'Ansible Windows Kerberos Authentification Bad HTTP response returned from server Code 500

After configuring winRM on a windows server and filling all needed information to connect :

---
### winrm / win connection ###
ansible_winrm_realm: *My AD Domain*
ansible_connection: winrm
ansible_winrm_kerberos_delegation: yes
ansible_port: 5985
ansible_winrm_transport: kerberos

I got an

fatal: [MyServer]: UNREACHABLE! => {"changed": false, "msg": "kerberos: ('http', 'Bad HTTP response returned from server. Code 500')", "unreachable": true}

I have tried a lot of things including changing my configuration and checking if the WinRm is reachable and it was all good :

C:\Users\ME>winrs -r :http://myserver:5985/wsman -u:My_User -p:Password ipconfig

My WinRM Config :

PS C:\Users\XXXX> winrm get winrm/config/Service
Service
    MaxConcurrentOperations = 4294967295
    MaxConcurrentOperationsPerUser = 1500
    EnumerationTimeoutms = 240000
    MaxConnections = 300
    MaxPacketRetrievalTimeSeconds = 120
    AllowUnencrypted = false
    Auth
        Basic = false
        Kerberos = true
        Negotiate = true
        Certificate = false
        CredSSP = false
        CbtHardeningLevel = Relaxed
    DefaultPorts
        HTTP = 5985
        HTTPS = 5986
    IPv4Filter = *
    IPv6Filter = *
    EnableCompatibilityHttpListener = false
    EnableCompatibilityHttpsListener = false
    CertificateThumbprint
    AllowRemoteAccess = true


PS C:\Users\XXXX> winrm get winrm/config/Winrs
Winrs
    AllowRemoteShellAccess = true
    IdleTimeout = 7200000
    MaxConcurrentUsers = 2147483647
    MaxShellRunTime = 2147483647
    MaxProcessesPerShell = 2147483647
    MaxMemoryPerShellMB = 2147483647
    MaxShellsPerUser = 2147483647


Solution 1:[1]

Since i'm trying to use HTTP instead of HTTPS, the solution is to change the WinRm service config to allow encrypted connections by running the following command :

Set-Item -Path WSMan:\localhost\Service\AllowUnencrypted -Value true

Solution 2:[2]

I ran into this exception and the solution for me was to install the python-kerberos wrapper.

pip3 install pywinrm[kerberos]

Solution 3:[3]

Finally solved by upgrading pykerberos to 1.2.1 version

pip3 install pykerberos --upgrade

As workaround you can use python2 to run this playbook:

/usr/bin/python2 /usr/bin/ansible-playbook WindowsTest.yml 

Solution 4:[4]

Below command on host node resolved the issue. We need to accept unencrypted traffic.

Set-Item -Path WSMan:\localhost\Service\AllowUnencrypted -Value true

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 Omar BISTAMI
Solution 2 Mohnish
Solution 3 Artem Brodetskiy
Solution 4 β.εηοιτ.βε