ansible_winrm_transport:ntlm try that instead of ansible_winrm_transport:basic
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to
Although not technically using Ansible, you could get it to call Packer to
create the Windows boxes with Unattended installs.
On Monday, April 30, 2018 at 10:21:36 AM UTC+2, Lalit Choudhary wrote:
>
> Hello Karl,
>
> I did it using Cobbler
>
> On Monday, April 30, 2018 at 1:46:27 PM UTC+5:30,
Hi Matt,
Been looking at something quite similar. So there is indeed a way to host
an internal Chocolatey repo and then use win-choco with your internal repo
URL.
The kicker is that the choco packages basically have the internet URL for
the installer in the Nuget package. You would need to
Ok that makes it clearer. I also work with multiple Windows domains, with a
single CentOS control node. For your use case ntlm would work as Kerberos adds
extra config and also has its own issues.
--
You received this message because you are subscribed to the Google Groups
"Ansible Project"
http://docs.ansible.com/ansible/latest/user_guide/windows_winrm.html .
What does the entry in the hosts inventory look like? kerberos is generally
used when you are using a domain account and need second hop capabilities.
The example below uses NTLM which is older but does also work quite well.
There seems to a problem in the formatting of your hosts inventory file.
I would recommend reading through
http://docs.ansible.com/ansible/latest/user_guide/intro_inventory.html .
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To
What version of Ansible are you using? Do you have an example of the inventory
and playbook results?
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to
Tried using chocolatey with win_choco?
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To post to this group,
The other thought I had was to have ansible-lint and create rules related
to the changelogs for each Ansible version.
On Tuesday, February 6, 2018 at 9:06:57 AM UTC+1, Mike Fennemore wrote:
>
> Hi all,
>
> So I have been looking at moving to later versions of Ansible (currently
Hi all,
So I have been looking at moving to later versions of Ansible (currently
way back on 2.1.4). Ideally I want to have an automated(or relatively
automated)
way to work through all the internal roles and playbooks against different
versions of Ansible.
Does anyone currently have this kind
/site-packages/ansible/modules/windows/win_get_url.ps1
> ESTABLISH WINRM CONNECTION FOR USER: on PORT TO
> xxx.xxx.x.x
> EXEC (via pipeline wrapper)
>
>
>
> On Friday, November 17, 2017 at 4:37:04 PM UTC+7, Mike Fennemore wrote:
>>
>> if you run the same
Is the user you are attempting to connect with a Local admin? if not try winrm
configSDDL default then adding the required permissions for the user.
On Friday, November 17, 2017 at 12:03:32 AM UTC+1, Jackson Pollock wrote:
>
> First time trying to get some windows automation going, I must be
if you run the same playbook with win_get_url but with - what is the
output?
On Friday, November 17, 2017 at 8:59:32 AM UTC+1, Jean Jordaan wrote:
>
> Hi all
>
> We're trying to get a file from a server in a playbook:
>
> - win_get_url:
>url: https://some.domain.com/test.txt
>
Ansible: 2.1.0.0
Ansible Control Server: Centos 7.4
Target: Windows Server 2016
On running the playbook it fails during the setup module. I have tested
locally on the machine for the property in question and it is present.
What is the cause?
TASK [setup]
Looks good, have you seen this https://github.com/openstack/ara ?
On Wednesday, September 20, 2017 at 3:14:16 PM UTC+2, ma...@unixdev.ca
wrote:
>
> Hi,
>
> I developed and now share an Ansible report in Python (flask)
>
> The python script create a personal temporary tiny web server where you
>
A few extra group_vars:
ansible_winrm_server_cert_validation: false and ansible_port should be a port
number not y. It should be 5985 or 5986. You could also use ntlm by adding
ansible_winrm_transport:ntlm
--
You received this message because you are subscribed to the Google Groups
"Ansible
https://chocolatey.org/docs/how-to-set-up-chocolatey-server this might be
more usable as the source of packages.
On Thursday, July 6, 2017 at 12:54:11 AM UTC+2, Nicholas Reid wrote:
>
> Hi All,
>
> Really excited to have discovered this group. Looking forward to being an
> active member.
>
>
I don't think that's possible unfortunately with the module as it will
attempt to download the files over HTTP.
On Thursday, July 6, 2017 at 12:54:11 AM UTC+2, Nicholas Reid wrote:
>
> Hi All,
>
> Really excited to have discovered this group. Looking forward to being an
> active member.
>
>
Do you have kerberos delegation? This seems like the classic second hop
authentication problem.
On Wednesday, July 5, 2017 at 5:53:13 PM UTC+2, anil kumar wrote:
>
> I am trying to invoke AD commands( I put this into powershellscript) from
> ansible server. I am using Kerberos in the ansible
There is currently a Windows Domain user module on PR, perhaps this fits
your need https://github.com/ansible/ansible/pull/24075 ?
On Wednesday, July 5, 2017 at 5:53:13 PM UTC+2, anil kumar wrote:
>
> I am trying to invoke AD commands( I put this into powershellscript) from
> ansible server. I
Ansible up and running, is another good one.
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To post to this
As far as I know the connection variables belong in inventory or group_vars or
set as host_vars.
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to
Really awesome tool, especially when dealing with large numbers of playbooks.
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to
There is also ara available on pypi that has some modules to write to mysql and
also gives some useful reporting abilities.
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it,
The also ara available on pypi that has some modules to write to mysql and also
gives some useful reporting abilities.
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an
get it done but it would be
> best if Ansible had Windows Hyper-V modules especially with Hyper-V gaining
> market share. Just looking / hoping for CRUD modules.
>
> On Friday, March 31, 2017 at 1:15:48 AM UTC-4, Mike Fennemore wrote:
>>
>> You could use the setup module
You could use the setup module with a facts directory holding your powershell
to get the required info available to Ansible.
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it,
Also might want to check reverse DNS entry for the host your connecting to. It
needs to be resolvable from the Ansible node.
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it,
https://github.com/ansible/ansible/pull/16515 think this is similar?
On Friday, December 30, 2016 at 12:21:44 PM UTC+1, Kevin Csuka wrote:
>
> Ansible version: 2.1.2.0
>
> My task:
>
> - name: "Managing groups with gid set" become: true group:name: "{{
> item.value.name }}"state: "{{
I've had similar issues before:
1. Has the Windows box had configureforansibleremoting.ps1 run on it?
2. Is DNS resolvable for the server?
3. Have you tried running configureforansibleremoting.ps1 with the extra
arguments to recreate the winrm certificate?
4. Is the Windows server a VM cloned
I'm not sure if it can be used from command line but seeing as you are
using 2.2 perhaps
try https://docs.ansible.com/ansible/win_shell_module.html
On Tuesday, November 29, 2016 at 9:49:58 AM UTC+1, J Hawkesworth wrote:
>
> What error messages do you see?
>
> Try running your playbook with -v
(other partner install ansible ansible 2.1.1.0
> in our organization and tell us is not necesary install
> kerberos). pywinrm-0.2.1
>
> El lunes, 14 de noviembre de 2016, 20:39:41 (UTC+1), Mike Fennemore
> escribió:
>>
>> The user isn't in the correct user@domain format fir
The user isn't in the correct user@domain format firstly. Have you setup
kerberos as per the Ansible documentation? It might also be an idea to check
what version of pywinrm you're running. What version of Ansible is the server
running?
--
You received this message because you are subscribed
Alternatively use 8.3 DOS Format as the path.
On Wednesday, November 2, 2016 at 4:52:54 PM UTC+1, Tim wrote:
>
> Hi,
>
> I want to copy some files to the Startup folder using "win_copy". The
> problem is, that the destination directory is
> "dest=C:/ProgramData/Microsoft/Windows/Start
>
When using a Centos Ansible control machine connecting to Windows server, is
there a way to copy/move files on the Windows system? Win_copy works well for
copying to the Windows system but doesn't seem to be able to fit this use. In
particular I have tried moving/copying files using
though.
On Tuesday, September 13, 2016 at 11:14:40 AM UTC+2, Mike Fennemore wrote:
>
> We have a internal CMDB that gathers facts from systems using the setup
> module on playbook execution. Is there a way to extend the setup module to
> include extra information?
> From what I have
We have a internal CMDB that gathers facts from systems using the setup
module on playbook execution. Is there a way to extend the setup module to
include extra information?
>From what I have read the local facts would work for Linux systems but the
path wouldn't exist on Windows systems.
--
Is there an official list of things folks are clamouring for in terms of
windows modules Matt?
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to
Is there an official list of things folks are clamouring for in terms of
windows modules Matt?
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to
Ok will have to build a vmm box to test that. So far I have the
functionality to create,delete,restart,start and shutdown VM's on a Hyper-V
host.
I have the initial draft on https://github.com/mikef-nl/hyperv_guest . It
will need additional testing before I'm happy it works fully. But thus far
On Thursday, September 8, 2016 at 10:36:01 AM UTC+2, Mike Fennemore wrote:
>
> Ok will have to build a vmm box to test that. So far I have the
> functionality to create,delete,restart,start and shutdown VM's on a Hyper-V
> host.
>
> On Thursday, September 8, 2016 at 7:59:20 AM
Ok will have to build a vmm box to test that. So far I have the
functionality to create,delete,restart,start and shutdown VM's on a Hyper-V
host.
On Thursday, September 8, 2016 at 7:59:20 AM UTC+2, lars wrote:
>
> Thanks for your reply.
>
> I Use powershell now, and yes, it should connect to
The other thing is that the VMWare module makes use of VCenter. Would the
Hyper-V module need to make use of SCVMM?
On Tuesday, September 6, 2016 at 5:33:54 PM UTC+2, Mike Fennemore wrote:
>
> Why not go the route of powershell from the Ansible control machine? Would
> the hyper-v mo
re pretty much at Microsoft's mercy on that one)?
> The only one we've gotten a few times (that I'll probably try to do
> something about in 2.3) is to allow idempotent application of a list of
> specific updates (eg, emergency vulnerability mitigation).
>
> -Matt
>
>
> O
Why not go the route of powershell from the Ansible control machine? Would the
hyper-v module need to have feature parity with vmware module?
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving
Personally I would just use the client https://git-scm.com. At least that will
also give you the option to add to Windows Path environmental variable.
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop
Which version of Windows are you using? Are you using Cygwin or OpenSSH for
the sshd-agent?
On Tuesday, September 6, 2016 at 4:38:16 PM UTC+2, Андрей Круглов wrote:
>
> Ansible has not git_win module (see here:
>
Ansible has the functionality to be used for configuration management but
it seems the win_update module takes a considerable amount of time to run.
Are there plans to improve the performance of the module? I would ideally
like to be able to use it to force immediate installation of updates
So courtesy of a few colleagues we have a solution. By specifying the fqdn in
the inventory rather than the ip, and making sure the Ansible control machine
could resolve the fqdn to the ip, the connection is now successful.
--
You received this message because you are subscribed to the Google
I have a playbook running Windows update and want to use set_fact to get a
list of updates installed and the kb numbers.
At the end of the win_updates I register a variable which has the following:
"update_result.updates": {
"cdde339c-ebdb-4a16-add4-fb196a5053a8": {
"id":
Nicely done Trond, will be testing this shortly.
On Sunday, August 14, 2016 at 9:29:39 PM UTC+2, Trond Hindenes wrote:
>
> In case anyone in here is using my win_dsc5 module to invoke DSC
> resources, I've now implemented support for check mode.
>
>
You used the ping module which is built for Linux systems. Try win_ping instead.
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to
There are two ways of approaching it, either put the connection details
into the inventory or create a group_vars folder with your windows.yml file
in it. Keep in mind that the group_vars folder needs to be at the same
level as your inventory file. So for instance if your hosts file is at
Perhaps try ansible_host instead of ansible_ssh_host?
On Wednesday, August 10, 2016 at 1:27:31 PM UTC+2, Chethan S wrote:
>
> I am trying to develop a simple playbook (which would later be used in
> larger ones) to check if Windows VMs in the inventory are up and running.
>
> ---
> - name:
UTC+2, Mike Fennemore wrote:
>
> You made mention of the windows.yml. Are you making use of group_vars?
>
> On Wednesday, August 10, 2016 at 3:27:21 PM UTC+2, Anfield wrote:
>>
>> Hi - any further thoughts?
>>
>>
>>>
--
You received this message be
I would try win_package as the alternative module for installing the exe.
On Wednesday, August 10, 2016 at 3:10:49 PM UTC+2, Chandra Pandey wrote:
>
> ansible play book
>
> root@dev-mmadmin-lx01 playbooks]# cat win_firefox_install.yml
>
>
> - name: install
> hosts: wintestserverchandra
>
>
You made mention of the windows.yml. Are you making use of group_vars?
On Wednesday, August 10, 2016 at 3:27:21 PM UTC+2, Anfield wrote:
>
> Hi - any further thoughts?
>
>
>>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe
So was listening through my podcasts on the way to work and stumbled on
this one
https://powershell.org/episode-314-powerscripting-podcast-matt-davis-from-red-hat-on-ansible/.
Very cool session Matt, looking forward to future news with Nano and
already testing my Ansible on Bash on Ubuntu on
I'm assuming for the security hardening you would be disabling multiple
ciphers and protocols etc. A suggestion would be to use IISCrypto to
configure the ciphers as required. Then export the relevant keys and use
the win_regedit to import the exported reg.
On Monday, July 11, 2016 at
With regards to package management the win_msi module seems to have been
built purely for msi files whereas win_package is built with the option of
other install files (exe etc).
Also the win_msi module is a core module whereas the win_package is an
extras module developed by the community. As
It might also help to add that all the servers it seems to be failing on
are Windows Server 2012 R2 with IIS installed and a few sites with
different SSL Certificates installed.
On Friday, June 24, 2016 at 2:48:18 PM UTC+2, Mike Fennemore wrote:
>
> 09:12:58:4855 fiddler.network.https&
then poke things rather than filter for a
>> specific event category.
>>
>> One of my colleagues tells me there's an rc6 for pywinrm 0.2 - might be
>> worth trying that if you aren't on it already.
>>
>> On Tuesday, June 7, 2016 at 4:32:19 PM UTC+1, Mike Fenne
Is there a method for using HTTPS with certificate validation with Python
2.79? Have been reading this
http://www.hurryupandwait.io/blog/understanding-and-troubleshooting-winrm-connection-and-authentication-a-thrill-seekers-guide-to-adventure
.
Admittedly this is Chef but I would assume the
Hi Matt,
Am I right in saying 0.2.0 is now released?
On Tuesday, May 10, 2016 at 12:33:33 AM UTC+2, Matt Davis wrote:
>
> A new pywinrm release that supports NTLM, kerberos delegation, and much
> improved performance is just around the corner! Version 0.2.0 is at release
> candidate, and a
te SIDs ... not 100% sure though.
>
> On Monday, June 6, 2016 at 10:20:21 PM UTC+10, Mike Fennemore wrote:
>>
>> I'm beginning to think this might be as a result of the problem servers
>> being templated in VMWare perhaps?
>>
>> On Wednesday, June 1, 2016 at 7:41:50
sible_env syntax but hopefully the following should do
> the trick.
>
> - set_fact:
> my_login: "{{ ansible_env['USERDOMAIN'] }}\\{{
> ansible_env['USERNAME'] }}"
>
> Hope this helps,
>
> Jon
>
> On Tuesday, June 7, 2016 at 2:14:52 PM UTC+
I have a specific use that requires the Domain\User Windows format.
My assumption was
- set_fact:
my_login: "{{ ansible_env['USERDOMAIN'] }}\{{
ansible_env['USERNAME'] }}"
This doesn't seem to work however. How do I combine the two envrionmental
variable with a \ between them?
--
You
ible/ansible/pull/15275
>
> As its says in the PR 'This is necessary when a CN name changes and the
> self-signed cert is no longer valid and winRM is not allowing a connection
> because of winRM SSL validation errors.'
>
> Hope this helps,
>
> Jon
>
> On
t certainly on the
> control-machine side, as it'd just hang if the envvar worked and Fiddler
> wasn't configured properly.
>
> On Monday, May 30, 2016 at 12:45:48 AM UTC-7, Mike Fennemore wrote:
>>
>> For testing locally I'm assuming you mean Test-WSMan -Authenticati
Indeed it will. If that is a possibility then I add ignore_errors:true and
still register a variable for the result. The variable will then give you a
status and msg if the service fails.
On 03 Jun 2016 9:44 PM, "Johannes Kastl" <m...@ojkastl.de> wrote:
> On 03.06.16 20:25 M
Have you run the configure for ansible powershell script from the Ansible
documentation?
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to
You could use register: to register a variable for the result then use debug:
var= .
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to
Seems a little odd but having set the HTTPS_PROXY to the fiddler box, when
I run a win_ping to the problem server it does not register any connection
in fiddler.
On Monday, May 30, 2016 at 9:45:48 AM UTC+2, Mike Fennemore wrote:
>
> For testing locally I'm assuming you mean Test
Well you are running Centos 7 so typically you would use yum as your
package manager:
# Via Yum
yum -y install python-devel krb5-devel krb5-libs krb5-workstation
Just remember to run it using sudo.
On Tuesday, May 31, 2016 at 3:50:57 PM UTC+2, skinnedknuckles wrote:
>
> Regarding the Ansible
https://groups.google.com/forum/#!topic/ansible-project/vEl-mrvFkrY
I had a few similar issues, eventually switched from kerberos to ntlm.
Using the newer pywinrm seems to work like a charm thus far.
I'm assuming you have configured the krb5.conf and installed the
dependencies as
per
TPS_PROXY=http://(ip-of-fiddler-box):/ and go watch the fun.
>
> I'm mostly just curious where the connection reset is occurring, as there
> are numerous round-trips involved here (eg, is it NTLM auth failure,
> resource issue, or something else?).
>
> Thanks,
>
> -Matt
>
I have a selected few workgroup Windows server 2012 R2 servers that give
the following error:
<10.128.44.37> ESTABLISH WINRM CONNECTION FOR USER: ansible_user on PORT
5986 TO 10.128.44.37
server_101 | UNREACHABLE! => {
"changed": false,
"msg": "ntlm: ('Connection aborted.', error(104,
raw: 'powershell.exe -Nologo -file C:\Program Files\App\install-service.ps1'
"module_name": "raw"}, "rc": 1, "stderr": "Processing -File 'C:\\Program'
failed because the file does not have a '.ps1' extension. Specify a valid
Windows PowerShell script file name, and then try again.\r\n",
Hi Jon,
We do currently use a dynamic inventory. Basically with the Windows domain
servers we have instances where an application server would depend on a
database server that would rely on a domain controller. In that example we
would want a certain order of update and reboot.
--
You
I have a custom hostvar called server_dependson defined in my inventory.
The thinking is that each server will have a server it is dependent on.
Therefore when running updates and rebooting (Windows servers) I want to be
able to specify that certain servers be updated and rebooted based on
Hi there,
2 things you can try. Add a group or host var
ansible_winrm_server_cert_validation: ignore. Alternatively try out newer
pywinrm:
http://groups.google.com/group/ansible-project/t/bc497e9abbc592b6?utm_source=digest_medium=email
With that you can use ansible_winrm_transport:ntlm or
Looks pretty good so far, tried a few playbooks and the ntlm auth. So far
no issues. Any idea when the stable release is likely to be?
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails
Ansible: 2.0.0.2
OS: CentOS 7.2
Is it possible to use a single Ansible controller for multiple Windows
domains? The scenario requires the use of domain accounts for
authentication on 3 separate domains.
I have configured the krb5.conf accordingly but as yet cannot get the
Ansible controller to
83 matches
Mail list logo