HI All,
Greetings …!
I am trying to setup Ansible environment and in that process I need to add windows client to my Ansible servers. I am getting below error and need your suggestions
Environment:-
Ansible server – RHEL 7.5
Domain- no, local account
Network – 10.31.xx.xx
Windows server – Windows 2008 sp1
Domain – yes
Network – 10.32.xx.xx
winrm – open
[ansible@server ~]$ ansible win -m win_ping -vvvv
ansible 2.6.1
config file = /etc/ansible/ansible.cfg
configured module search path = [u’/home/ansible/.ansible/plugins/modules’, u’/usr/share/ansible/plugins/modules’]
ansible python module location = /usr/lib/python2.7/site-packages/ansible
executable location = /usr/bin/ansible
python version = 2.7.5 (default, May 31 2018, 09:41:32) [GCC 4.8.5 20150623 (Red Hat 4.8.5-28)]
Using /etc/ansible/ansible.cfg as config file
[DEPRECATION WARNING]: DEFAULT_SUDO_USER option, In favor of Ansible Become, which is a generic framework. See become_user. , use become instead.
This feature will be removed in version 2.8. Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg.
setting up inventory plugins
Parsed /etc/ansible/hosts inventory source with ini plugin
Loading callback plugin minimal of type stdout, v2.0 from /usr/lib/python2.7/site-packages/ansible/plugins/callback/minimal.pyc
META: ran handlers
Using module file /usr/lib/python2.7/site-packages/ansible/modules/windows/win_ping.ps1
<servername.AD.com> ESTABLISH WINRM CONNECTION FOR USER: ansible on PORT 5985 TO servername.AD.com
checking if winrm_host servername.AD.com is an IPv6 address
Using module file /usr/lib/python2.7/site-packages/ansible/modules/windows/win_ping.ps1
<10.32.xx.xxx> ESTABLISH WINRM CONNECTION FOR USER: ansible on PORT 5985 TO 10.32.xx.xxx
checking if winrm_host 10.32.xx.xxx is an IPv6 address
servername.AD.com | UNREACHABLE! => {
“changed”: false,
“msg”: “ntlm: HTTPConnectionPool(host=‘servername.AD.com’, port=5985): Max retries exceeded with url: /wsman (Caused by NewConnectionError(‘<urllib3.connection.HTTPConnection object at 0x7fdd5b867410>: Failed to establish a new connection: [Errno 111] Connection refused’,))”,
“unreachable”: true
}
I have followed the steps given in below blogs yet i am unable to establish connection
https://argonsys.com/learn-microsoft-cloud/articles/configuring-ansible-manage-windows-servers-step-step/
https://digitalist.global/talks/winrmansible/
https://docs.ansible.com/ansible/2.4/intro_windows.html
https://www.youtube.com/watch?v=U0SQ-3-QDzw&t=507s
Now my questions are
- Since Ansible and windows are in different network, do i need to open any ports from firewall ?
- As the windows server is in AD, do i need to follow kerberos authentication steps ? Here Linux server is not in AD. this is accessible inside jump post
- What steps i need to take to make successfully authentication
Best Regards
Vamsi