WinRM - running ansible on widnows returning error

nadim_mansour · November 1, 2018, 10:20am

How can I let ansible run on windows node(windows server 2012 machine) ??
I ran the belwo commands on power shell before running the ansible script :

netsh advfirewall firewall add rule name=“Allow WinRM (Http)” dir=in localport=5985 protocol=tcp action=allow enable=yes

netsh advfirewall firewall add rule name=“Allow WinRM (Https)” dir=in localport=5986 protocol=tcp action=allow enable=yes

I am recieving the below error

fatal: [uat_cdxdb]: UNREACHABLE! => {

“changed”: false,

“msg”: “ssl: HTTPSConnectionPool(host=‘10.1.116.151’, port=5986): Max retries exceeded with url: /wsman (Caused by NewConnectionError(‘<urllib3.connection.VerifiedHTTPSConnection object at 0x108cfd450>: Failed to establish a new connection: [Errno 61] Connection refused’,))”,

“unreachable”: true

}

Foss_Geek · November 1, 2018, 10:38am

Run this PowerShell script on your windows machine: https://github.com/ansible/ansible/blob/devel/examples/scripts/ConfigureRemotingForAnsible.ps1

That will configure the necessary changes to allow Ansible to connect to windows.

nadim_mansour · November 1, 2018, 10:44am

is thier another way like doing manual steps or rules.
The client will not allow us to run the script on his amchines
could you please help or advice ?

jborean · November 1, 2018, 12:26pm

You can look at the script and see what it does to enable the firewall rules. I find it amusing they won’t allow scripts when you can still run arbitrary commands.

Thanks

Jordan

nadim_mansour · November 1, 2018, 1:06pm

I am enabling the below rules:

netsh advfirewall firewall add rule name=“Allow WinRM (Http)” dir=in localport=5985 protocol=tcp action=allow enable=yes

netsh advfirewall firewall add rule name=“Allow WinRM (Https)” dir=in localport=5986 protocol=tcp action=allow enable=yes

but it seems on https a certificate is needed !? cause I am still not able to run ansible on the windows server

Ankit2 · November 1, 2018, 1:13pm

Can you share winrm configuration?

Foss_Geek · November 1, 2018, 2:13pm

I have not done it manually.

My be take a look at below article: https://www.virtualtothecore.com/en/configuring-windows-machines-for-ansible/

It looks like he was using SolarWinds Remote Execution Enabler for PowerShell: https://www.solarwinds.com/free-tools/remote-execution-enabler-for-powershell

nadim_mansour · November 1, 2018, 2:35pm

Please find below the screent shot
I run the two rules command for http and https listener
and I run winrm qc

but its listining only to http

nadim_mansour · November 1, 2018, 2:38pm

jborean · November 1, 2018, 7:29pm

Yes you need a certificate for https just like any https endpoint. The Configure script will generate a self signed one for you as it is needlessly complex in older versions of PowerShell to generate your own.

Topic		Replies	Views
unable to setup windows host for ansible Ansible Project windows	14	0	November 1, 2018
Ansible unable to winrm to Windows Server 2012 Ansible Project rhel , windows	7	1	February 27, 2019
Using Ansible with remote nodes running Windows 7 Ansible Project fedora , windows	3	0	November 7, 2014
Problems with Ansible and WinRM Ansible Project ubuntu , windows	2	3	April 30, 2019
Windows Host Unreachable Ansible Project windows	2	2	March 29, 2020

WinRM - running ansible on widnows returning error

Related topics