Not able to RDP after hardening of Windows server 2022 OS

ansible-lockdown / Windows-2022-CIS

CIS Baseline Ansible Role for Windows 2022

MIT License

72 stars 31 forks source link

Not able to RDP after hardening of Windows server 2022 OS #22

Closed vivekbangare closed 9 months ago

vivekbangare commented 1 year ago

Question

After applying for WINDOWS-2022-CIS roles, I cannot RDP after the reboot of Windows server 2022, what's needs to be done to fix the issue?

Environment :

Ansible Version: [ 2.14.6 ]
Host Python Version: [ Python 3.9.18 ]
Ansible Server Python Version: [ Python 3.9.18 ]
Additional Details: I am creating golden image AMI with the help of WINDOWS-2022-CIS roles, but as soon as all tasks are completed and I restart of machine, I am not able to login to my new machine.

frederickw082922 commented 1 year ago

Good day @vivekbangare ! Thank you for your feedback! Not sure if you are using main or devel. Devel has the lastest controls. 18.10.57.3.9.4 Control could be the control causing your RDP behavior! Please try setting win22cis_rule_18_10_57_3_9_3 in defaults/main.yml to false. Then try on a fresh machine! Side note Keep us posted! You can also ping us on Discord at https://www.lockdownenterprise.com/discord

frederickw082922 commented 9 months ago

@vivekbangare Also, we have found several different issues with RDP and WinRM when applying the CIS Controls. In our testing of the roles, we have a variable that we set to true to skip the tasks we have identified that cause RDP changes.

Please try setting the following variable:

default/main.yml win_skip_for_test: true

Keep us posted on your behavior.

thank you!

frederickw082922 commented 9 months ago

No follow-up response from @vivekbangare !

Closing #22