- "http://+:47001/wsman/
    ACL : D:(A;;GX;;;NS) #<--- is set to Network Service
    URL : http://+:5985/wsman/
    ACL : D:(A;;GX;;;NS)
    URL : https://+:5986/wsman/
    ACL : D:(A;;GX;;;NS)
    URL :
    ACL : D:(A;;GX;;;WD)
    URL : http://+:80/Temporary_Listen_Addresses/
    ACL : D:(A;;GX;;;WD)

To solve the problem:

httpcfg set iplisten -i
net stop http /y & net start http /y & net start HTTPFilter /y
winrm qc

This configures the driver service http.sys to listen on any address.

Test with:
$ComputerName should be replaced with a computer name.

Invoke-Command -ComputerName $ComputerName -ScriptBlock {Get-Service | Where-Object {($_.Name -eq "WinRM") -and ($_.Status -eq "Running")}} -ErrorAction Stop
Tags: , , ,
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: