{"id":3915,"date":"2023-07-22T15:05:12","date_gmt":"2023-07-22T15:05:12","guid":{"rendered":"https:\/\/wiki.thomasandsofia.com\/?p=3915"},"modified":"2023-07-23T19:42:37","modified_gmt":"2023-07-23T19:42:37","slug":"configure-server-for-winrm","status":"publish","type":"post","link":"https:\/\/wiki.thomasandsofia.com\/?p=3915","title":{"rendered":"Configure Server for WinRM"},"content":{"rendered":"<p><strong><span style=\"color: #006644;\">Run all commands in Powershell as Admin.<\/span><\/strong><\/p>\n<h1>Firewall Configuration<\/h1>\n<h3>Enable ICMP<\/h3>\n<ul>\n<li>Windows Defender Firewall &gt;<\/li>\n<li>Advanced Settings &gt;<\/li>\n<li>Inbound Rules (Left) &gt; New Rule\u2026 (Right) &gt;<\/li>\n<li>\u201cNew Inbound Rules Wizard &#8211; Rule Type\u201d\n<ul>\n<li>( * ) Custom<\/li>\n<li>[ Next &gt; ]<\/li>\n<\/ul>\n<\/li>\n<li>\u201cNew Inbound Rules Wizard &#8211; Program\u201d\n<ul>\n<li>( * ) All programs<\/li>\n<li>[ Next &gt; ]<\/li>\n<\/ul>\n<\/li>\n<li>\u201c\u201cNew Inbound Rules Wizard &#8211; Protocols and Ports\u201d\n<ul>\n<li>Protocol type: <code>ICMPv4<\/code><\/li>\n<li>Local port: All Ports (Default)<\/li>\n<li>Remote port: All Ports (Default)<\/li>\n<li>[ Next &gt; ]<\/li>\n<\/ul>\n<\/li>\n<li>\u201cNew Inbound Rules Wizard &#8211; Scope\u201d\n<ul>\n<li>Which local IP addresses does this rule apply to?\n<ul>\n<li>( * ) Any IP address<\/li>\n<\/ul>\n<\/li>\n<li>Which remote IP addresses does this rule apply to?\n<ul>\n<li>( * ) Any IP address<\/li>\n<\/ul>\n<\/li>\n<li>[ Next &gt; ]<\/li>\n<\/ul>\n<\/li>\n<li>\u201cNew Inbound Rules Wizard &#8211; Action\u201d\n<ul>\n<li>( * ) Allow the connection<\/li>\n<li>[ Next &gt; ]<\/li>\n<\/ul>\n<\/li>\n<li>\u201cNew Inbound Rules Wizard &#8211; Profile\u201d\n<ul>\n<li>[ x ] Domain<\/li>\n<li>[ x ] Private<\/li>\n<li>[ x ] Public<\/li>\n<li>[ Next &gt; ]<\/li>\n<\/ul>\n<\/li>\n<li>\u201cNew Inbound Rules Wizard &#8211; Name\u201d\n<ul>\n<li>Name: <code>Ping ICMPv4<\/code><\/li>\n<li>[ Finish ]<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h3>Allow WinRM (HTTP &#8211; 5985)<\/h3>\n<ul>\n<li>Windows Defender Firewall &gt;<\/li>\n<li>Advanced Settings &gt;<\/li>\n<li>Inbound Rules &gt; Scroll down to \u201cWindows Remote Management (HTTP-In)\u201d Profile-&gt;Public and double click.\n<ul>\n<li>General tab:\n<ul>\n<li>[ x ] Enabled<\/li>\n<li>Action:\n<ul>\n<li>( * ) Allow the connection<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n<li>Scope tab:\n<ul>\n<li>Local IP Address:\n<ul>\n<li>( * ) Any IP Address<\/li>\n<\/ul>\n<\/li>\n<li>Remote IP Address:\n<ul>\n<li>( * ) Any IP Address\n<ul>\n<li>^^ This is the stumper!! ^^<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n<li>[ Apply ]<\/li>\n<li>[ OK ]<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h3><strong>Allow WinRM (HTTPS &#8211; 5986)<\/strong><\/h3>\n<p>Create a custom inbound rule based on the Port.<\/p>\n<ul>\n<li>Inbound Rules (Left) &gt; New Rule\u2026 (Right)<\/li>\n<li>\u201cNew Inbound Rules Wizard &#8211; Rule Type\u201d\n<ul>\n<li>( * ) Port<\/li>\n<li>[ Next &gt; ]<\/li>\n<\/ul>\n<\/li>\n<li>\u201cNew Inbound Rules Wizard &#8211; Protocols and Ports\u201d\n<ul>\n<li>Does this rule apply to TCP or UDP?\n<ul>\n<li>( * ) TCP<\/li>\n<\/ul>\n<\/li>\n<li>Does this rule apply to all local ports or specific local ports?\n<ul>\n<li>( * ) Specific local ports: <code>5986<\/code><\/li>\n<\/ul>\n<\/li>\n<li>[ Next &gt; ]<\/li>\n<\/ul>\n<\/li>\n<li>\u201cNew Inbound Rules Wizard &#8211; Action\u201d\n<ul>\n<li>( * ) Allow the connection<\/li>\n<li>[ Next &gt; ]<\/li>\n<\/ul>\n<\/li>\n<li>\u201cNew Inbound Rules Wizard &#8211; Profile\u201d\n<ul>\n<li>[ X ] Domain<\/li>\n<li>[ X ] Private<\/li>\n<li>[ X ] Public<\/li>\n<li>[ Next &gt; ]<\/li>\n<\/ul>\n<\/li>\n<li>\u201cNew Inbound Rules Wizard &#8211; Name\u201d\n<ul>\n<li>Name: <code>Windows Remote Management (HTTPS-In)<\/code><\/li>\n<li>[ Finish ]<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h1>Create a Non-Admin User<\/h1>\n<h3>Create the User<\/h3>\n<ul>\n<li>Windows Icon &gt; Settings<\/li>\n<li>Accounts &gt; Other Users &gt; Add someone else to this PC<\/li>\n<li>Users (Left) &gt; More Actions (Right) &gt; New User\u2026\n<ul>\n<li>User name: <code>zenmonitor<\/code><\/li>\n<li>Full name: <code>Zenny Zenmonitor<\/code><\/li>\n<li>Description: <code>Non-admin WinRM User<\/code><\/li>\n<li>Password: <code>********<\/code><\/li>\n<li>Confirm Password: <code>********<\/code><\/li>\n<li>[ _ ] User must change password at next logon. (Uncheck)<\/li>\n<li>[ X ] Password never expires<\/li>\n<li>[ Create ]<\/li>\n<li>[ Close ]<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h3>Grant User Roles<\/h3>\n<p>User roles are added by adding the users to the correct groups.<\/p>\n<ul>\n<li>Groups (Left) &gt; Remote Desktop Users (Center) &gt; Double click<\/li>\n<li>\u201cRemote Desktop Users Properties\u201d\n<ul>\n<li>[ Add ]<\/li>\n<\/ul>\n<\/li>\n<li>\u201cSelect Users\u201d\n<ul>\n<li>Enter the object names to select\n<ul>\n<li>Type the user name (ex. zenmonitor) in the area box<\/li>\n<li>[ Check Names ]\n<ul>\n<li>This will locate the user and replace the name with the Windows user object <code>servername\\username<\/code><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n<li>[ OK ]<\/li>\n<\/ul>\n<\/li>\n<li>\u201cRemote Desktop Users Properties\u201d\n<ul>\n<li>You should now see your user in the Members field.<\/li>\n<li>[ Apply ]<\/li>\n<li>[ OK ]<\/li>\n<\/ul>\n<\/li>\n<li>Optional: Repeat to add the Remote Manager Users Group\n<ul>\n<li>This step may not be required since it appears it is completed using the zenoss-lpu.ps1 script<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h1>Configure WinRM<\/h1>\n<h3>Confirm WinRM is running and listening<\/h3>\n<div class=\"code panel pdl conf-macro output-block\" data-hasbody=\"true\" data-macro-name=\"code\" data-macro-id=\"7e31f879-780a-48d0-abde-4b652177d8df\">\n<div class=\"codeContent panelContent pdl\">\n<pre class=\"syntaxhighlighter-pre\" data-syntaxhighlighter-params=\"brush: java; gutter: false; theme: Confluence\" data-theme=\"Confluence\">WinRM e winrm\/config\/listener<\/pre>\n<\/div>\n<\/div>\n<p><strong>If WinRM is NOT running, run WinRM Quickconfig<\/strong><\/p>\n<ul>\n<li>This will ONLY configure WinRM for HTTP\/5985.<\/li>\n<\/ul>\n<div class=\"code panel pdl conf-macro output-block\" data-hasbody=\"true\" data-macro-name=\"code\" data-macro-id=\"52ddf51f-9bcb-43c3-bf6d-a8fcd26cfec1\">\n<div class=\"codeContent panelContent pdl\">\n<pre class=\"syntaxhighlighter-pre\" data-syntaxhighlighter-params=\"brush: java; gutter: false; theme: Confluence\" data-theme=\"Confluence\">winrm quickconfig<\/pre>\n<\/div>\n<\/div>\n<p><strong>Check again<\/strong><\/p>\n<div class=\"code panel pdl conf-macro output-block\" data-hasbody=\"true\" data-macro-name=\"code\" data-macro-id=\"b4be5336-51c6-4996-9576-df6b2dde9096\">\n<div class=\"codeContent panelContent pdl\">\n<pre class=\"syntaxhighlighter-pre\" data-syntaxhighlighter-params=\"brush: java; gutter: false; theme: Confluence\" data-theme=\"Confluence\">WinRM e winrm\/config\/listener<\/pre>\n<\/div>\n<\/div>\n<h3>Allow Basic Authentication<\/h3>\n<p>This allows a local user to access the system<\/p>\n<p><strong>Check the WinRM Configuration<\/strong><\/p>\n<div class=\"code panel pdl conf-macro output-block\" data-hasbody=\"true\" data-macro-name=\"code\" data-macro-id=\"e8f58afb-395c-484a-aefd-bc113a4787ef\">\n<div class=\"codeContent panelContent pdl\">\n<pre class=\"syntaxhighlighter-pre\" data-syntaxhighlighter-params=\"brush: java; gutter: false; theme: Confluence\" data-theme=\"Confluence\">winrm get winrm\/config<\/pre>\n<\/div>\n<\/div>\n<p><strong>Confirm Basic Authentication is Allowed<\/strong><\/p>\n<ul>\n<li>Config &gt; Service &gt; Auth &gt; Basic = true<\/li>\n<li>If Basic = false, enable it<\/li>\n<\/ul>\n<div class=\"code panel pdl conf-macro output-block\" data-hasbody=\"true\" data-macro-name=\"code\" data-macro-id=\"f8afcdbd-d469-4f07-878c-ffab1350b2b2\">\n<div class=\"codeContent panelContent pdl\">\n<pre class=\"syntaxhighlighter-pre\" data-syntaxhighlighter-params=\"brush: java; gutter: false; theme: Confluence\" data-theme=\"Confluence\">winrm s winrm\/config\/service\/Auth '@{Basic=\"true\"}'<\/pre>\n<\/div>\n<\/div>\n<p><strong>Confirm Unencrypted Monitoring is Allowed (Optional)<\/strong><\/p>\n<ul>\n<li>Config &gt; Service &gt; AllowUnencrypted = true<\/li>\n<li>If <code>AllowUnencrypted = false<\/code>, enable it.<\/li>\n<\/ul>\n<div class=\"code panel pdl conf-macro output-block\" data-hasbody=\"true\" data-macro-name=\"code\" data-macro-id=\"74bda42f-01f3-4468-adcc-a399e238d62d\">\n<div class=\"codeContent panelContent pdl\">\n<pre class=\"syntaxhighlighter-pre\" data-syntaxhighlighter-params=\"brush: java; gutter: false; theme: Confluence\" data-theme=\"Confluence\">winrm s winrm\/config\/service '@{AllowUnencrypted=\"true\"}'<\/pre>\n<\/div>\n<\/div>\n<h1>Configure a Self-signed certificate<\/h1>\n<p><em>These steps are only required if using WinRM HTTPS (5986)<\/em><\/p>\n<p><strong>Create the certificate. <\/strong><\/p>\n<ul>\n<li>Replace <code>&lt;YOUR_DNS_NAME&gt;<\/code> with the FQDN you wish to use.\n<ul>\n<li>Yes, this can be fake. <code>mywindoze.zenoss.poc<\/code> is acceptable.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<div class=\"code panel pdl conf-macro output-block\" data-hasbody=\"true\" data-macro-name=\"code\" data-macro-id=\"0dd3ca7c-722e-4630-a00a-a2efd0156953\">\n<div class=\"codeContent panelContent pdl\">\n<pre class=\"syntaxhighlighter-pre\" data-syntaxhighlighter-params=\"brush: java; gutter: false; theme: Confluence\" data-theme=\"Confluence\">New-SelfSignedCertificate -DnsName \"&lt;YOUR_DNS_NAME&gt;\" -CertStoreLocation Cert:\\LocalMachine\\My<\/pre>\n<\/div>\n<\/div>\n<p>After running this command, note the Thumbprint. We\u2019ll use this in the next step.<\/p>\n<p>&nbsp;<\/p>\n<p><strong>Register the new cert with the HTTPS listener in WinRM<\/strong><\/p>\n<ul>\n<li>Replace both <code>&lt;YOUR_DNS_NAME&gt;<\/code> and <code>&lt;CERTIFICATE_THUMBPRINT&gt;<\/code> with the correct values.<\/li>\n<\/ul>\n<div class=\"code panel pdl conf-macro output-block\" data-hasbody=\"true\" data-macro-name=\"code\" data-macro-id=\"3ce902b0-5cd4-4c15-8325-6d566e12c333\">\n<div class=\"codeContent panelContent pdl\">\n<pre class=\"syntaxhighlighter-pre\" data-syntaxhighlighter-params=\"brush: java; gutter: false; theme: Confluence\" data-theme=\"Confluence\">winrm create winrm\/config\/Listener?Address=*+Transport=HTTPS '@{Hostname=\"&lt;YOUR_DNS_NAME&gt;\"; CertificateThumbprint=\"&lt;CERTIFICATE_THUMBPRINT&gt;\"}'<\/pre>\n<\/div>\n<\/div>\n<p>&nbsp;<\/p>\n<p><strong>Verify WinRM is now listening on both 5985 and 5986<\/strong><\/p>\n<div class=\"code panel pdl conf-macro output-block\" data-hasbody=\"true\" data-macro-name=\"code\" data-macro-id=\"f3f0353f-f57d-4323-8514-dd2ed2f0400d\">\n<div class=\"codeContent panelContent pdl\">\n<pre class=\"syntaxhighlighter-pre\" data-syntaxhighlighter-params=\"brush: java; gutter: false; theme: Confluence\" data-theme=\"Confluence\">WinRM e winrm\/config\/listener<\/pre>\n<\/div>\n<\/div>\n<p>&nbsp;<\/p>\n<h3>Add the required Least Privilege User permissions to the user<\/h3>\n<p><strong>From the Windows server, open the following URL in a browser: <\/strong><\/p>\n<ul>\n<li><a href=\"https:\/\/github.com\/zenoss\/microsoft.tools\/blob\/develop\/lpu\/zenoss-lpu.ps1\" target=\"_blank\" rel=\"noopener\">https:\/\/github.com\/zenoss\/microsoft.tools\/blob\/develop\/lpu\/zenoss-lpu.ps1<\/a><\/li>\n<\/ul>\n<p><strong>Copy the contents of the script from the browser.<\/strong><\/p>\n<ul>\n<li>Hint: There is a copy button on the upper right corner.<\/li>\n<\/ul>\n<p><a href=\"https:\/\/wiki.thomasandsofia.com\/wp-content\/uploads\/2023\/07\/copy-lpu-script-1.png\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-3918\" src=\"https:\/\/wiki.thomasandsofia.com\/wp-content\/uploads\/2023\/07\/copy-lpu-script-1.png\" alt=\"\" width=\"1035\" height=\"478\" srcset=\"https:\/\/wiki.thomasandsofia.com\/wp-content\/uploads\/2023\/07\/copy-lpu-script-1.png 1035w, https:\/\/wiki.thomasandsofia.com\/wp-content\/uploads\/2023\/07\/copy-lpu-script-1-300x139.png 300w, https:\/\/wiki.thomasandsofia.com\/wp-content\/uploads\/2023\/07\/copy-lpu-script-1-1024x473.png 1024w, https:\/\/wiki.thomasandsofia.com\/wp-content\/uploads\/2023\/07\/copy-lpu-script-1-768x355.png 768w, https:\/\/wiki.thomasandsofia.com\/wp-content\/uploads\/2023\/07\/copy-lpu-script-1-150x69.png 150w\" sizes=\"auto, (max-width: 1035px) 100vw, 1035px\" \/><\/a><\/p>\n<p><strong>Open PowerShell ISE as an Administrator and p<\/strong><strong>aste the contents into the script pane section<\/strong><\/p>\n<ul>\n<li>Hint: You might need to click the \u2018Scripts\u2019 option in the upper right side of PowerShell ISE to view the script pane.<\/li>\n<\/ul>\n<p><a href=\"https:\/\/wiki.thomasandsofia.com\/wp-content\/uploads\/2023\/07\/powershell-ise-open-script-pane-.png\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-3919\" src=\"https:\/\/wiki.thomasandsofia.com\/wp-content\/uploads\/2023\/07\/powershell-ise-open-script-pane-.png\" alt=\"\" width=\"705\" height=\"189\" srcset=\"https:\/\/wiki.thomasandsofia.com\/wp-content\/uploads\/2023\/07\/powershell-ise-open-script-pane-.png 705w, https:\/\/wiki.thomasandsofia.com\/wp-content\/uploads\/2023\/07\/powershell-ise-open-script-pane--300x80.png 300w, https:\/\/wiki.thomasandsofia.com\/wp-content\/uploads\/2023\/07\/powershell-ise-open-script-pane--150x40.png 150w\" sizes=\"auto, (max-width: 705px) 100vw, 705px\" \/><\/a><\/p>\n<ul>\n<li>Main Menu &#8211; Edit &gt; Paste<\/li>\n<\/ul>\n<p><strong>Comment out lines 427 and 577 by placing a &#8216;#&#8217; at the beginning of each line<\/strong><\/p>\n<ul>\n<li>Failure to comment out these lines will prevent the script from running.<\/li>\n<\/ul>\n<p><strong>Save the changes<\/strong><\/p>\n<ul>\n<li>File &gt; Save As\u2026 &gt; Documents<\/li>\n<li>File name: zenoss-lpu.ps1<\/li>\n<li>[ Save ]<\/li>\n<\/ul>\n<p><strong>In the command line portion of the window (dark blue area), run your script.<\/strong><\/p>\n<ul>\n<li>Make sure you replace &lt;USERNAME&gt; with the name of the non-admin user you created.<\/li>\n<\/ul>\n<pre>.\\Documents\\zenoss-lpu.ps1 -u &lt;USERNAME&gt; -f<\/pre>\n<ul>\n<li>The script takes several minutes to run.<\/li>\n<li>You will likely see a lot of errors. This is OK. These are generated by the script as it is testing the system\u2019s configuration.<\/li>\n<li>When the script completes, you should see a notice that the permissions had been granted.<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<h2>Troubleshooting<\/h2>\n<h3>Waiting for Service errors:<\/h3>\n<p>If you see:<\/p>\n<pre>WARNING: Waiting for service \u2018User Access Logging Service (URALSVC)\u2019 to start\u2026\r\nWARNING: Waiting for service \u2018User Access Logging Service (URALSVC)\u2019 to start\u2026\r\nWARNING: Waiting for service \u2018User Access Logging Service (URALSVC)\u2019 to start\u2026\r\n...<\/pre>\n<ul>\n<li>Press <code>[Ctrl]<\/code> + <code>[ C ]<\/code> to stop the script<\/li>\n<li>Press the UpArrow to display the last command:\n<ul>\n<li><code>.\\Documents\\zenoss-lpu.ps1 -u &lt;USERNAME&gt;<\/code><\/li>\n<\/ul>\n<\/li>\n<li>Press [ Enter ] to rerun the script.<\/li>\n<\/ul>\n<h3>Model Failing Issues<\/h3>\n<p>If you see \u201cUnable to connect to WinRM\u201d or something similar:<\/p>\n<ul>\n<li>Check all \u201cSanity Checks\u201d below<\/li>\n<li>If everything looks good, reboot the Windows Server.\n<ul>\n<li>Rebooting the server is not uncommon.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<h1>Sanity Checks:<\/h1>\n<ul>\n<li>Verify you can telnet to the server\u2019s IP address on port 5985<\/li>\n<li>Verify you can telnet to the server\u2019s IP address on port 5986\n<ul>\n<li>If this fails, you should:\n<ul>\n<li>Verify the server is listening on 5986\n<ul>\n<li><code>WinRM e winrm\/config\/listener<\/code><\/li>\n<\/ul>\n<\/li>\n<li>Verify the port has been opened on the firewall and allows traffic from your IP address.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h1>Optional Configurations<\/h1>\n<h2>Install Telnet<\/h2>\n<ul>\n<li>Server Manager &gt; Dashboard &gt; Add Roles and Features<\/li>\n<li>\u201cBefore you begin\u201d: [ Next &gt; ]<\/li>\n<li>\u201cInstallation Type\u201d:\n<ul>\n<li>( * ) Role-based or feature-based installation<\/li>\n<li>[ Next &gt; ]<\/li>\n<\/ul>\n<\/li>\n<li>\u201cServer Selection\u201d\n<ul>\n<li>( * ) Select a server from the server pool\n<ul>\n<li>Leave default<\/li>\n<\/ul>\n<\/li>\n<li>[ Next &gt; ]<\/li>\n<\/ul>\n<\/li>\n<li>\u201cServer Roles\u201d\n<ul>\n<li>Leave all defaults<\/li>\n<li>[ Next &gt; ]<\/li>\n<\/ul>\n<\/li>\n<li>\u201cFeatures\u201d\n<ul>\n<li>[ X ] Telnet Client<\/li>\n<li>[ Next &gt; ]<\/li>\n<\/ul>\n<\/li>\n<li>\u201cConfirmation\u201d\n<ul>\n<li>[ Install ]<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Run all commands in Powershell as Admin. Firewall Configuration Enable ICMP Windows Defender Firewall &gt; Advanced Settings &gt; Inbound Rules (Left) &gt; New Rule\u2026 (Right) &gt; \u201cNew Inbound Rules Wizard &#8211; Rule Type\u201d ( * ) Custom [ Next &gt; ] \u201cNew Inbound Rules Wizard &#8211; Program\u201d ( * ) All programs [ Next &gt; ..<\/p>\n<div class=\"clear-fix\"><\/div>\n<p><a href=\"https:\/\/wiki.thomasandsofia.com\/?p=3915\" title=\"read more...\">Read more<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[32],"tags":[],"class_list":["post-3915","post","type-post","status-publish","format-standard","hentry","category-windows"],"_links":{"self":[{"href":"https:\/\/wiki.thomasandsofia.com\/index.php?rest_route=\/wp\/v2\/posts\/3915","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/wiki.thomasandsofia.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/wiki.thomasandsofia.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/wiki.thomasandsofia.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/wiki.thomasandsofia.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=3915"}],"version-history":[{"count":8,"href":"https:\/\/wiki.thomasandsofia.com\/index.php?rest_route=\/wp\/v2\/posts\/3915\/revisions"}],"predecessor-version":[{"id":3925,"href":"https:\/\/wiki.thomasandsofia.com\/index.php?rest_route=\/wp\/v2\/posts\/3915\/revisions\/3925"}],"wp:attachment":[{"href":"https:\/\/wiki.thomasandsofia.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=3915"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/wiki.thomasandsofia.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=3915"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/wiki.thomasandsofia.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=3915"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}