winrm connection to windows server 2012r2 in EC2 - Unauthorized/basic auth failed

Michael_Wozniak · September 23, 2014, 8:11pm

I’m attempting to set up a windows 2012 system in EC2 which can be accessed/managed with ansible. I’ve used a script like the example (https://github.com/ansible/ansible/blob/devel/examples/scripts/ConfigureRemotingForAnsible.ps1) passed as user_data at start-up to successfully connect to a windows 2008r2 based system, however I’ve had issues related to memory limits in 2008r2. When I try to use the same script to connect to a 2012r2 based system, I get these errors:

ESTABLISH WINRM CONNECTION FOR USER: Admin1 on PORT 5986 TO IP
WINRM CONNECT: transport=plaintext endpoint=https://IP:5986/wsman
WINRM CONNECTION ERROR: 401 Unauthorized. basic auth failed
WINRM CONNECT: transport=plaintext endpoint=http://IP:5986/wsman

I can successfully connect to the server with RDP, and as far as I can tell, the winrm settings look correct. Has anyone else experienced similar issues? Any ideas on what could be going wrong?

j.r.hawkesworth · September 23, 2014, 9:25pm

Worth checking the firewall rules. I think I had something like this happen first time I set up 2012 server, but I probably wasn’t using basic auth.
From memory I had an error when the following line of the setup script ran:

#FIrewall
	netsh advfirewall firewall add rule Profile=public name=“Allow WinRM HTTPS” dir=in localport=5986 protocol=TCP action=allow

I think the problem was the Profile=public part. Yeah, that was it, I had to tweak it to Profile=domain on 2012 but it had been happy on 2008r2 as is. Bear in mind I was using a domain account, so not the same issue as you, but perhaps worth checking the firewall configuration anyway?

Jon

Michael_Wozniak · September 24, 2014, 1:03pm

I actually have that line switched out for debugging purposes and I just turn off the firewall completely.

This is what I have for now:
Set-NetFirewallProfile -Profile Domain,Public,Private -Enabled False

I log in to the server with RDP after it’s up and running and I can verify that the firewall shows as disabled in the GUI.

Michael_Wozniak · September 24, 2014, 2:50pm

Apparently the issue was that I was turning off the firewall before I was setting the new password. The connection works when the password is properly set before turning off the firewall.

Mayur_Barge · January 15, 2016, 6:33pm

How did you solved this issue ?
I’m facing similar issue

Topic		Replies	Views
basic connection to windows with WinRM failing, need a clue. Ansible Project windows	3	9	November 17, 2017
establishing winrm connection failing Ansible Project windows	2	5	March 26, 2016
Unusual WinRM connection issue Ansible Project windows	18	88	September 1, 2016
Ansible unable to winrm to Windows Server 2012 Ansible Project rhel , windows	7	5	February 27, 2019
WinRM - running ansible on widnows returning error Ansible Project windows	9	1	November 1, 2018

winrm connection to windows server 2012r2 in EC2 - Unauthorized/basic auth failed

Related topics