The domain status of the Ansible controller shouldn't matter. If DNS is
working, the typical remaining causes of that error are not using the FQDN
of the target host in your Ansible inventory, or that the host's HTTP SPN
has been reassigned to another user.
Also, if you don't absolutely need to use Kerberos, NTLM or CredSSP are
much easier ways to do domain user auth...
On Thursday, June 8, 2017 at 8:59:34 AM UTC-7, Jim Heald wrote:
>
> I'm trying to use Ansible to log into a Windows host, and I'm having
> issues logging in.
>
> 1. My Ansible server is joined to the domain
> 2. DNS lookup works, as well as in reverse
> 3. I can log into the Windows hosts as a local user through Ansible
> 4. Running something like "id <user>@<domain>" works on my Ansible
> server
>
> The error I am getting is this: "msg": "kerberos: authGSSClientStep()
> failed: (('Unspecified GSS failure. Minor code may provide more
> information', 851968), ('Server not found in Kerberos database',
> -1765328377))",
>
> I can ping the host, and like I said both DNS and Reverse DNS work. I know
> for sure the host is joined to the domain, and I'm pretty certain the Linux
> server is joined to the domain. Any suggestions?
>
> Thanks!
>
>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/a7ea176e-8c52-43f6-abdc-b8739c017220%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
