在Windows服务器上配置winRM并填写所有必需的信息以进行连接后:
---
### winrm / win connection ###
ansible_winrm_realm: *My AD Domain*
ansible_connection: winrm
ansible_winrm_kerberos_delegation: yes
ansible_port: 5985
ansible_winrm_transport: kerberos
我有一个
fatal: [MyServer]: UNREACHABLE! => {"changed": false, "msg": "kerberos: ('http', 'Bad HTTP response returned from server. Code 500')", "unreachable": true}
我尝试了很多事情,包括更改配置并检查WinRm是否可访问以及一切都很好:
C:\Users\ME>winrs -r :http://myserver:5985/wsman -u:My_User -p:Password ipconfig
我的WinRM Config:
PS C:\Users\XXXX> winrm get winrm/config/Service
Service
MaxConcurrentOperations = 4294967295
MaxConcurrentOperationsPerUser = 1500
EnumerationTimeoutms = 240000
MaxConnections = 300
MaxPacketRetrievalTimeSeconds = 120
AllowUnencrypted = false
Auth
Basic = false
Kerberos = true
Negotiate = true
Certificate = false
CredSSP = false
CbtHardeningLevel = Relaxed
DefaultPorts
HTTP = 5985
HTTPS = 5986
IPv4Filter = *
IPv6Filter = *
EnableCompatibilityHttpListener = false
EnableCompatibilityHttpsListener = false
CertificateThumbprint
AllowRemoteAccess = true
PS C:\Users\XXXX> winrm get winrm/config/Winrs
Winrs
AllowRemoteShellAccess = true
IdleTimeout = 7200000
MaxConcurrentUsers = 2147483647
MaxShellRunTime = 2147483647
MaxProcessesPerShell = 2147483647
MaxMemoryPerShellMB = 2147483647
MaxShellsPerUser = 2147483647
答案 0 :(得分:1)
我遇到了这个异常,我的解决方案是安装 python-kerberos 包装器。
pip3 install pywinrm[kerberos]
答案 1 :(得分:0)
由于我尝试使用HTTP而不是HTTPS,因此解决方案是通过运行以下命令来更改WinRm服务配置以允许加密连接:
Set-Item -Path WSMan:\localhost\Service\AllowUnencrypted -Value true