Example:How to configure WinRM internal if XLD is on Linux

Deploy does support the deployment to Windows targets by using WinRM protocoll:
https://docs.xebialabs.com/v.10.0/deploy/how-to/connect-xl-deploy-to-your-infrastructure/
But it is not easy due to the nature of the WinRM possible settings:
https://docs.xebialabs.com/v.10.0/deploy/how-to/troubleshoot-a-winrm-connection/

Specifically, if Deploy is running on Linux and Deploy targets are Windows it can be a challange.

One way is using WinRS proxy:https://support.digital.ai/hc/en-us/articles/360017219379-How-to-Connect-to-Windows-target-machines-using-a-winrs-proxy-with-XL-Deploy#how-to-connect-to-windows-target-machines-using-a-winrs-proxy-with-xl-deploy-0-0

But there is also a direct connection possible, for example:
Key Element/learning: SPNego works only if https for WinRM is used:

On the remote (deploy target machine)
Powershell-Console:
gci -Recurse cert:\LocalMachine\My | ? {$.EnhancedKeyUsageList -like “Server Authentication*” -and $.Subject -like “m999”} | Select Subject,Issuer,NotAfter,EnhancedKeyUsageList,ThumbPrint

Copy thumbprint and insert here:
cmd-Console:
winrm create winrm/config/Listener?Address=*+Transport=HTTPS @{Hostname=“XLDServerAdress”; CertificateThumbprint=""}

On the Deploy Machine itself
Under WinRM Setting of the target machine, you need to switch on “Enable HTTPS for WINRM”

conf/deployit-defaults.properties:
overthere.BaseSmbHost.winrmHttpsCertificateTrustStrategy=ALLOW_ALL

an an example of the krb5.conf on the XLD Machine:

    [libdefaults]
    default_realm = IN.COMPANYNAME.DE
    default_tkt_enctypes = aes256-cts-hmac-sha1-96
    default_tgs_enctypes = aes256-cts-hmac-sha1-96
    forwardable = true
    renewable = true
    noaddresses = true
    clockskew = 300
    [realms]
    IN.COMPANYNAME.DE = {
    kdc = DomainControllerIP:88
    default_domain = in.companyname.de
    }
    [domain_realm]
    .in.companyname.de = IN.COMPANYNAME.DE
1 Like