I installed Ansible on a VM and want to automate Windows Updates on Windows Hosts. When i try to ping the hosts with the command: ansible test -m win_ping -vvv i receive a Bad HTTP Error
client.xxx.DE | UNREACHABLE! => {
"changed": false,
"msg": "kerberos: Bad HTTP response returned from server. Code 502, plaintext: Bad HTTP response returned from server. Code 502",
"unreachable": true
}
The ansible host file:
[test]
client.xxx.DE
[test:vars]
ansible_user=User@xxx.DE
#ansible_passwort=Passwort
ansible_connection=winrm
ansible_transport=kerberos
ansible_port=5985
Krb5.conf File:
[libdefaults]
default_realm = xxx.DE
allow_weak_crypto = true
kdc_timesync = 1
ccache_type = 4
forwardable = true
proxiable = true
fcc-mit-ticketflags = true
[realms]
XXX.DE = {
kdc = dc1.xxx.de
kdc = dc2.xxx.de
}
[domain_realm]
.xxx.de = XXX.DE
xxx.de = XXX.DE
When i test the connection via nc -z -w1 client 5985;echo $? i get a return of 0
The win WINRM Config on the remote host:
Service
RootSDDL = O:NSG:BAD:P(A;;GA;;;BA)(A;;GR;;;IU)S:P(AU;FA;GA;;;WD)(AU;SA;GXGW;;;WD)
MaxConcurrentOperations = 4294967295
MaxConcurrentOperationsPerUser = 1500
EnumerationTimeoutms = 240000
MaxConnections = 300
MaxPacketRetrievalTimeSeconds = 120
AllowUnencrypted = true
Auth
Basic = false
Kerberos = true
Negotiate = true
Certificate = false
CredSSP = false
CbtHardeningLevel = Relaxed
DefaultPorts
HTTP = 5985
HTTPS = 5986
IPv4Filter = xxx-xxx [Source="GPO"]
IPv6Filter [Source="GPO"]
EnableCompatibilityHttpListener = false
EnableCompatibilityHttpsListener = false
CertificateThumbprint
AllowRemoteAccess = true [Source="GPO"]
We use a proxy Server in our environment