Hey Looks like you are trying to connect over port 5985 which is defaulting to http://hostname:5985/wsman instead of https://hostname:5986/wsman and Ansible by default doesn't allow you to talk through HTTP unless you have disabled some security restrictions on the Windows host itself.
For a bit of background the default port for the HTTP listener is 5985 while HTTPS is 5986. You can see what your host is configured with by running the following in powershell on your Windows box. winrm enumerate winrm/config/Listener This is the type of output you would expect from this command (note the IP/Hostname/Certificate thumbprint would be different) Listener Address = * Transport = HTTPS Port = 5986 Hostname = HOSTNAME Enabled = true URLPrefix = wsman CertificateThumbprint = A377DD78797710B2E7185682BC32D9C9BE8E8B5D ListeningOn = 192.168.1.2, 127.0.0.1 Listener [Source="GPO"] Address = * Transport = HTTP Port = 5985 Hostname Enabled = true URLPrefix = wsman CertificateThumbprint ListeningOn = 192.168.1.2, 127.0.0.1 The above tells me I have a HTTP listener running and is over port 5985 while I also have a HTTPS listener running and is over port 5986. As I was saying at the start you can get Ansible to talk over HTTP but you will have to allow unencrypted messages to be received on the host. If you use HTTPS you don't have to worry about encrypting the messages as it is done over TLS and so Ansible should work with that. Once you have verified the above and ensured you have a HTTPS listener active you will also want to modify you configuration to be something like ansible_user: username@MYDOMAIN ansible_password: "{{ windows_password }}" ansible_port: 5986 # Tell Ansible to use HTTPS ansible_connection: winrm ansible_winrm_transport: ntlm ansible_winrm_server_cert_validation: ignore There were a few entries in there that are not needed for NTLM which I've removed. You should be able to specify the user using the UPN format (usern...@realm.com) or Down Level login format (REALM\username), I usually use the down level for NTLM and UPN for Kerberos but they should be interchangable. Hopefully this helps you to get it working and understand a bit more on the transport side. Thanks Jordan -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/0182e339-f5ad-4694-b51d-908f2432a926%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.