I am having a problem running WinRM connections with both basic and
kerberos auth.
My Ansible is deployed with RedHat AAP 4.2.0 on RHEL 9.
I setup a test Windows 2019 machine and ran the
ConfigureRemotingForAnsible.ps1 script against the host. Rebooted the host
for good measure. Tested from the Ansible server that I can telnet to 5985
and 5986 (confirmed) but I cannot run a Windows test playbook against the
host.
Skipping callback 'oneline', as we already have a stdout callback.
18
19
PLAYBOOK: test.yml
*************************************************************
20
2 plays in windows/test.yml
21
22
PLAY [test raw module]
*********************************************************18:47:21
23
24
TASK [Gathering Facts]
*********************************************************18:47:21
25
*task path: /runner/project/windows/test.yml:2*
26
*[WARNING]: The "winrm" connection plugin has an improperly configured
remote*
27
*target value, forcing "inventory_hostname" templated value instead of the*
28
*string*
29
redirecting (type: modules) ansible.builtin.setup to ansible.windows.setup
30
Using module file
/usr/share/ansible/collections/ansible_collections/ansible/windows/plugins/modules/setup.ps1
31
Pipelining is enabled.
32
<inventory_hostname> ESTABLISH WINRM CONNECTION FOR USER: administrator on
PORT 5986 TO inventory_hostname
33
*fatal: [192.168.12.52]: UNREACHABLE! => {*
34
* "changed": false,*
35
* "msg": "ssl: HTTPSConnectionPool(host='inventory_hostname', port=5986):
Max retries exceeded with url: /wsman (Caused by
NewConnectionError('<urllib3.connection.HTTPSConnection object at
0x7fa35f010f10>: Failed to establish a new connection: [Errno -2] Name or
service not known'))",*
36
* "unreachable": true*
37
*}*
*Running a Windows test against a domain joined machine produces a
different error that I also cannot resolve. *
PLAY [Ping]
********************************************************************18:53:19
3
4
TASK [Gathering Facts]
*********************************************************18:53:19
5
*[WARNING]: The "winrm" connection plugin has an improperly configured
remote*
6
*target value, forcing "inventory_hostname" templated value instead of the*
7
*string*
8
*fatal: [srvrds04]: UNREACHABLE! => {"changed": false, "msg": "kerberos:
authGSSClientStep() failed: (('Unspecified GSS failure. Minor code may
provide more information', 851968), ('Server not found in Kerberos
database', -1765328377))", "unreachable": true}*
*I am getting this error despite me confirming the SPN is fine. Confirming
I can connect to the host with WinRM from a different domain joined host.
Confirmed my Kerb ticket with kinit and list. *
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/e6597725-e2cd-478b-8d13-c0b8b7f12c5en%40googlegroups.com.
