Can't knife winrm to Windows box?


#1

I’ve done everything described here. In my case it’s a Windows Server 2012 R2 box.
https://docs.getchef.com/plugin_knife_windows.html

knife winrm … gives

[root@bserver ~]# knife winrm “mynode.domain.com” “dir” -m -x Administrator -P myPW -p 5986
ERROR: Network Error: Connection refused - connect(2) (https://mynode.domain.com:5986)
Check your knife configuration and network settings

Any clues? Any more debugging steps I can take?

Thanks,
Chris


#2

On Wednesday, November 12, 2014 at 4:09 PM, Fouts, Chris wrote:

I’ve done everything described here. In my case it’s a Windows Server 2012 R2 box.
https://docs.getchef.com/plugin_knife_windows.html

knife winrm …………… gives

[root@bserver ~]# knife winrm “mynode.domain.com (http://mynode.domain.com)” “dir” -m -x Administrator -P myPW -p 5986
ERROR: Network Error: Connection refused - connect(2) (https://mynode.domain.com:5986)
Check your knife configuration and network settings

Any clues? Any more debugging steps I can take?

Thanks,
Chris

Connection refused means that either nothing is listening on that port on that host, or there is a firewall that makes it look like nothing is listening on that port on that host.


Daniel DeLeo


#3

-----Original Message-----
From: Daniel DeLeo [mailto:ddeleo@kallistec.com] On Behalf Of Daniel DeLeo
Sent: Wednesday, November 12, 2014 7:12 PM
To: chef@lists.opscode.com
Subject: [chef] Re: Can’t knife winrm to Windows box?

On Wednesday, November 12, 2014 at 4:09 PM, Fouts, Chris wrote:

I’ve done everything described here. In my case it’s a Windows Server 2012 R2 box.
https://docs.getchef.com/plugin_knife_windows.html

knife winrm …………… gives

[root@bserver ~]# knife winrm “mynode.domain.com
(http://mynode.domain.com)” “dir” -m -x Administrator -P myPW -p 5986
ERROR: Network Error: Connection refused - connect(2)
(https://mynode.domain.com:5986) Check your knife configuration and
network settings

Any clues? Any more debugging steps I can take?

Thanks,
Chris

Connection refused means that either nothing is listening on that port on that host, or there is a firewall that makes it look like nothing is listening on that port on that host.


Daniel DeLeo

Yes of course, but why? I’ve done all in the link I posted?

Chris


#4

-----Original Message-----
From: Daniel DeLeo [mailto:ddeleo@kallistec.com] On Behalf Of Daniel DeLeo
Sent: Wednesday, November 12, 2014 7:12 PM
To: chef@lists.opscode.com
Subject: [chef] Re: Can’t knife winrm to Windows box?

On Wednesday, November 12, 2014 at 4:09 PM, Fouts, Chris wrote:

I’ve done everything described here. In my case it’s a Windows Server 2012 R2 box.
https://docs.getchef.com/plugin_knife_windows.html

knife winrm …………… gives

[root@bserver ~]# knife winrm “mynode.domain.com
(http://mynode.domain.com)” “dir” -m -x Administrator -P myPW -p 5986
ERROR: Network Error: Connection refused - connect(2)
(https://mynode.domain.com:5986) Check your knife configuration and
network settings

Any clues? Any more debugging steps I can take?

Thanks,
Chris

Connection refused means that either nothing is listening on that port on that host, or there is a firewall that makes it look like nothing is listening on that port on that host.


Daniel DeLeo

I did this

[root@server ~]# nmap -p 5985 mynode.domain.com

Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2014-11-12 19:15 EST
Interesting ports on :
PORT STATE SERVICE
5985/tcp open unknown

Nmap finished: 1 IP address (1 host up) scanned in 0.205 seconds


#5

5985 != 5986

On Wed, Nov 12, 2014 at 4:18 PM, Fouts, Chris Chris.Fouts@sensus.com
wrote:

-----Original Message-----
From: Daniel DeLeo [mailto:ddeleo@kallistec.com] On Behalf Of Daniel DeLeo
Sent: Wednesday, November 12, 2014 7:12 PM
To: chef@lists.opscode.com
Subject: [chef] Re: Can’t knife winrm to Windows box?

On Wednesday, November 12, 2014 at 4:09 PM, Fouts, Chris wrote:

I’ve done everything described here. In my case it’s a Windows Server
2012 R2 box.
https://docs.getchef.com/plugin_knife_windows.html

knife winrm …………… gives

[root@bserver ~]# knife winrm “mynode.domain.com
(http://mynode.domain.com)” “dir” -m -x Administrator -P myPW -p 5986
ERROR: Network Error: Connection refused - connect(2)
(https://mynode.domain.com:5986) Check your knife configuration and
network settings

Any clues? Any more debugging steps I can take?

Thanks,
Chris

Connection refused means that either nothing is listening on that port on
that host, or there is a firewall that makes it look like nothing is
listening on that port on that host.


Daniel DeLeo

I did this

[root@server ~]# nmap -p 5985 mynode.domain.com

Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2014-11-12 19:15
EST
Interesting ports on :
PORT STATE SERVICE
5985/tcp open unknown

Nmap finished: 1 IP address (1 host up) scanned in 0.205 seconds


#6

On Wed, Nov 12, 2014 at 4:18 PM, Fouts, Chris Chris.Fouts@sensus.com
wrote:

-----Original Message-----
From: Daniel DeLeo [mailto:ddeleo@kallistec.com] On Behalf Of Daniel DeLeo
Sent: Wednesday, November 12, 2014 7:12 PM
To: chef@lists.opscode.com
Subject: [chef] Re: Can’t knife winrm to Windows box?

On Wednesday, November 12, 2014 at 4:09 PM, Fouts, Chris wrote:

I’ve done everything described here. In my case it’s a Windows Server
2012 R2 box.
https://docs.getchef.com/plugin_knife_windows.html

knife winrm …………… gives

[root@bserver ~]# knife winrm “mynode.domain.com
(http://mynode.domain.com)” “dir” -m -x Administrator -P myPW -p 5986
ERROR: Network Error: Connection refused - connect(2)
(https://mynode.domain.com:5986) Check your knife configuration and
network settings

Any clues? Any more debugging steps I can take?

Thanks,
Chris

Connection refused means that either nothing is listening on that port on
that host, or there is a firewall that makes it look like nothing is
listening on that port on that host.


Daniel DeLeo

I did this

[root@server ~]# nmap -p 5985 mynode.domain.com

Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2014-11-12 19:15
EST
Interesting ports on :
PORT STATE SERVICE
5985/tcp open unknown

Nmap finished: 1 IP address (1 host up) scanned in 0.205 seconds

You’re testing 5985, but in your knife winrm example, you have 5986. Are
you trying for a secure or insecure connection?


Galen Emery


#7

Sorry wrong port on previous post…

[root@server ~]# nmap -p 5986 mynode.domain.com

Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2014-11-12 19:18 EST
Interesting ports on :
PORT STATE SERVICE
5986/tcp filtered unknown

Nmap finished: 1 IP address (1 host up) scanned in 0.358 seconds

-----Original Message-----
From: Daniel DeLeo [mailto:ddeleo@kallistec.com] On Behalf Of Daniel DeLeo
Sent: Wednesday, November 12, 2014 7:12 PM
To: chef@lists.opscode.com
Subject: [chef] Re: Can’t knife winrm to Windows box?

On Wednesday, November 12, 2014 at 4:09 PM, Fouts, Chris wrote:

I’ve done everything described here. In my case it’s a Windows Server 2012 R2 box.
https://docs.getchef.com/plugin_knife_windows.html

knife winrm …………… gives

[root@bserver ~]# knife winrm “mynode.domain.com
(http://mynode.domain.com)” “dir” -m -x Administrator -P myPW -p 5986
ERROR: Network Error: Connection refused - connect(2)
(https://mynode.domain.com:5986) Check your knife configuration and
network settings

Any clues? Any more debugging steps I can take?

Thanks,
Chris

Connection refused means that either nothing is listening on that port on that host, or there is a firewall that makes it look like nothing is listening on that port on that host.


Daniel DeLeo


#8

State = filtered would indicate to me that you have it firewalled off.

  • Julian

On Wed, Nov 12, 2014 at 7:21 PM, Fouts, Chris Chris.Fouts@sensus.com wrote:

Sorry wrong port on previous post…

[root@server ~]# nmap -p 5986 mynode.domain.com

Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2014-11-12 19:18 EST
Interesting ports on :
PORT STATE SERVICE
5986/tcp filtered unknown

Nmap finished: 1 IP address (1 host up) scanned in 0.358 seconds


[ Julian C. Dunn jdunn@aquezada.com * Sorry, I’m ]
[ WWW: http://www.aquezada.com/staff/julian * only Web 1.0 ]
[ gopher://sdf.org/1/users/keymaker/ * compliant! ]
[ PGP: 91B3 7A9D 683C 7C16 715F 442C 6065 D533 FDC2 05B9 ]