Re: [ansible-project] ansible - shell module using expect
On Tue, Oct 8, 2019, at 8:58 AM, Troy Cosson wrote: [re-ordered] > > > On Monday, October 7, 2019 at 4:12:36 PM UTC-5, James Cassell wrote:On > Mon, Oct 7, 2019, at 4:19 PM, Troy Cosson wrote: > > > I'm trying to get a Red Hat server (RHEL7) to join a Windows Active > > > Directory domain and I can't seem to get the expect command to send a > > > password. > > > > > > The playbook asks for the username and password and should then put the > > > username at the end of the adcl command > > > adcli join example.com -U administratorName > > > This returns a prompt of > > > Password for administ...@example.com: > > > The expect portion 'should' see this and send the password > > > The ansible example is here > > > https://docs.ansible.com/ansible/latest/modules/shell_module.html#shell-module > > > (# You can use shell to run other executables to perform actions inline) > > > > > > I've added -v to the adcli command to try and check whats happening, > > > but it didn't really shed any light. > > > Neither did ansible-playbook -vvv filename.yml, but maybe I just can't > > > read it well. > > > The example below has example.com instead of my actual domain but > > > otherwise is identical. > > > Does anyone have any suggestions on why the expect/send portion isn't > > > working?: > > > > > > --- > > > - hosts: 127.0.0.1 > > > vars_prompt: > > > - name: username > > > prompt: "What is your Active Directory administrator username?" > > > private: no > > > - name: password > > > prompt: "What is your administrator password?" > > > private: yes > > > tasks: > > > - name: join the domain > > > shell: | > > > set timeout 300 > > > spawn /usr/sbin/adcli -v join example.com -U {{username}} > > > expect "Password for {{usern...@example.com: " > > > send "{{password}}\r" > > > interact > > > exit 0 > > > args: > > > executable: /usr/bin/expect > > > delegate_to: localhost > > > > > > > > > > Try \n instead of \r. This is more a question about expect than ansible. > > You'll also have to worry about special chars in the password, as parsed by > > TCL. (Obviously you need the expect command available on the target > > system.) > > > > A better approach might be to pass the password in args: stdin and use > > --stdin-password > > > I skimmed right over the --stdin-password from the man page. > That's way simpler. > - Thanks > > --- > - hosts: 127.0.0.1 > vars_prompt: > - name: username > prompt: "What is your Active Directory administrator username?" > private: no > > - name: password > prompt: "What is your administrator password?" > private: yes > > tasks: > - name: join the domain > shell: echo -n "{{password}}" | adcli join --stdin-password > example.com.com -U {{username}} better to avoid password being (briefly) accessible to all on the system, and to skip escaping worries: command: adcli join --stdin-password example.com.com -U {{username}} args: stdin: "{{password}}" stdin_add_newline: no V/r, James Cassell -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/651d7050-a0c5-4365-859a-db2dbb11322d%40www.fastmail.com.
Re: [ansible-project] ansible - shell module using expect
I skimmed right over the --stdin-password from the man page. That's way simpler. - Thanks --- - hosts: 127.0.0.1 vars_prompt: - name: username prompt: "What is your Active Directory administrator username?" private: no - name: password prompt: "What is your administrator password?" private: yes tasks: - name: join the domain shell: echo -n "{{password}}" | adcli join --stdin-password example.com.com -U {{username}} On Monday, October 7, 2019 at 4:12:36 PM UTC-5, James Cassell wrote: > > On Mon, Oct 7, 2019, at 4:19 PM, Troy Cosson wrote: > > I'm trying to get a Red Hat server (RHEL7) to join a Windows Active > > Directory domain and I can't seem to get the expect command to send a > > password. > > > > The playbook asks for the username and password and should then put the > > username at the end of the adcl command > > adcli join example.com -U administratorName > > This returns a prompt of > > Password for administ...@example.com : > > The expect portion 'should' see this and send the password > > The ansible example is here > > > https://docs.ansible.com/ansible/latest/modules/shell_module.html#shell-module > > (# You can use shell to run other executables to perform actions inline) > > > > I've added -v to the adcli command to try and check whats happening, > > but it didn't really shed any light. > > Neither did ansible-playbook -vvv filename.yml, but maybe I just can't > > read it well. > > The example below has example.com instead of my actual domain but > > otherwise is identical. > > Does anyone have any suggestions on why the expect/send portion isn't > > working?: > > > > --- > > - hosts: 127.0.0.1 > > vars_prompt: > > - name: username > > prompt: "What is your Active Directory administrator username?" > > private: no > > - name: password > > prompt: "What is your administrator password?" > > private: yes > > tasks: > > - name: join the domain > > shell: | > > set timeout 300 > > spawn /usr/sbin/adcli -v join example.com -U {{username}} > > expect "Password for {{usern...@example.com : " > > send "{{password}}\r" > > interact > > exit 0 > > args: > > executable: /usr/bin/expect > > delegate_to: localhost > > > > > > Try \n instead of \r. This is more a question about expect than ansible. > You'll also have to worry about special chars in the password, as parsed by > TCL. (Obviously you need the expect command available on the target > system.) > > A better approach might be to pass the password in args: stdin and use > --stdin-password > > V/r, > James Cassell > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/456d0635-f14a-440d-9720-708fb2e7c1fb%40googlegroups.com.
Re: [ansible-project] ansible - shell module using expect
On Mon, Oct 7, 2019, at 4:19 PM, Troy Cosson wrote: > I'm trying to get a Red Hat server (RHEL7) to join a Windows Active > Directory domain and I can't seem to get the expect command to send a > password. > > The playbook asks for the username and password and should then put the > username at the end of the adcl command > adcli join example.com -U administratorName > This returns a prompt of > Password for administratorn...@example.com: > The expect portion 'should' see this and send the password > The ansible example is here > https://docs.ansible.com/ansible/latest/modules/shell_module.html#shell-module > (# You can use shell to run other executables to perform actions inline) > > I've added -v to the adcli command to try and check whats happening, > but it didn't really shed any light. > Neither did ansible-playbook -vvv filename.yml, but maybe I just can't > read it well. > The example below has example.com instead of my actual domain but > otherwise is identical. > Does anyone have any suggestions on why the expect/send portion isn't > working?: > > --- > - hosts: 127.0.0.1 > vars_prompt: > - name: username > prompt: "What is your Active Directory administrator username?" > private: no > - name: password > prompt: "What is your administrator password?" > private: yes > tasks: > - name: join the domain > shell: | > set timeout 300 > spawn /usr/sbin/adcli -v join example.com -U {{username}} > expect "Password for {{username}}@EXAMPLE.COM: " > send "{{password}}\r" > interact > exit 0 > args: > executable: /usr/bin/expect > delegate_to: localhost > > Try \n instead of \r. This is more a question about expect than ansible. You'll also have to worry about special chars in the password, as parsed by TCL. (Obviously you need the expect command available on the target system.) A better approach might be to pass the password in args: stdin and use --stdin-password V/r, James Cassell -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/60beab58-4023-43d1-ae61-a6f731269ae4%40www.fastmail.com.
[ansible-project] ansible - shell module using expect
I'm trying to get a Red Hat server (RHEL7) to join a Windows Active Directory domain and I can't seem to get the expect command to send a password. The playbook asks for the username and password and should then put the username at the end of the adcl command adcli join example.com -U administratorName This returns a prompt of Password for administratorn...@example.com: The expect portion 'should' see this and send the password The ansible example is here https://docs.ansible.com/ansible/latest/modules/shell_module.html#shell-module (# You can use shell to run other executables to perform actions inline) I've added -v to the adcli command to try and check whats happening, but it didn't really shed any light. Neither did ansible-playbook -vvv filename.yml, but maybe I just can't read it well. The example below has example.com instead of my actual domain but otherwise is identical. Does anyone have any suggestions on why the expect/send portion isn't working?: --- - hosts: 127.0.0.1 vars_prompt: - name: username prompt: "What is your Active Directory administrator username?" private: no - name: password prompt: "What is your administrator password?" private: yes tasks: - name: join the domain shell: | set timeout 300 spawn /usr/sbin/adcli -v join example.com -U {{username}} expect "Password for {{username}}@EXAMPLE.COM: " send "{{password}}\r" interact exit 0 args: executable: /usr/bin/expect delegate_to: localhost -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/578468a1-77aa-482e-be9f-9220a36b1e33%40googlegroups.com.