Winrm basic: the specified credentials were rejected by the server error

Question

Trying to connect to a windows host from a Linux Zorin control Host by using Ansible. Installed winrm in the windows machine and set all the required authentication methods to True.

Configuration of winrm in the Window Host

PS C:\WINDOWS\system32> winrm get winrm/config
Config
    MaxEnvelopeSizekb = 500
    MaxTimeoutms = 60000
    MaxBatchItems = 32000
    MaxProviderRequests = 4294967295
    Client
        NetworkDelayms = 5000
        URLPrefix = wsman
        AllowUnencrypted = true
        Auth
            Basic = true
            Digest = true
            Kerberos = true
            Negotiate = true
            Certificate = true
            CredSSP = false
        DefaultPorts
            HTTP = 5985
            HTTPS = 5986
        TrustedHosts
    Service
        RootSDDL = O:NSG:BAD:P(A;;GA;;;BA)(A;;GXGR;;;S-1-5-21-2039588290-1060779563-2652726705-1011)(A;;GR;;;IU)S:P(AU;FA;GA;;;WD)(AU;SA;GXGW;;;WD)
        MaxConcurrentOperations = 4294967295
        MaxConcurrentOperationsPerUser = 1500
        EnumerationTimeoutms = 240000
        MaxConnections = 300
        MaxPacketRetrievalTimeSeconds = 120
        AllowUnencrypted = false
        Auth
            Basic = true
            Kerberos = true
            Negotiate = true
            Certificate = false
            CredSSP = false
            CbtHardeningLevel = Relaxed
        DefaultPorts
            HTTP = 5985
            HTTPS = 5986
        IPv4Filter = *
        IPv6Filter = *
        EnableCompatibilityHttpListener = false
        EnableCompatibilityHttpsListener = false
        CertificateThumbprint
        AllowRemoteAccess = true
    Winrs
        AllowRemoteShellAccess = true
        IdleTimeout = 7200000
        MaxConcurrentUsers = 2147483647
        MaxShellRunTime = 2147483647
        MaxProcessesPerShell = 2147483647
        MaxMemoryPerShellMB = 2147483647
        MaxShellsPerUser = 2147483647

Even after setting the Basic = true, getting the specified creds were rejected error. Tried making AllowUnencrypted = true, but it is showing following error message:

WSManFault Message ProviderFault WSManFault Message = WinRM firewall exception will not work since one of the network connection types on this machine is set to Public. Change the network connection type to either Domain or Private and try again.

Tried changing the network connection type to private. And tried making AllowUnencrypted = true, getting the same error again as above(WinRM firewall exception will not work since one of the network connection types on this machine is set to Public. Change the network connection type to either Domain or Private and try again.)

Tried adding a firewall exception rule to the port 5985 too on the windows host. Tried giving the permissions of Read and Execute to the user by winrm configsddl default also. Even though not working.

Giving the right credentials. The hosts file of ansible is as follows:

[win]
<IP>

[win:vars]
ansible_user=<username>
ansible_password=<password>
ansible_connection=winrm
ansible_winrm_scheme=http
ansible_winrm_transport=basic
ansible_winrm_port=5985
ansible_winrm_server_cert_validation=ignore

Trying the following ansible command:

ansible win -i hosts -m win_ping

I tried everything i found in the internet, but not able to establish the connection through winrm.

I will be thankful to anyone who provides the solution. My eyes are bleeding red from watching the error on the screen from 4 days.

Answer 1

After hours of trail and error @SKumar s answwer to his own question worked for me.

On the Windows side, there's no need for basic auth and AllowUnencrypted! For me on a plain Windows 10 LTSC 2021 I just had to start a powershell as admin and type these two commands:

winrm quickconfig -q
Restart-Service WinRM

And this is the inventory that worked for me:

win:
  hosts:
    192.168.100.201:
  vars:
    ansible_user: Administrator
    ansible_password: mySecurePassword
    ansible_connection: winrm
    ansible_port: 5985
    ansible_winrm_transport: ntlm

Answer 2

I changed the ansible_winrm_transport from basic to ntlm. It resolved my issue.