Let's say "basic: the specified credentials were rejected by the server" is being returned when attempting to connect to Window hosts.
~]$ ansible all -m win_ping -i win_hosts.yml
server1.example.com | FAILED! => {
"changed": false,
"msg": "basic: the specified credentials were rejected by the server",
"unreachable": true
}
"basic" means that the basic transport is being used (e.g. ansible_winrm_transport: basic). For example, perhaps you have something like this in your default hosts file or your own inventory file.
---
all:
hosts:
server1.example.com:
server2.example.com:
vars:
ansible_connection: winrm
ansible_winrm_transport: basic
ansible_user: johndoe
ansible_password: itsasecret
With basic, winrm (Windows Remote Management) will need to be set to allow unencrypted. By default, AllowUnencrypted is set to false, meaning that only encrypted connections are allowed. This can be seen with the winrm get winrm/config command.
PS C:\WINDOWS\system32> winrm get winrm/config
Config
Client
AllowUnencrypted = false
The following command can be used to allow unencrypted connections.
winrm set winrm/config/service '@{AllowUnencrypted="true"}'
Note that if NetworkCategory is Public . . .
PS C:\WINDOWS\system32> Get-NetConnectionProfile
Name : wifi.example.com
InterfaceAlias : Wi-Fi
InterfaceIndex : 6
NetworkCategory : Public
DomainAuthenciationKind : None
IPv4Connectivity : Internet
IPv6Connectivity : NoTraffic
You'll probably need to set it to private.
set-netconnectionprofile -networkcategory private
Did you find this article helpful?
If so, consider buying me a coffee over at