Hi,
Sorry it took so long to respond. I actually followed the same document and
installed everything as suggested.
As per AMI I am using AWS ubuntu image and python version 2.7.6.
my sudo pip list output
ansible (2.0.1.0)
ansible-tower (2.4.4)
apt-xapian-index (0.45)
argparse (1.2.1)
awscli (1.1
I got it working!!
I needed to install 'gcc'.
So I ran the following: sudo yum -y install gcc
I was then able to run: sudo yum -y install kerberos
After that was all installed successfully I was able to run a playbook
using AD credentials.
Jon - thanks all your help!!!
Cheers
Mark
On Thu
Hi Jon
If I do a pip list I get the followining:
ansible (2.0.1.0)
ansible-tower (2.4.4)
Babel (0.9.6)
backports.ssl-match-hostname (3.4.0.2)
chardet (2.2.1)
configobj (4.7.2)
decorator (3.4.0)
ecdsa (0.13)
httplib2 (0.9.2)
iniparse (0.4)
IPy (0.75)
isodate (0.5.4)
Jinja2 (2.8)
kitchen (1.1.1)
la
Hi Mark,
If you run a
(sudo) pip list
on your ansible controller
what version is reported for the 'kerberos' library?
For some reason, ansible is still falling back to using basic auth in your
case. When I've seen that its either that the connection variables aren't
getting set up, or ther
Hi Anjana
Where exactly on you putting those varibales [win:var]? Are you putting
those variables in /etc/ansible/hosts file?
Im still getting the following error: fatal: [server.COMPANY.COM]: FAILED!
=> {"failed": true, "msg": "ssl: 401 Unauthorized."}
I have changed my groups_vars file (/etc
Anjana,
I have not seen this error before but please advise the following:
version of whichever python-kerberos libraries you are using on your
ansible controller
(see
http://docs.ansible.com/ansible/intro_windows.html#installing-python-kerberos-dependencies)
version of the python kerberos wra
I am having similar problem and afterwards used the *kerberos* for host
variable *ansible_winrm_transport.*
I am using ansible version 2.0.1.0.
The worked configuration:
[Win]
...LOCAL
[Win:vars]
ansible_user='xxx.xxx@.X.LOCAL'
ansible_password=*..*
ansible_port=5986
ansible_
Hi,
My guess would be you haven't got pykerberos installed. on your ansible
controller.
If you see
transport=ssl
in the connection information it isn't going via kerberos.
Since you have a ticket set up I think its just that you don't have the
pykerberos package installed.
Hope this help
I would expect his logs to show ssh trying to do kerberos auth and
then failing back to whatever. The fact it is going straight to plain
auth is odd.
Maybe play around with ansible_ssh_common_args or ansible.cfg to get
ssh more verbose?
On Fri, Apr 8, 2016 at 1:51 PM, Zacharias Thompson wrote:
Are you running the kinit under the same user you're running ansible as?
What version of Ansible are you running?
On Fri, Apr 8, 2016 at 4:27 AM, Mark Matthews wrote:
> Hi Zacharias
>
> I have setup a kerberos ticket and all seems to be working fine. I am able
> to do a "knit *username*" and cr
Hi guys
Was doing some digging around and noticed that there were security errors
on the test server I was trying to access.
Could it be possible that this could be causing the issue:
https://www.winhelp.info/windows/resolve-kerberos-error-0xc06d-in-windows/
As nothing is defined there on
Hi
Im just running the playbook as follows: ansible-playbook test_ping.yml
The playbook looks like this:
- name: Ping Servers
hosts: win
tasks:
- name: ping
win_ping:
I run the playbook now with -v, and got the following output:
TASK [setup]
***
On Apr 8, 2016 7:27 AM, "Mark Matthews" wrote:
>
> Hi Zacharias
>
> I have setup a kerberos ticket and all seems to be working fine. I am
able to do a "knit username" and create a ticket.
>
> I then add the following entry into /etc/ansible/hosts file
> [win]
> servername.COMPANY.COM
>
> I have cr
Hi Zacharias
I have setup a kerberos ticket and all seems to be working fine. I am able
to do a "knit *username*" and create a ticket.
I then add the following entry into /etc/ansible/hosts file
[win]
servername.COMPANY.COM
I have create the following /etc/ansible/group_vars/win.yml file with t
You have to setup a kerberos ticket for the user you want to connect with.
After which, if you specify the ansible_ssh_user in the format of
u...@my.domain.com, Ansible will attempt to use a kerberos ticket before
falling back to basic authentication.
See the support site for more details:
http
15 matches
Mail list logo