Open in app

Sign in

Write

Sign in

Ansible with Windows Managed Node

fakhri darmawan
The Startup
Published in
2 min readJan 2, 2020

--

Setup windows inventory with this variable in ansible tower hosts, make sure that variable “ansible_connection” is on top or under ansible_host. variable “ansible_connection” indicate your connection to windows manage node using winrm

---ansible_host: <ip address if cannot using hostname>
ansible_connection: winrm
ansible_port: 5985
ansible_winrm_transport: ntlm
ansible_winrm_cert_validation: ignore

enable winrm in target host using this step

  • Ansible requires PowerShell version 3.0 and .NET Framework 4.0 so install the latest supported version powershell and .NET
  • Enable winrm using this powershell script

view the current listeners that are running on the WinRM

winrm enumerate winrm/config/Listener

this will output like this

Listener
    Address = *
    Transport = HTTP
    Port = 5985
    Hostname
    Enabled = true
    URLPrefix = wsman
    CertificateThumbprint
    ListeningOn = 10.0.2.15, 127.0.0.1, 192.168.56.155, ::1, fe80::5efe:10.0.2.15%6, fe80::5efe:192.168.56.155%8, fe80::
ffff:ffff:fffe%2, fe80::203d:7d97:c2ed:ec78%3, fe80::e8ea:d765:2c69:7756%7

Listener
    Address = *
    Transport = HTTPS
    Port = 5986
    Hostname = SERVER2016
    Enabled = true
    URLPrefix = wsman
    CertificateThumbprint = E6CDAA82EEAF2ECE8546E05DB7F3E01AA47D76CE
    ListeningOn = 10.0.2.15, 127.0.0.1, 192.168.56.155, ::1, fe80::5efe:10.0.2.15%6, fe80::5efe:192.168.56.155%8, fe80::
ffff:ffff:fffe%2, fe80::203d:7d97:c2ed:ec78%3, fe80::e8ea:d765:2c69:7756%7

In the example above there are two listeners activated; one is listening on port 5985 over HTTP and the other is listening on port 5986 over HTTPS. Some of the key options that are useful to understand are:

  • Transport: Whether the listener is run over HTTP or HTTPS, it is recommended to use a listener over HTTPS as the data is encrypted without any further changes required.
  • Port: The port the listener runs on, by default it is 5985 for HTTP and 5986 for HTTPS. This port can be changed to whatever is required and corresponds to the host var ansible_port.
  • URLPrefix: The URL prefix to listen on, by default it is wsman. If this is changed, the host var ansible_winrm_path must be set to the same value.

if winrm listener not available, you can quick configure using this command (run as administrator) in windows node

winrm quickconfig

make sure winrm service is running

winrm services
Write-VerboseLog "PS Remoting has been successfully configured for Ansible."
Ansible Tower
Ansible Tutorial
Programming

--

--

fakhri darmawan
The Startup

Written by fakhri darmawan

10 Followers

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams