![]() ![]() ![]() The authentication option set by the ansible_winrm_transport variable is enabled under Service\Auth\*. You can perform a connection test with the winrs command to rule this out. The user is a member of the local Administrators group, or has been explicitly granted access. The credentials are correct and set properly in your inventory with the ansible_user and ansible_password variables. You can check the following to troubleshoot: HTTP 401/Credentials Rejected Īn HTTP 401 error indicates the authentication process failed during the initialĬonnection. If any of the above commands fail, the issue is probably related to the WinRM setup. $thumbprint = "E6CDAA82EEAF2ECE8546E05DB7F3E01AA47D76CE" Get-ChildItem -Path cert :\ LocalMachine \ My -Recurse | Where-Object -Credential $cred -SessionOption $session_option To get the details of the certificate itself, run this command with the relevant certificate thumbprint in PowerShell: If you change this option, you need to set the host var ansible_winrm_path to the same value.ĬertificateThumbprint: If you use an HTTPS listener, this is the thumbprint of the certificate in the Windows Certificate Store that is used in the connection. This port can be changed to whatever is required and corresponds to the host var ansible_port. By default it is 5985 for HTTP and 5986 for HTTPS. We recommend you use a listener over HTTPS because the data is encrypted without any further changes required. Transport: Whether the listener is run over HTTP or HTTPS. Some of the key options that are useful to understand are: One is listening on port 5985 over HTTP and the other is listening on port 5986 over HTTPS. In the example above there are two listeners activated. 155 % 8, fe80 :: ffff : ffff : fffe % 2, fe80 :: 203d : 7d97 : c2ed : ec78 % 3, fe80 :: e8ea : d765 : 2c69 : 7756 % 7 Listener Address = * Transport = HTTPS Port = 5986 Hostname = SERVER2016 Enabled = true URLPrefix = wsman CertificateThumbprint = E6CDAA82EEAF2ECE8546E05DB7F3E01AA47D76CE ListeningOn = 10. Listener Address = * Transport = HTTP Port = 5985 Hostname Enabled = true URLPrefix = wsman CertificateThumbprint ListeningOn = 10. You need to create and activate a WinRM listener. You need to install PowerShell 5.1 or newer and at least. You can also manage desktop OSs including Windows 10 and 11, and server OSs including Windows Server 2016, 2019, and 2022. With Ansible you can generally manage Windows versions under the current and extended support from Microsoft. Windows host must meet these base requirements for connectivity: Installing OpenSSH using Windows Settingsįor Ansible to communicate to a Windows host and use Windows modules, the This document discusses the setup that is required before Ansible can communicate with a Microsoft Windows host.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |