Trying to connect to a Windows host using the FQDN

jbrown · June 17, 2024, 8:17pm

Hi everyone,

There seems to be an issue trying to connect to my host using their fully qualified domain name (FQDN). I can ping each host with Ansible using their respective IP Addresses but whenever I try using the FQDN I get this error:

I have already configured WinRM and have installed packages onto Windows PCs so I know the connection works. I can ping the host from the Windows command line using the FQDN with no issues but when I try it from my Ansible control node (which is on the same PC) I keep getting the error above. I’m wondering whether I have not configured something correctly or if Ansible is just unable to reach the host due to some firewall restriction.

Here is an example of what my inventory looks like:

[hosts]
my-host1
my-host2

[hosts:vars]
ansible_user=user
ansible_password=mypass
ansible_connection=winrm
ansible_winrm_server_cert_validation=ignore
ansible_winrm_transport=ntlm
ansible_winrm_scheme=https
ansible_winrm_port=5986
ansible_winrm_message_encryption=always

I am using the community ansible-core version 2.16.7

Any suggestions about what the error could be would be much appreciated.

Thanks,
Julian

olanok · June 17, 2024, 8:50pm

Sounds like a DNS resolution issue. From the PC that is running ansible, can you you resolve the IP address from the host name?

nslookup my-host1

jbrown · June 18, 2024, 1:19pm

When I try nslookup:

nslookup my-host1

this is the response:

Server: 1.1.1.1
Address: 1.1.1.1#53

** server can't find my-host1: NXDOMAIN

CWollinger · June 18, 2024, 1:32pm

Make sure that my-host1 is able to be resolved (via DNS or host entry). For https it is also important that your winrm listener is listening on this hostname and that the certificate matches:

winrm enumerate winrm/config/listener

Listener
    Address = *
    Transport = HTTPS
    Port = 5986
    Hostname = my-host1 
    ListeningOn = xxx.xxx.xxx.xxx
    ...

jbrown · June 18, 2024, 1:48pm

Thank you for this info I will check the listener on the host device. I’m also looking into the resolv.conf file on my VM that is running Ansible.

jbrown · June 18, 2024, 3:23pm

I was able to fix the issue by adding the correct DNS IP address to my resolv.conf file. Thank you, guys, for your responses they definitely helped guide me to the solution.