PSRemoting with kitchen failing after entering user password

[amousa1968]

🗣️ Foreword

Thank for taking the time to fill this bug report fully. Without it we may not be able to fix the bug, and the issue may be closed without resolution.

👻 PSRemoting with kitchen failing after entering user password

A clear and concise description of what the bug is. see below,

Steps to reproduce:

1. I have an platform9 openstack windows 2016 image with the following:
2. windows image hardcode user and password (chefadmin/password left blank)
3. enabled winrm port 5985 and 5986 complete open
4. disabled firewall
5. openstack driver_config:
   user_data: userdata.txt
   driver:
   name: openstack
   config_drive: true

cat userdata.txt
#cloud-config
runcmd:

Creates local user with static password

• net user chefadmin ENTER_PASSWORD /add /expires:never /y

adds user to local adminstrators group

• net localgroup administrators chefadmin /add

echos date and time to local file.

• echo %date% %time% > c:\datetime.txt

Cloud-config LOG FILE LOCATION on the instance:

"c:\program files\Cloudbase Solutions\Cloudbase-Init\log"

Add winrm quickconfig argu

• winrm set winrm/config/client/auth @{Basic="true"}
• winrm set winrm/config/service/auth @{Basic="true"}
• winrm set winrm/config/service @{AllowUnencrypted="true"}

Version

[Version of the project installed]

Product Version Chef Workstation version: 21.6.497
Chef Infra Client version: 17.2.29
Chef InSpec version: 4.37.30
Chef CLI version: 5.1.0
Chef Habitat version: 1.6.319
Test Kitchen version: 2.12.0
Cookstyle version: 7.13.0

Environment

Windows 2016
openstack driver using base image

Scenario

[What you are trying to achieve and you can't?]

Steps to Reproduce

1. cd to chef-repo/cookbook
   [centos@dc01-kitchen cis-windows-ms-2016test]
   $ kitchen converge --log-level debug

2. kitchen creat the instance

3. assign floting id

4. -----> Starting Test Kitchen (v3.0.0)
   D Policyfile found at /home/centos/chef-repo/cookbooks/cis-windows-ms-2016test/Policyfile.rb, using Policyfile to resolve cookbook dependencies
   D winrm requested, loading winrm gem (["> 2.0"])
   D winrm was already loaded.
   D winrm-fs requested, loading winrm-fs gem (["> 1.0"])
   D winrm-fs is loaded.
   D winrm-elevated requested, loading winrm-elevated gem (["~> 1.0"])
   D winrm-elevated is loaded.
   -----> Creating ...
   D Selected image: 48723aaf-ea10-4ba4-8bc9-33013482f6d2 win2016-desktop-cloudinit-v3
   D Selected flavor: 5 m1.xlarge
   OpenStack instance with ID of <108be033-96fd-44ff-b3ea-1f68cb3d0e4c> is ready.
   D Waiting for VM to be in ACTIVE state for a max time of:300 seconds
   Attaching floating IP from pool
   Created floating IP <10.74.128.128> from pool
   Attaching floating IP <10.74.128.128>
   D Using floating ip: 10.74.128.128
   Sleeping for 300 seconds to let your server start up...
   .............................. Waiting for server to be ready...
   D [WinRM] <{:endpoint=>"http://10.74.128.128:5985/wsman", :user=>"chefadmin", :password=>"REMOVE_PASSWORD", :transport=>:negotiate, :elevated_username=>"chefadmin", :elevated_password=>"REMOVE_PASSWORD", :no_ssl_peer_verification=>true, :disable_sspi=>false, :basic_auth_only=>false}> (Write-Host '[WinRM] Established
   ')
   D [WinRM] opening remote shell on http://10.74.128.128:5985/wsman

5. while wait test WSMan from a remote server using powershell
   PS:>> Test-WSMan assigned IP address

6. Execute Enter-PSSession -ComputerName 10.74.128.128 -Credential chefadmin

Password popup windows displayed see below….. and When I enter the password I am logged in with errors our

screen popup:
Enter your credentials
user name: chefadmin
password: entered password

Actual Result

Tried it from a windows job server

PS C:\Users\mousaa> Enter-PSSession -ComputerName 10.74.128.128 -Credential chefadmin

Enter-PSSession : Connecting to remote server 10.74.128.128 failed with the following error message : The WinRM client
cannot process the request. Default authentication may be used with an IP address under the following conditions: the
transport is HTTPS or the destination is in the TrustedHosts list, and explicit credentials are provided. Use
winrm.cmd to configure TrustedHosts. Note that computers in the TrustedHosts list might not be authenticated. For more
information on how to set TrustedHosts run the following command: winrm help config. For more information, see the
about_Remote_Troubleshooting Help topic.
At line:1 char:1

• Enter-PSSession -ComputerName 10.74.128.128 -Credential chefadmin

•   + CategoryInfo          : InvalidArgument: (10.74.128.128:String) [Enter-PSSession], PSRemotingTransportException
    + FullyQualifiedErrorId : CreateRemoteRunspaceFailed
  

[What actually happens after the reproduction steps?]

Note, I have screenshots to upload to the ticket upon request

@nrgetik
#218

[amousa1968]

#219.pdf

Note, I am able to rdp to the ip address and able to login with the userid and password, and the same same things logging to the instance from openstack vcp url accept not able to login using PS C:\Users\mousaa> Enter-PSSession -ComputerName 10.74.128.128 -Credential chefadmin after entering password errors out
Enter-PSSession : Connecting to remote server 10.74.128.128 failed with the following error message : The WinRM client
cannot process the request. Default authentication may be used with an IP address under the following conditions: the
transport is HTTPS or the destination is in the TrustedHosts list, and explicit credentials are provided. Use
winrm.cmd to configure TrustedHosts. Note that computers in the TrustedHosts list might not be authenticated. For more
information on how to set TrustedHosts run the following command: winrm help config. For more information, see the
about_Remote_Troubleshooting Help topic.

I made sure the trusted TrustedHosts set and enabled and same error

[amousa1968]

File include screenshots attached