Hi, I am trying to use Packer to build new AMIs using the Windows 2012 CIS Benchmark (Hardened) image as the Source AMI:
https://aws.amazon.com/marketplace/pp/B00UVT62LG The problem I am facing is that Packer is not able to connect to the EC2 instance via WinRM once the server is up. The following is the error I get in the 'packer.log' file that is generated: 2018/05/07 18:04:20 packer: 2018/05/07 18:04:20 [ERROR] connection error: http response error: 401 - invalid content type 2018/05/07 18:04:20 packer: 2018/05/07 18:04:20 [ERROR] WinRM connection err: http response error: 401 - invalid content type After troubleshooting for many days, I found out that the following GPO that is automatically enabled by this Hardened AMI is what's causing Packer to timeout and fail: HKLM\Software\Policies\Microsoft\Windows\WinRM\Service!AllowBasic The GPO restricts the use of Basic Authentication. If I manually RDP into the instance and enable that from the Policy Editor, Packer successfully connects to the instance. I read the Packer documentation and there is a way to change the Authentication mechanism by setting the field "winrm_use_ntlm" to True. I tried doing that but Packer is still timing out when it tries to connect to the instance via WinRM. Has anybody seen this issue in the past? Is there a way to configure Packer to connect to this instance using "Non-Basic Authentication" and without having to manually edit the GPO? Thanks for the support! Andres -- This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list. GitHub Issues: https://github.com/mitchellh/packer/issues IRC: #packer-tool on Freenode --- You received this message because you are subscribed to the Google Groups "Packer" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/packer-tool/04422e65-4c39-47bc-b9e0-f067f5c95e67%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
