ansible winrm question

Janus Bariñan 1,126 Reputation points
2021-06-24T09:04:02.373+00:00

another team wants to implement ansible and integrate it with windows AD.

They want to run these commands on the Domain Controller:
winrm set winrm/config/service/auth '@{Basic="true"}'
winrm set winrm/config/service '@{AllowUnencrypted="true"}

Now we have 8 Domain Controllers, If I run this command to just one Domain Controller will it replicate to other DCs?

What will be the implications if basic authentication and allowunencrypted is set to true?

Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
12,943 questions
0 comments No comments
{count} votes

4 answers

Sort by: Most helpful
  1. Vicky Wang 2,731 Reputation points
    2021-06-25T09:48:12.433+00:00

    If you’re running a network of any kind and only have one domain controller, you’re living in a house with one door. If something happens to that domain controller, your whole system of servers falls apart. Always have more than one domain controller (DC).

    But how do you make sure that both domain controllers have the same information? Let’s say you made a security-related change on one DC. You want to make sure that change is replicated on your other DCs immediately. Why wait 15 minutes or more for it to happen by schedule? You need to force replication of the domain controllers in Active Directory.

    There are 3 ways to approach this; through the graphical user interface (GUI), through the command-line interface (CLI), or via PowerShell.

    reference:https://helpdeskgeek.com/how-to/active-directory-force-replication/

    Hope this information can help you

    Best wishes

    Vicky

    0 comments No comments

  2. Vicky Wang 2,731 Reputation points
    2021-06-28T08:00:02.273+00:00

    Hi,

    Welcome to share your current situation if there are any updates.

    Please feel free to let us know if you need further assistance.

    Best Regards,
    Vicky

    0 comments No comments

  3. Vicky Wang 2,731 Reputation points
    2021-06-30T09:15:30.933+00:00

    Hi,

    Welcome to share your current situation if there are any updates.

    Please feel free to let us know if you need further assistance.

    Best Regards,
    Vicky

    0 comments No comments

  4. Janus Bariñan 1,126 Reputation points
    2021-06-30T11:03:11.82+00:00

    Hi Sorry for the late reply.

    How about this? if these commands are ran in a domain environment what would be the security implications?
    winrm set winrm/config/service/auth '@{Basic="true"}'
    winrm set winrm/config/service '@{AllowUnencrypted="true"}

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.