Good evening All I am facing a small issue, could you please let me out
This works if i allow unencrypted is true : Set-Item -Path WSMan:\localhost\Service\AllowUnencrypted -Value true * Error: fatal: [win-client-01.adc1.com <http://win-client-01.adc1.com/>]: UNREACHABLE! => {"changed": false, "msg": "kerberos: Bad HTTP response returned from server. Code 500", "unreachable": true}* Note: I have not done any configuration on windows host node( default winrm service is running and firewall is disabled) ======================== yaml file: ===================================== --- - name: TEst ping hosts: all vars: ansible_user: terraform_a...@adc1.com ansible_password: ****** ansible_connection: winrm ansible_port: 5985 ansible_winrm_transport: kerberos ansible_winrm_server_cert_validation: ignore ansible_winrm_kerberos_delegation: true tasks: - name: winping win_ping: register: out ============================================= kinit =========================================== ansible@ansible1:~$ kinit terraform_a...@adc1.com Password for terraform_a...@adc1.com: ansible@ansible1:~$ klist Ticket cache: FILE:/tmp/krb5cc_1000 Default principal: terraform_a...@adc1.com Valid starting Expires Service principal 09/29/21 12:52:55 09/29/21 22:52:55 krbtgt/adc1....@adc1.com renew until 10/06/21 12:52:50 ============================================= winrs-ouput ============================================ C:\Users\systemadmin>winrs -r:http://127.0.0.1:5985/wsman - u:terraform_auto...@adc1.com -p:****** ipconfig Windows IP Configuration Ethernet adapter Ethernet 2: Connection-specific DNS Suffix . : jbtpdu1g0fpeddh5infylu3bjckbaug.gx.internal.cloudapp.net Link-local IPv6 Address . . . . . : fe80::f8d7:1f58:8810:2e2f%5 IPv4 Address. . . . . . . . . . . : 172.16.0.7 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 172.16.0.1 =================================================================================== krb5-conf ============================================================================ [logging] default = FILE:/var/log/krb5libs.log kdc = FILE:/var/log/krb5kdc.log admin_server = FILE:/var/log/kadmind.log [libdefaults] default_realm = ADC1.COM <http://adc1.com/> allow_weak_crypto = true dns_lookup_realm = false dns_lookup_kdc = false rdns = false ticket_lifetime = 24h renew_lifetime = 7d forwardable = true [realms] ADC1.COM <http://adc1.com/> = { kdc = testadc.adc1.com admin_server = testadc.adc1.com } ============================================================================== packages ================================ ansible@ansible1:~$ pip list | grep kerb pykerberos 1.1.14 requests-kerberos 0.12.0 ansible@ansible1:~$ pip list | grep ansible ansible 4.6.0 ansible-core 2.11.5 ansible@ansible1:~$ ============================================================= -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/24f16d68-3669-4381-8186-8fd07153ce95n%40googlegroups.com.
