Difference between revisions of "Ansible winrm"
Jump to navigation
Jump to search
| Line 15: | Line 15: | ||
| − | /etc/krb5.conf | + | /etc/krb5.conf - CAPS ARE IMPORTANT https://stackoverflow.com/questions/41922521/using-ansible-on-windows-with-domain-user |
``` | ``` | ||
[libdefaults] | [libdefaults] | ||
| − | default_realm = EXAMPLE.COM | + | default_realm = EXAMPLE.COM # domain must be captitalized |
# The following krb5.conf variables are only for MIT Kerberos. | # The following krb5.conf variables are only for MIT Kerberos. | ||
Revision as of 18:43, 11 March 2021
A way for ansible winrm even if not optimal way
You will be better to use https instead of http. I would use ssh if 2019 and above or install openssh on host
sudo apt-get install gcc libkrb5-dev krb5-user python3-dev python3-pip python3-venv
pythonn3 -m venv venv source venv/bin/activate pip3 install ansible kerberos pywinrm
/etc/krb5.conf - CAPS ARE IMPORTANT https://stackoverflow.com/questions/41922521/using-ansible-on-windows-with-domain-user
[libdefaults]
default_realm = EXAMPLE.COM # domain must be captitalized
# The following krb5.conf variables are only for MIT Kerberos.
kdc_timesync = 1
ccache_type = 4
forwardable = true
proxiable = true
fcc-mit-ticketflags = true
hosts
all:
hosts:
host2
host3
children:
jtest:
hosts:
myhost.example.com:
vars:
ansible_user: myuser
ansible_password: xxxxxxxxxx
ansible_connection: winrm
ansible_winrm_transport: kerberos
ansible_winrm_scheme: http
ansible_port: 5985
# ansible_winrm_scheme: https
# ansible_port: 5986
# Insecure don't use
# ansible_winrm_message_encryption: never
# ansible_winrm_server_cert_validation: ignore
testhosts:
hosts:
host1:
test ping
ansible jtest -i hosts -m win_ping
myhost.example.com | SUCCESS => {
"changed": false,
"ping": "pong"
}