Goal : Use Linux centos 7.8 server with ansible version 2.9.7 to manage windows 2019 server
Error : <ServerX> WINRM CONNECTION ERROR: function takes at most 2 arguments (3 given)
#######################################
Ansible Version :
ansible 2.9.7
config file = /etc/ansible/ansible.cfg
configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python2.7/site-packages/ansible
executable location = /bin/ansible
python version = 2.7.5 (default, Apr 2 2020, 13:16:51) [GCC 4.8.5 20150623 (Red Hat 4.8.5-39)]
#######################################
Linux OS
CentOS 7.8
#######################################
No linux Firewall
No network Firewall between Linux & Windows
#######################################
pip install "pywinrm>=0.3.0"
#######################################
cat /etc/krb5.conf
# Configuration snippets may be placed in this directory as well
includedir /etc/krb5.conf.d/
includedir /var/lib/sss/pubconf/krb5.include.d/
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
# dns_lookup_realm = false
ticket_lifetime = 2400h
renew_lifetime = 777d
forwardable = true
rdns = false
pkinit_anchors = /etc/pki/tls/certs/ca-bundle.crt
default_ccache_name = KEYRING:persistent:%{uid}
[realms]
}
[domain_realm]
#######################################
kinit -C Us...@TEST.Com
#######################################
ansible windows -m win_ping -vvvvvv
Shows :
Using module file /usr/lib/python2.7/site-packages/ansible/modules/windows/win_ping.ps1
Pipelining is enabled.
<ServerX> ESTABLISH WINRM CONNECTION FOR USER:
Us...@TEST.COM on PORT 5986 TO ServerX
<ServerX> WINRM CONNECTION ERROR: function takes at most 2 arguments (3 given)
#######################################
Ansible host file
[windows]
ServerX
[windows:vars]
ansible_passwordi='xx'
ansible_port=5986
ansible_connection=winrm
ansible_winrm_scheme=https
ansible_winrm_server_cert_validation=ignore
ansible_winrm_transport=kerberos
#######################################
Windows OS side :
Ran
#######################################
#######################################
winrm works well ...
Invoke-Command -ComputerName ServerX -ScriptBlock { Get-ChildItem C:\ }
#######################################
I also went through some google links & did below
Windows Firewall : checked firewall port - was allowed - 5986 is secure https winrm traffic
nc -zv ServerX 5986 - was ok
winrm configSDDL default - added the user
#######################################
Is it possible the account password has simply expired? No - Yeah but checked the user account's properties... box is checked 'Password never expires'
#######################################
tried below no luck :
In my case, a just add this line on [libdefaults] in my krb5.conf:
allow_weak_crypto = true
#######################################
pip list | grep -i kerberos
kerberos 1.1
pykerberos 1.2.1
requests-kerberos 0.7.0
#######################################
python --version
Python 2.7.5
#######################################
just to be sure, please check you have a kerberos ticket which has not expired before running - its is not
#######################################
PS C:\WINDOWS\system32> winrm quickconfig
WinRM service is already running on this machine.
WinRM is already set up for remote management on this computer.
PS C:\WINDOWS\system32>
PS C:\WINDOWS\system32>
#######################################
PS C:\WINDOWS\system32> winrm get winrm/config/service
Service
RootSDDL = O:NSG:BAD:P(A;;GXGR;;;...)(A;;GA;;;BA)(A;;GR;;;IU)S:P(AU;FA;GA;;;WD)(AU;SA;GXGW;;;WD)
MaxConcurrentOperations = 4294967295
MaxConcurrentOperationsPerUser = 1500
EnumerationTimeoutms = 240000
MaxConnections = 300
MaxPacketRetrievalTimeSeconds = 120
AllowUnencrypted = false
Auth
Basic = true
Kerberos = true
Negotiate = true
Certificate = true
CredSSP = true
CbtHardeningLevel = Relaxed
DefaultPorts
HTTP = 5985
HTTPS = 5986
IPv4Filter = *
IPv6Filter = *
EnableCompatibilityHttpListener = false
EnableCompatibilityHttpsListener = false
CertificateThumbprint
AllowRemoteAccess = true
PS C:\WINDOWS\system32>
#######################################
Tried a local account as well on windows - no luck
#######################################
Thanks Please suggest