Ansible winrm

From UVOO Tech Wiki
Revision as of 00:04, 9 March 2021 by Busk (talk | contribs)
Jump to navigation Jump to search

A way for ansible winrm even if not optimal way

You will be better to use https instead of http. I would use ssh if 2019 and above or install openssh on host 

sudo apt-get install gcc libkrb5-dev krb5-user python3-dev python3-pip python3-venv

pythonn3 -m venv venv
source venv/bin/activate
pip3 install ansible kerberos pywinrm

/etc/krb5.conf 

[libdefaults]
        default_realm = EXAMPLE.COM

# The following krb5.conf variables are only for MIT Kerberos.
        kdc_timesync = 1
        ccache_type = 4
        forwardable = true
        proxiable = true

        fcc-mit-ticketflags = true

hosts 

all:
  hosts:
    host2
    host3
  children:
    jtest:
      hosts:
        myhost.example.com:
      vars:
        ansible_user: myuser
        ansible_password: xxxxxxxxxx
        ansible_connection: winrm
        ansible_winrm_transport: kerberos
        ansible_winrm_scheme: http
        ansible_port: 5985
        # ansible_winrm_scheme: https
        # ansible_port: 5986
        # Insecure don't use
        # ansible_winrm_message_encryption: never
        # ansible_winrm_server_cert_validation: ignore
    testhosts:
      hosts:
        host1:

test ping 

ansible jtest -i hosts -m win_ping
myhost.example.com | SUCCESS => {
    "changed": false,
    "ping": "pong"
}
Retrieved from "https://tech.uvoo.io/index.php?title=Ansible_winrm&oldid=1311"