Connection issues to Windows Server - Host not Reachable

[Anfield]

Trying to connect from Ansible server to windows host and getting connection errors

[root@localhost ansible]# ansible -i hosts -m ping all

10.10.128.0 | UNREACHABLE! => {

    "changed": false,

    "msg": "Failed to connect to the host via ssh.",

    "unreachable": true

-Configured windows.yml, added the windows host in the ansible hosts file, and can ping both machines from each other. Also ran the powershell script on the windows box

Is there something I am missing?

[Justin Dugan]

The error states it's trying to use ssh so you are missing some configuration entries from the windows documentation page (http://docs.ansible.com/ansible/intro_windows.html). One of the entries would be:

ansible_connection: winrm

[Anfield]

Thanks. I think I have those configured though

ansible_ssh_user: User

ansible_ssh_pass: Pass

ansible_ssh_port: 5986

ansible_connection: winrm

[Justin Dugan]

It shouldn't be using ssh for windows. Here are some other entries I am using:

ansible_winrm_transport: kerberos

ansible_winrm_kerberos_delegation: true

I'm not familiar with you configuration, so I'm not sure if these apply.

[Anfield]

I agree!. I am new to Ansible.. I just have two virtual machines on my desktop and all that I have configured is listed below -

-Configured windows.yml - with the following -

ansible_ssh_user: User

ansible_ssh_pass: Pass

ansible_ssh_port: 5986

ansible_connection: winrm

, added the windows host in the ansible hosts file under [windows], and can ping both machines from each other. Also ran the powershell script on the windows box.

I havent got anything else configured so it would have to use the local admin acct on the windows box.

Any suggestions?

Thanks!

[Anfield]

Hi - any further thoughts?

[Mike Fennemore]

You made mention of the windows.yml. Are you making use of group_vars?

[Mike Fennemore]

http://docs.ansible.com/ansible/intro_windows.html

Note

Ansible 2.0 has deprecated the “ssh” from ansible_ssh_user, ansible_ssh_host, and ansible_ssh_port to become ansible_user, ansible_host, andansible_port. If you are using a version of Ansible prior to 2.0, you should continue using the older style variables (ansible_ssh_*). These shorter variables are ignored, without warning, in older versions of Ansible.

In group_vars/windows.yml, define the following inventory variables:

# it is suggested that these be encrypted with ansible-vault:
# ansible-vault edit group_vars/windows.yml

ansible_user: Administrator
ansible_password: SecretPasswordGoesHere
ansible_port: 5986
ansible_connection: winrm
# The following is necessary for Python 2.7.9+ when using default WinRM self-signed certificates:
ansible_winrm_server_cert_validation: ignore

[Justin Dugan]

What version of ansible are you using? 

[Anfield]

Using version 2.1.0.0

Have not created group_vars/windows.yml. I just created windows.yml under the ansible directory. Do I need to create the group_vars directory first?

[Mike Fennemore]

There are two ways of approaching it, either put the connection details into the inventory or create a group_vars folder with your windows.yml file in it. Keep in mind that the group_vars folder needs to be at the same level as your inventory file. So for instance if your hosts file is at /etc/ansible/hosts then your group_vars folder would need to be /etc/ansible/group_vars.

[Anfield]

Thanks for the update. I created the group_vars and added the windows.yml in there/ Tried an ansible all -m ping -vvvv and get the following error

On the linux control machine when I look at the python version it is 2.7.5, do I need to update that?

Error msg - 

Loaded callback minimal of type stdout, v2.0

An exception occurred during task execution. The full traceback is:

Traceback (most recent call last):

  File "/usr/lib/python2.7/site-packages/ansible/executor/task_executor.py", line 124, in run

    res = self._execute()

  File "/usr/lib/python2.7/site-packages/ansible/executor/task_executor.py", line 411, in _execute

    self._connection = self._get_connection(variables=variables, templar=templar)

  File "/usr/lib/python2.7/site-packages/ansible/executor/task_executor.py", line 636, in _get_connection

    connection = self._shared_loader_obj.connection_loader.get(conn_type, self._play_context, self._new_stdin)

  File "/usr/lib/python2.7/site-packages/ansible/plugins/__init__.py", line 333, in get

    self._module_cache[path] = self._load_module_source('.'.join([self.package, name]), path)

  File "/usr/lib/python2.7/site-packages/ansible/plugins/__init__.py", line 319, in _load_module_source

    module = imp.load_source(name, path, module_file)

  File "/usr/lib/python2.7/site-packages/ansible/plugins/connection/winrm.py", line 28, in <module>

    import xmltodict

ImportError: No module named xmltodict

10.10.128.0 | FAILED! => {

    "failed": true,

    "msg": "Unexpected failure during module execution.",

    "stdout": ""

 

[Mike Fennemore]

You used the ping module which is built for Linux systems. Try win_ping instead.

[Anfield]

I thought the ping all command would literally ping all hosts. Anyway I tried -> ansible 10.10.128.0 -m win_ping, and I think this looks good

10.10.128.0 | SUCCESS => {

    "changed": false,

    "ping": "pong"

}