i CANT connect to a windows server

Archives Ansible Project
1

i configured host

[windows]
server.domain.es

Windows.yml

ansible_user: domain\user
ansible_password: passw
ansible_port: 5986
ansible_connection: winrm
ansible_winrm_server_cert_validation: ignore

I’ve tried it too:
ansible_user: localuser (in the server)

BUT when i run the playbook:

  1. <server.domain.es> ESTABLISH SSH CONNECTION FOR USER: USER

  2. <server.domain.es> SSH: ansible.cfg set ssh_args: (-o)(ControlMaster=auto)(-o)(ControlPersist=60s)

  3. <server.domain.es> SSH: ANSIBLE_HOST_KEY_CHECKING/host_key_checking disabled: (-o)(StrictHostKeyChecking=no)

  4. <server.domain.es> SSH: ANSIBLE_REMOTE_USER/remote_user/ansible_user/user/-u set: (-o)(User=USER)

  5. <server.domain.es> SSH: ANSIBLE_TIMEOUT/timeout set: (-o)(ConnectTimeout=10)

  6. <server.domain.es> SSH: PlayContext set ssh_common_args: ()

  7. <server.domain.es> SSH: PlayContext set ssh_extra_args: ()

  8. <server.domain.es> SSH: found only ControlPersist; added ControlPath: (-o)(ControlPath=/tmp/ansible_tower_CMbKBj/cp/ansible-ssh-%h-%p-%r)

  9. <server.domain.es> SSH: EXEC sshpass -d19 ssh -C -vvv -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o User=USER -o ConnectTimeout=10 -o ControlPath=/tmp/ansible_tower_CMbKBj/cp/ansible-ssh-%h-%p-%r server.domain.es ‘/bin/sh -c ‘"’"’( umask 77 && mkdir -p “echo $HOME/.ansible/tmp/ansible-tmp-1479111892.51-133707384640152” && echo ansible-tmp-1479111892.51-133707384640152=“echo $HOME/.ansible/tmp/ansible-tmp-1479111892.51-133707384640152” ) && sleep 0’“'”‘’

  10. fatal: [server.domain.es]: UNREACHABLE! => {“changed”: false, “msg”: “Failed to connect to the host via ssh.”, “unreachable”: true}

  11. [WARNING]: Could not create

2

The user isn't in the correct user@domain format firstly. Have you setup kerberos as per the Ansible documentation? It might also be an idea to check what version of pywinrm you're running. What version of Ansible is the server running?

3

No i not configure kerberos (other partner install ansible ansible 2.1.1.0 in our organization and tell us is not necesary install kerberos). pywinrm-0.2.1

4

It might be an idea to take a look at the Ansible documentation in that case http://docs.ansible.com/ansible/intro_windows.html . That will give you the rundown of what is needed.

5

Please show us your playbook.

Your group_vars file must be called ‘windows.yml’ not ‘Windows.yml’ otherwise the group name you have defined will not match (it is case-sensitive) and ansible will default to ssh connection.

Also check your playbook looks like

`

6

yes the file name windows.yml

This is my playbook

  • name: raw module example
    hosts: server.domain.es
    tasks:
  • name: Move file on remote Windows Server from one location to another
    raw: CMD /C “MOVE /Y D:\origen\prueba.txt D:\destino\prueba.txt”

RESULT:
.
.
.
.
fatal: [server.domain.is]: UNREACHABLE! => {“changed”: false, “msg”: “Failed to connect to the host via ssh.”, “unreachable”: true}

if i change to

  • name: raw module example
    hosts: windows
    tasks:
  • name: Move file on remote Windows Server from one location to another
    raw: CMD /C “MOVE /Y D:\origen\prueba.txt D:\destino\prueba.txt”

RESULT:succesfull but all skipped

Using /etc/ansible/ansible.cfg as config file
SSH password:
Loaded callback default of type stdout, v2.0
PLAYBOOK: pruebaaitorwin.yml ***************************************************
1 plays in pruebaaitorwin.yml
PLAY [raw module example] ******************************************************
skipping: no hosts matched
PLAY RECAP *********************************************************************

7

yeah thanks… i will ask if i can install kerbeos module… but the partnet said me is not neccesary… im very begginer with this… thanks

8

Ok it looks like your inventory and group vars aren’t matching up at the moment.

Please show your ansible-playbook command line.

Your ansible hosts file should be in in
/etc/ansible/hosts

and group vars in
/etc/ansible/group_vars/windows.yml

(You can use other locations but must use -i /path/to/ansible/hosts/file and the group_vars must be in sub directory under wherever your ansible inventory file is).

You can also configure in ansible.cfg so worth checking that ansible is configured in the default way.

Also you must use a local account name e.g. Administrator if you have not set up kerberos.

If you are using kerberos, please use username@realm (not username\realm or username/realm) otherwise kerberos will not be used.

Hope this helps,

Jon

9

thanks ok y will try with a local administrator

In host file… i must configure servername.domain.es or IP ?

10

ok… works when i execute in ansible (whit local user)

But in Tower not works… i will check again the Tower configuration

11

is posible confugure LDAP and not Kerberos?

12

Not something I have heard of anyone trying.

If you have working on command line but not in Tower, I suggest you contact Tower support for help.

Jon