I use 2.9 and playbook
---
- name: become as SYSTEM
win_whoami:
become: yes
become_method: runas
become_user: System
register: sys_whoami
- debug: var=sys_whoami
---
All work no problem.
Add line : ansible_become_flags: logon_type=new_credentials
logon_flags=netcredentials_only
ERROR:
---
An exception occurred during task execution. To see the full traceback, use
-vvv. The error was: at
System.Management.Automation.Interpreter.EnterTryCatchFinallyInstruction.Run(InterpretedFrame
frame)
fatal: [VM-WIN81-1.AD]: FAILED! => {"changed": false, "msg": "internal
error: failed to become user 'System': Exception calling
\"CreateProcessAsUser\" with \"9\" argument(s): \"Failed to get token for
NT AUTHORITY\\SYSTEM required for become as a service account or an account
without a password\""}
============================================
I change ansible to version 2.7
Both options work without any problems.
=====
wbinfo -n "NT AUTHORITY\\SYSTEM"
S-1-5-18 SID_WKN_GROUP (5)
wbinfo -s S-1-5-18
NT AUTHORITY\system 5
среда, 24 мая 2023 г. в 16:22:14 UTC+4, sergey....@gmail.com:
> Pardon my English.
> I have a fully configured CentOS 7. I want to overwrite a file from a
> remote samba server (it enters AD via winbind) to a remote windows computer
> in the same domain.
>
> In the beginning, nothing worked. I added a line:
> ansible_become_flags: logon_type=new_credentials
> logon_flags=netcredentials_only
>
> Ansible 2.7 worked without any problems but 2.9 doesn't work.
>
> Is this really broken in 2.9 ?
> (ansible 2.9 from epel el7)
>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/dabc92c4-855a-4319-bf89-45f56005ed91n%40googlegroups.com.
