WinRM Auth from Container


#1

I've got some inspec tests I'm trying to run to find noncompliant servers in my test environment. For sundry reasons I want to run them out of a container, so I'm using the Inspec container from dockerhub as a base. However I'm getting WinRM authorization errors with frightful regularity from the container, whether running on my laptop's docker host or the onsite docker host. To wit:

inspec exec ./web-profile-here/ --host some.web.server -b winrm --user domain\user --password pass

(I've hit the level of literally cut n' pasting it)

Will produce normal results if I run it from Powershell on my machine, but if I run it in the container it'll throw WINRM Authorization errors every single time. I'm assuming at the moment this has to do with how the WinRM Gem operates between Linux and Windows, but I'm at a loss to know where to look next.

Thanks!


#2

Got it, courtesy of overhearing a coworker complaining about VMWare WinRM operations.

Domain\user doesn't seem to translate to Train (the library under the hood.) Using user@domain in the explicit format as above (rather than Someone@WinRM://someserver) works swimmingly.