Unable to authenticate through CredSSP

Hi all,

Im unable to connect to windows using the credssp authentication issue. Im getting the following error,

x.x.x.x | UNREACHABLE! => {
“changed”: false,
“msg”: “credssp: HTTPSConnectionPool(host=‘x.x.x.x’, port=5986): Max retries exceeded with url: /wsman (Caused by NewConnectionError(‘<urllib3.connection.VerifiedHTTPSConnection object at 0x7f77cc40cfd0>: Failed to establish a new connection: [Errno 111] Connection refused’,))”,
“unreachable”: true

Inventory file settings,

ansible_user: Administrator
ansible_password: xxxxxx
ansible_port: 5986
ansible_connection: winrm
ansible_winrm_scheme: https
ansible_winrm_transport: credssp
ansible_winrm_server_cert_validation: ignore

Thanks,
Shyam

Is your user a part of admin group?

Hi Ankit,

Thanks for your reply. The user have all the admin rights. Still Im unable to connect to the remote host. Same error.

Hi,

Im able to ping with Basic AUTH and NTLM, using the port number 5985. But when Im trying to connect with CredSSP, Im getting the error.

Settings for Basic and NTLM in inventory

You have to make sure CredSSP is enabled in the server roles with ‘Enable-WSManCredSSP -Role Server’ https://docs.microsoft.com/en-us/powershell/module/microsoft.wsman.management/enable-wsmancredssp. This is because CredSSP uses unconstrained delegation and people should be aware of the potential security risks that come with unconstrained delgation.

You can verify what has been enabled or disabled by running ‘winrm get winrm/config/service/auth’ on your Windows host as well.

Thanks

Jordan

Hi Jordan,

Thanks for your replay. Issue got fixed, after enabling ‘Enable-WSManCredSSP -Role Server’

Thanks for your help.
Shyam