From 14b13ca296f1428c605a75ca4c95bc3a733b9c8e Mon Sep 17 00:00:00 2001 From: Fabio Scotto di Santolo Date: Thu, 2 Apr 2026 14:06:12 +0200 Subject: [PATCH] Use negotiate for Windows PSRP by default --- AGENTS.md | 2 +- README.md | 2 +- ansible/inventory/group_vars/workstation_host_windows.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/AGENTS.md b/AGENTS.md index aa93494..2b78e31 100644 --- a/AGENTS.md +++ b/AGENTS.md @@ -160,7 +160,7 @@ There is no pytest, Molecule, or unit-test suite. Use the narrowest command matc - `profile_workstation_dev_common` carries the Ubuntu dev layer shared by native workstation and WSL Ubuntu - `profile_workstation_gnome` now carries Linux host-only GNOME setup, extensions, and UFW - `profile_workstation_dev_wsl` carries WSL-specific Ubuntu tweaks such as `systemd` -- `profile_workstation_host_windows` manages the Windows host via PSRP over HTTPS and installs host applications via `winget` called from `win_powershell` +- `profile_workstation_host_windows` manages the Windows host via PSRP over HTTPS using `negotiate` by default and installs host applications via `winget` called from `win_powershell` - `deadalus-wsl` is modeled as a local inventory target intended to be run from inside the Ubuntu WSL distro - Do not auto-restart `emptty` during playbook runs on active desktop hosts; prefer a manual restart from SSH or another TTY after the run - `dotfiles/desktop/.xinitrc` is part of the X11 session bootstrap path; changes there affect login behavior diff --git a/README.md b/README.md index 8f0d9e1..5122beb 100644 --- a/README.md +++ b/README.md @@ -154,7 +154,7 @@ Unblock-File .\scripts\bootstrap_windows_workstation.ps1 6. lanciare da WSL anche il playbook su `deadalus-win` via `psrp` per configurare l'host Windows 7. usare VS Code con le estensioni Remote (`WSL`, `SSH`, `Dev Containers`) dal lato Windows -Per il remoting Windows il repository usa di default `PSRP` con `NTLM` su `HTTPS/5986`. L'utente di default puo essere un `MicrosoftAccount\...`, con host, utente e password forniti via vault o extra vars. +Per il remoting Windows il repository usa di default `PSRP` con `Negotiate` su `HTTPS/5986`. L'utente di default puo essere un `MicrosoftAccount\...`, con host, utente e password forniti via vault o extra vars. --- diff --git a/ansible/inventory/group_vars/workstation_host_windows.yml b/ansible/inventory/group_vars/workstation_host_windows.yml index 11e0f85..3d35d14 100644 --- a/ansible/inventory/group_vars/workstation_host_windows.yml +++ b/ansible/inventory/group_vars/workstation_host_windows.yml @@ -1,6 +1,6 @@ --- ansible_connection: psrp -ansible_psrp_auth: ntlm +ansible_psrp_auth: negotiate ansible_psrp_cert_validation: ignore ansible_psrp_protocol: https ansible_port: 5986