Hi, I've got a powershell script that I'm currently invoking using the script module - assuming I can get this working I'll probably turn it into a module, but I need to get over some issues first.
The purpose of the script is to configure Azure Online Backup on an on premise Windows Server. The script is working fine when run from an interactive powershell prompt. The script is getting passed some credentials, a resource group and a backup vault name. It invokes Add-AzureRmAccount (which suceeds) and then Get-AzureRMBackupVault which also succeeds (and returns the backup vault info). So clearly auth to Azure is working correctly. The next step is running Get-AzureRMBackupVaultCredentials which downloads a credential file to the local filesystem to be passed to Start-OBRegistration. That step works fine when the script is run interactively, but when the script is run by Ansible it fails with "The specified network password is not correct". I'm guessing that for some reason Get-AzureRMBackupVaultCredentials authenticates to Azure in a different way than the other Azure Powershell scripts and that is in some way incompatible with (or disallowed from) Powershell Remote Sessions. A slight punt of doing 'Enable-WSManCredSSP -Role "Client" -DelegateComputer "*"' but that didn't help.. Has anyone had any similar experiences with using the Azure Powershell cmdlets in a script run by Ansible? I realise this is probably verging on more of a powershell vs Ansible question.. There may be a way to do the equivalent of Get-AzureRMBackupVaultCredentials via the Azure API - I'll have a look at that if I can't resolve this issue. Script is below if anyone wants to try it, it assumes an existing Resource Group, Vault and the Azure Recovery Services client installed. thanks, Barney. -- Barney Sowood bar...@sowood.co.uk param( [Parameter(Mandatory=$True)] [string]$Username=$null, [Parameter(Mandatory=$True)] [string]$Password=$null, [Parameter(Mandatory=$True)] [string]$ResourceGroup=$null, [Parameter(Mandatory=$True)] [string]$VaultName=$null, [Parameter(Mandatory=$True)] [string]$EncryptionPassphrase=$null ) $ErrorActionPreference = "Stop" # Login to Azure $securePassword = ConvertTo-SecureString $Password -AsPlainText -Force $azureCreds = New-Object System.Management.Automation.PSCredential($Username, $securePassword) Add-AzureRmAccount -Credential $azureCreds # Get the backup vault $backupVault = Get-AzureRMBackupVault –ResourceGroupName $ResourceGroup –Name $VaultName # Download backup creds $credsFilename = Get-AzureRMBackupVaultCredentials -Vault $backupVault -TargetLocation $env:TMP # Register host $creds = $env:TMP + "\" + $credsFilename Start-OBRegistration -VaultCredentials $creds -Confirm:$false # Cleanup creds Remove-Item -Force $creds # Set encryption passphrase ConvertTo-SecureString -String $EncryptionPassphrase -AsPlainText -Force | Set-OBMachineSetting -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/1473183499.2382679.717424553.67ACFDC8%40webmail.messagingengine.com. For more options, visit https://groups.google.com/d/optout.