URGENT: Windows Node: Domain account credentials not working:

[Eric Fanson]

Followed this Rundeck documentation to run jobs on windows nodes. Have done the required configuration on the Windows nodes as well as on the Rundeck server. I am using the domain connected local admin accounts to connect to the Windows nodes. But the credentials are getting rejected with this error:

Any help will be greatly appreciated as I am stuck with this for more than a month now, and Rundeck team is not able to help/resolve the issue. 

[rac...@rundeck.com]

Hi Eric,

1. Make sure that you're using the default PyWinRM plugin (out of the box with Rundeck).

2. This is important, you need to configure your windows box to receive WinRM connections, take a look at this.

3. Make sure to configure your windows node correctly, you have a good example here.

Regards.

[TAYLOR J HAMMERLING]

Another perspective chiming in 😊

We use OpenSSH instead of WinRM.  I found WinRM cumbersome to set up / configure, plus we could not run any scripts with sharepoint cmdlets via WinRM.    We would receive an error “The local farm is not accessible. Cmdlets with FeatureDependencyId are not registered.” And any script that interfaced with our onsite sharepoint instance would fail spectacularly (and 95% of our automation interfaces with our sharepoint server!).  Plus our department prefers key authentication of password authentication.

Now that you have a little background on why we chose OpenSSH, Here’s the steps we took to install / configure openssh on our windows servers

 

Any commands should be run from an elevated powershell prompt

 

# Install OpenSSH for Win10, win2019 servers and newer (available as a windows feature!)-

# Check if OpenSSH is already installed

Get-WindowsCapability -Online | Where-Object Name -like 'OpenSSH*'

# Install the OpenSSH Server

Add-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0

 

# Install OpenSSH for Pre Win10 and pre-Win2019 servers -

Download OpenSSH here -

https://github.com/PowerShell/Win32-OpenSSH/releases/download/V8.6.0.0p1-Beta/OpenSSH-Win64.zip

Unzip to c:\program files\

# Open a powershell prompt as administrator -

Run 'C:\Program Files\OpenSSH-Win64\install-sshd.ps1'

 

# Start the sshd service

Start-Service sshd

 

# Set the service to start automatically, OPTIONAL but recommended

Set-Service -Name sshd -StartupType 'Automatic'

 

# Confirm the Firewall rule is configured. It should be created automatically by setup. Run the following to verify

if (!(Get-NetFirewallRule -Name "OpenSSH-Server-In-TCP" -ErrorAction SilentlyContinue | Select-Object Name, Enabled)) {

    Write-Output "Firewall Rule 'OpenSSH-Server-In-TCP' does not exist, creating it..."

    New-NetFirewallRule -Name 'OpenSSH-Server-In-TCP' -DisplayName 'OpenSSH Server (sshd)' -Enabled True -Direction Inbound -Protocol TCP -Action Allow -LocalPort 22

} else {

    Write-Output "Firewall rule 'OpenSSH-Server-In-TCP' has been created and exists."

}

 

# set the default shell for OpenSSH to be PowerShell

New-ItemProperty -Path "HKLM:\SOFTWARE\OpenSSH" -Name DefaultShell -Value "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -PropertyType String -Force

  

References :

https://docs.microsoft.com/en-us/windows-server/administration/openssh/openssh_install_firstuse

 

https://docs.microsoft.com/en-us/windows-server/administration/openssh/openssh_server_configuration

 

https://rdr-it.com/en/openssh-client-and-server-installation-on-windows-server-2012r2-and-2016/

 

 

 

 

 

From: rundeck...@googlegroups.com <rundeck...@googlegroups.com> on behalf of rac...@rundeck.com <rac...@rundeck.com>
Date: Monday, March 7, 2022 at 6:34 AM
To: rundeck-discuss <rundeck...@googlegroups.com>
Subject: [rundeck] Re: URGENT: Windows Node: Domain account credentials not working:

Hi Eric,

 

1. Make sure that you're using the default PyWinRM plugin (out of the box with Rundeck).

2. This is important, you need to configure your windows box to receive WinRM connections, take a look at this.

3. Make sure to configure your windows node correctly, you have a good example here.

 

Regards.

On Monday, March 7, 2022 at 8:14:05 AM UTC-3 Eric Fanson wrote:

Followed this Rundeck documentation to run jobs on windows nodes. Have done the required configuration on the Windows nodes as well as on the Rundeck server. I am using the domain connected local admin accounts to connect to the Windows nodes. But the credentials are getting rejected with this error:

 

Any help will be greatly appreciated as I am stuck with this for more than a month now, and Rundeck team is not able to help/resolve the issue. 

--
You received this message because you are subscribed to the Google Groups "rundeck-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rundeck-discu...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/rundeck-discuss/896ea388-af3f-46a2-ab5a-9608d8bf7d1cn%40googlegroups.com.

[Eric Fanson]

Thanks for the information, I have configured the Python Winrm Plugin already, along with all the dependencies mentioned in the documentation, . But it still doesn't work and throw the invalid credentials error for both domain and non-domain admin accounts, what is missing or what is that I am doing wrong here ?

[rac...@rundeck.com]

Hi Eric,

1. Make sure to configure the Windows box properly (and verify that the port/service is reachable from the Rundeck instance side), you can test it following this.

2. Try using the Python 3 interpreter (and install the dependencies using pip3), you can set the path in Project Configuration > Default Node Executor > then set the WinRM Node Executor Python > Python interpreter textbox.

Regards.

[rac...@rundeck.com]

In addition, make sure to configure the Windows firewall properly, take a look at this.