Thanks Matt
I created a local user on my target machine called ansible. Have not added
it to any groups.
I've changed /etc/ansible/group_vars/windows.yml file to:
ansible_user: ansible
ansible_password: ans1bleUser
ansible_port: 5986
ansible_connection: winrm
ansible_winrm_server_cert_validation: ignore
ansible_winrm_transport: Basic
When I try and connect I get this error:
[mark@carnation ~]$ ansible windows -m win_ping
wisteria.duck.loc | FAILED! => {
"failed": true,
"msg": "The installed version of WinRM does not support transport(s)
[u'Basic']"
}
Are there any tutorials you know of that shows you how to connect to
Windows targets with the different authentication options?
On Thursday, 20 April 2017 18:41:56 UTC+1, Matt Davis wrote:
>
> The "connection refused" error doesn't have anything to do with Kerberos-
> WinRM is not answering on 5986. Have you run the
> ConfigureRemotingForAnsible.ps1 script on the target host (or taken manual
> steps) to set up an HTTPS WinRM listener? If so, I'd suspect a firewall or
> some other networking issue is part of the problem.
>
> I'd also suggest that you get things working with a local account and
> Basic auth first, as Kerberos can be a complicated beast to debug, and it
> sounds like you've got other problems to solve first that aren't
> Kerb-related.
>
> -Matt
>
> On Thursday, April 20, 2017 at 7:29:47 AM UTC-7, Mark Allison wrote:
>>
>> I've set up a new CentOS 7 VM and installed ansible fine and the kerberos
>> components according to this guide
>> https://docs.ansible.com/ansible/intro_windows.html#kerberos
>>
>> I've done the following:
>> Added the ansible control server Computer account to AD.
>> Added a test windows machine into /etc/ansible/hosts (called
>> wisteria.duck.loc)
>> Created /etc/ansible/group_vars/windows.yml with this text:
>>
>> ansible_user: [email protected]
>> ansible_password: SecretPasswordGoesHere
>> ansible_port: 5986
>> ansible_connection: winrm
>> # The following is necessary for Python 2.7.9+ (or any older Python that
>> has backported SSLContext, eg, Python 2.7.5 on RHEL7) when using default
>> WinRM self-signed certificates:
>> ansible_winrm_server_cert_validation: ignore
>>
>> Ran kinit and klist and it worked fine.
>>
>> [mark@carnation ansible]$ ansible --version
>>
>> ansible 2.2.1.0
>> config file = /etc/ansible/ansible.cfg
>> configured module search path = Default w/o overrides
>>
>>
>> [mark@carnation ansible]$ ansible windows -m win_ping
>> wisteria.duck.loc | UNREACHABLE! => {
>> "changed": false,
>> "msg": "kerberos: HTTPSConnectionPool(host='wisteria.duck.loc',
>> port=5986): Max retries exceeded with url: /wsman (Caused by
>> NewConnectionError('<requests.packages.urllib3.connection.VerifiedHTTPSConnection
>>
>> object at 0x27b8510>: Failed to establish a new connection: [Errno 111]
>> Connection refused',)), ssl: HTTPSConnectionPool(host='wisteria.duck.loc',
>> port=5986): Max retries exceeded with url: /wsman (Caused by
>> NewConnectionError('<requests.packages.urllib3.connection.VerifiedHTTPSConnection
>>
>> object at 0x285d750>: Failed to establish a new connection: [Errno 111]
>> Connection refused',))",
>> "unreachable": true
>> }
>> [mark@carnation ansible]$
>>
>> Any ideas on next steps to troubleshoot?
>>
>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/2b938f9e-187c-4185-9890-127d0ada7167%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
