New Question

Revision history [back]

Hi Chuntzu!

In general we do not recommend using/setting passwords via unattend.xml. I highly recommend you generate a x509 certificate and upload that to MaaS. You will then be able to use that x509 certificate to execute remote commands on your newly installed windows machine over ssl without any passwords.

To generate a new x509 key, log into your MaaS node and run the following command:


The public portion of the key will be printed to screen. Copy that key (including the "BEGIN CERTIFICATE" and "END CERTIFICATE" portion) and upload it to your MaaS node under user-->preferences-->SSL keys. (it should be in the same place you saved your SSH public key)

After you do this, deploy a new windows machine. After it gets installed and cloudbase-init finishes running, you should be able to run remote commands via WinRM.

You may find a small and nifty python script that can issue remote commands from windows here:

Please note that you will need pywinrm for this to work:

sudo pip install pywinrm

after which you will be able to run:

./ -H <IP_OF_WINDOWS_MACHINE> -s -a certificate -c $HOME/.ssl/winrm_client_cert.pem -k $HOME/.ssl/winrm_client_cert.key "net user Administrator supersecretp@ss"

Please note that windows 8.1 is not in the official list of supported OS (only server OS versions). You may not have an option to set a serial key. MaaS does offer the option to specify a KMS server, in which case it should be fine.

Let me know if it works for you.