Check and add AD user to local admin group (if it is not in) Open PowerShell window with admin priv Check the current WinRM listeners installed: winrm enumerate winrm/config/listener Show the current WinRM auth types available: winrm get winrm/config/Service If execution policy is not set: Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Scope LocalMachine Check execution policy is set: Get-ExecutionPolicy –List Download or copy ConfigureRemotingForAnsible.ps1 Powershell script from Ansible Github repo: wget -OutFile ConfigureRemotingForAnsible.ps1 Use Powershell script to configure WinRM listeners and auth for https and CredSSP: .\ConfigureRemotingForAnsible.ps1 -EnableCredSSP -DisableBasicAuth -Verbose Remove http listener (if anyone else not use): Get-ChildItem -Path WSMan:\localhost\Listener | Where-Object { $_.Keys -eq "Transport=HTTP" } | Remove-Item -Recurse -Force Restart WinRM service: Restart-Service WinRM