Hi,
I'm doing a POC with Ansible and Puppet but currently I can't even get
Ansible to talk to Windows using WinRM. Here is my setup in Vagrant:
Control server
Centos 7.1 with all the right extras installed (pywinrm etc)
group_vars/windows.yml
ansible_user: vagrant
ansible_password: vagrant
ansible_port: 5985
ansible_connection: winrm
ansible_winrm_server_cert_validation: ignore
Windows 2012 R2
- Powershell winrm is pretty much open in terms of config (basic auth,
allow unencypted)
I've tested winrm connections from the ansible server using the following
python script:
import winrm
import winrm
s = winrm.Session('http://192.168.33.12:5985/wsman', auth=('user',
'password'))
r = s.run_cmd('ipconfig', ['/all'])
print r.status_code
print r.std_out
print r.std_err
This works successfully and my host Windows desktop can winrm to the target
server as well.
But Ansible just will not work always giving me the following error:
[root@ansible ansible]# ansible windows -m win_ping -vvvvv
Using /ansible/ansible.cfg as config file
Loaded callback minimal of type stdout, v2.0
<192.168.33.12> ESTABLISH WINRM CONNECTION FOR USER: vagrant on PORT 5985
TO 192.168.33.12
<192.168.33.12> WINRM CONNECT: transport=plaintext
endpoint=http://192.168.33.12:5985/wsman
<192.168.33.12> EXEC /bin/sh -c 'PowerShell -NoProfile -NonInteractive
-ExecutionPolicy Unrestricted -EncodedCommand
UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAoAE4AZQB3AC0ASQB0AGUAbQAgAC0AVAB5AHAAZQAgAEQAaQByAGUAYwB0AG8AcgB5ACAALQBQAGEAdABoACAAJABlAG4AdgA6AHQAZQBtAHAAIAAtAE4AYQBtAGUAIAAiAGEAbgBzAGkAYgBsAGUALQB0AG0AcAAtADEANAA1ADMANAA1ADYANQA2ADYALgA0ADgALQA1ADcAMwAyADgANgAxADgAMgA4ADkANAAiACkALgBGAHUAbABsAE4AYQBtAGUAIAB8ACAAVwByAGkAdABlAC0ASABvAHMAdAAgAC0AUwBlAHAAYQByAGEAdABvAHIAIAAnACcAOwA='
<192.168.33.12> WINRM OPEN SHELL: C6B534E7-4F4B-4AEB-B34A-97FE55EB0225
<192.168.33.12> WINRM EXEC 'PowerShell' ['-NoProfile', '-NonInteractive',
'-ExecutionPolicy', 'Unrestricted', '-EncodedCommand',
'LwBiAGkAbgAvAHMAaAAgAC0AYwAgACcAUABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAG8AQQBFADQAQQBaAFEAQgAzAEEAQwAwAEEAUwBRAEIAMABBAEcAVQBBAGIAUQBBAGcAQQBDADAAQQBWAEEAQgA1AEEASABBAEEAWgBRAEEAZwBBAEUAUQBBAGEAUQBCAHkAQQBHAFUAQQBZAHcAQgAwAEEARwA4AEEAYwBnAEIANQBBAEMAQQBBAEwAUQBCAFEAQQBHAEUAQQBkAEEAQgBvAEEAQwBBAEEASgBBAEIAbABBAEcANABBAGQAZwBBADYAQQBIAFEAQQBaAFEAQgB0AEEASABBAEEASQBBAEEAdABBAEUANABBAFkAUQBCAHQAQQBHAFUAQQBJAEEAQQBpAEEARwBFAEEAYgBnAEIAegBBAEcAawBBAFkAZwBCAHMAQQBHAFUAQQBMAFEAQgAwAEEARwAwAEEAYwBBAEEAdABBAEQARQBBAE4AQQBBADEAQQBEAE0AQQBOAEEAQQAxAEEARABZAEEATgBRAEEAMgBBAEQAWQBBAEwAZwBBADAAQQBEAGcAQQBMAFEAQQAxAEEARABjAEEATQB3AEEAeQBBAEQAZwBBAE4AZwBBAHgAQQBEAGcAQQBNAGcAQQA0AEEARABrAEEATgBBAEEAaQBBAEMAawBBAEwAZwBCAEcAQQBIAFUAQQBiAEEAQgBzAEEARQA0AEEAWQBRAEIAdABBAEcAVQBBAEkAQQBCADgAQQBDAEEAQQBWAHcAQgB5AEEARwBrAEEAZABBAEIAbABBAEMAMABBAFMAQQBCAHYAQQBIAE0AQQBkAEEAQQBnAEEAQwAwAEEAVQB3AEIAbABBAEgAQQBBAFkAUQBCAHkAQQBHAEUAQQBkAEEAQgB2AEEASABJAEEASQBBAEEAbgBBAEMAYwBBAE8AdwBBAD0AJwA=']
<192.168.33.12> WINRM RESULT u'<Response code 1, out "", err "#<
CLIXML\r\n<Objs Ver">'
<192.168.33.12> WINRM CLOSE SHELL: C6B534E7-4F4B-4AEB-B34A-97FE55EB0225
192.168.33.12 | UNREACHABLE! => {
"changed": false,
"msg": "Authentication or permission failure. In some cases, you may
have been able to authenticate and did not have permissions on the remote
directory. Consider changing the remote temp path in ansible.cfg to a path
rooted in \"/tmp\". Failed command was: PowerShell -NoProfile
-NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand
UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAoAE4AZQB3AC0ASQB0AGUAbQAgAC0AVAB5AHAAZQAgAEQAaQByAGUAYwB0AG8AcgB5ACAALQBQAGEAdABoACAAJABlAG4AdgA6AHQAZQBtAHAAIAAtAE4AYQBtAGUAIAAiAGEAbgBzAGkAYgBsAGUALQB0AG0AcAAtADEANAA1ADMANAA1ADYANQA2ADYALgA0ADgALQA1ADcAMwAyADgANgAxADgAMgA4ADkANAAiACkALgBGAHUAbABsAE4AYQBtAGUAIAB8ACAAVwByAGkAdABlAC0ASABvAHMAdAAgAC0AUwBlAHAAYQByAGEAdABvAHIAIAAnACcAOwA=,
exited with result 1",
"unreachable": true
}
[root@ansible ansible]#
I tried modifying the temp path but that didn't work either.
I'm out of ideas as everything else works in terms of winrm connections so
if anyone has some suggestions I can try please let me know otherwise it's
going to be Puppet for me which is a shame as I liked the sound of Ansible
but it seems very difficult to set up for Windows.
Thanks
Dan
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/80b024f1-b2b5-4018-b226-6bb47a298b0a%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
