Hi Jon, i actually have a domain called test.local with a user called ansible. I did it, like it was described in Link 1 <http://docs.ansible.com/ansible/intro_windows.html> and Link 2 <http://hindenes.com/trondsworking/2015/07/27/ansible-and-windows-configuring-kerberosactive-directory-authentication/> . Yes, i ran the script, but it only says powershell 3.0 is already installed.
My hosts-file looks like this: [windows] srv-vm-2012r2.TEST.LOCAL [windows:vars] ansible_user = [email protected] ansible_connection = winrm ansible_port = 5986 And this is my krb5.conf: [libdefaults] default_realm = TEST.LOCAL [realms] TEST.LOCAL = { kdc = srv-vm-2012r2.test.local default_domain = test.local kpasswd_server = srv-vm-2012r2.test.local } [domain_realm] .test.local = TEST.LOCAL If i do a kinit, it accepts my pass and returns this on klist: root@BL-Ansible:~/ansible/hacking# klist Ticket cache: FILE:/tmp/krb5cc_0 Default principal: [email protected] Valid starting Expires Service principal 28.04.2016 11:32:37 28.04.2016 21:32:37 krbtgt/[email protected] renew until 29.04.2016 11:32:34 28.04.2016 11:41:36 28.04.2016 21:32:37 HTTP/[email protected] renew until 29.04.2016 11:32:34 But there appeared something (red text) new: root@BL-Ansible:~/ansible/hacking# ansible windows -m setup -vvv No config file found; using defaults <srv-vm-2012r2.TEST.LOCAL> ESTABLISH WINRM CONNECTION FOR USER: ansible on PORT 5986 TO srv-vm-2012r2.TEST.LOCAL srv-vm-2012r2.TEST.LOCAL | UNREACHABLE! => { "changed": false, "msg": "ssl: 'ascii' codec can't decode byte 0xc3 in position 12: ordinal not in range(128)", "unreachable": true } And what do you mean with "-cx on your inventory / group_vars "? Always remember, i'm a linux n00b :) -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/621f8d28-32b9-42a9-b861-fe1cf1a61f35%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
