Hey there, I was just cutting my teeth on executing playbooks against Windows. To add to Tony's piece about the PowerShell script ConfiguringRemotingforAnsible.ps1 which I had to do I also had to pip install the following on the control machine within side my virtualenv:
pip install pywinrm pip install pywinrm[kerberos] Source: http://docs.ansible.com/ansible/latest/intro_windows.html I'm not sure if this will help you or not but worth a shot if you haven't already done so yet. Good luck! On Friday, December 15, 2017 at 1:50:41 PM UTC-8, Alexmil Reyes wrote: > > Thank you for responding. > > I am able to telnet to the windows machine without a problem. But the > playbook still presented the same error when it was run. > > I ran the following commands on the windwos machine: > > winrm delete winrm/config/Listener?Address=*+Transport=HTTP > > winrm delete winrm/config/Listener?Address=***+Transport=HTTPS > > > followed up with with the ConfigureRemotingForAnsible.ps1. I was able to > telnet and win_ping but error continues to occur when I run the playbook. > > > > > On Friday, December 15, 2017 at 3:03:36 PM UTC-5, Tony Chia wrote: >> >> You can also try removing the existing listeners and then run >> ConfigureRemotingForAnsible.ps1 which will recreate the self-signed ssl >> certificate using the following commands >> >> winrm delete winrm/config/Listener?Address=*+Transport=HTTP >> >> winrm delete winrm/config/Listener?Address=***+Transport=HTTPS >> >> On Friday, December 15, 2017 at 11:31:14 AM UTC-8, Tony Chia wrote: >>> >>> Try running "ConfigureRemotingForAnsible.ps1" on the windows host you >>> are trying to manage with Ansible. >>> If that doesn't work try this command on the ansible host >>> >>> telnet windows-host-name 5985 >>> telnet windows-host-name 5986 >>> >>> If you see "Trying ..." but times out, the maybe the network ACL is not >>> opened. >>> >>> On Thursday, December 14, 2017 at 2:44:18 PM UTC-8, Alexmil Reyes wrote: >>>> >>>> Hi, >>>> >>>> Thank you in advance to anyone who helps here. So am unable to run >>>> playbooks against our windows AWS instances. I was able to perform a >>>> win_ping but when I attempt to run this task on the same instances that I >>>> am able to ping I get an SSL Cert error. I have displayed all relevant >>>> information down below, let me know if any other information is required. >>>> >>>> >>>> *PLAYBOOK* >>>> --- >>>> >>>> - hosts: "{{target}}" >>>> roles: >>>> - windows >>>> vars_files: >>>> - "/home/ubuntu/infratools/ansible/inventory/group_vars/windows.yml" >>>> >>>> >>>> *TASK MAIN.YML* >>>> --- >>>> # Obtain information about a folder >>>> - win_stat: >>>> path: C:\Users >>>> register: folder_info >>>> >>>> >>>> *WIN_VARS* >>>> ansible_user: username >>>> ansible_password: "#####" >>>> ansible_port: 5986 >>>> ansible_connection: winrm >>>> ansible_winrm_scheme: https >>>> # The following is necessary for Python 2.7.9+ when using default WinRM >>>> self-signed certificates: >>>> ansible_winrm_server_cert_validation: ignore >>>> >>>> >>>> *WIN_PING* >>>> 10.100.22.111 | SUCCESS => { >>>> "changed": false, >>>> "ping": "pong" >>>> } >>>> >>>> >>>> *ERROR* >>>> } >>>> fatal: [10.100.22.111]: UNREACHABLE! => { >>>> "changed": false, >>>> "msg": "ssl: HTTPSConnectionPool(host='10.100.22.111', port=5986): >>>> Max retries exceeded with url: /wsman (Caused by SSLError(SSLError(1, >>>> u'[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed >>>> (_ssl.c:590)'),))", >>>> "unreachable": true >>>> } >>>> >>>> >>>> -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/c1b6d293-4363-4312-8c54-8201201ee8ab%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
