The new bit is probably because you aren't running from a folder where there's an ansible.cfg file if you cd to /etc/ansible (or wherever you keep your ansible.cfg) then that will go away.
My guess would be you aren't picking up the python-kerberos library If you run python and then enter the following import kerberos do you get 'ImportError: No module named kerberos' If so you need to install the python-kerberos lib, probably like this pip install kerberos Hope this helps, Jon On Thursday, April 28, 2016 at 1:27:27 PM UTC+1, Benjamin Loehner wrote: > > Hi Jon, > > i actually have a domain called test.local with a user called ansible. I > did it, like it was described in Link 1 > <http://docs.ansible.com/ansible/intro_windows.html> and Link 2 > <http://hindenes.com/trondsworking/2015/07/27/ansible-and-windows-configuring-kerberosactive-directory-authentication/> > . > Yes, i ran the script, but it only says powershell 3.0 is already > installed. > > My hosts-file looks like this: > > [windows] > srv-vm-2012r2.TEST.LOCAL > > [windows:vars] > ansible_user = [email protected] > ansible_connection = winrm > ansible_port = 5986 > > And this is my krb5.conf: > > [libdefaults] > default_realm = TEST.LOCAL > > [realms] > TEST.LOCAL = { > kdc = srv-vm-2012r2.test.local > default_domain = test.local > kpasswd_server = srv-vm-2012r2.test.local > } > [domain_realm] > .test.local = TEST.LOCAL > > If i do a kinit, it accepts my pass and returns this on klist: > > root@BL-Ansible:~/ansible/hacking# klist > Ticket cache: FILE:/tmp/krb5cc_0 > Default principal: [email protected] > > Valid starting Expires Service principal > 28.04.2016 11:32:37 28.04.2016 21:32:37 krbtgt/[email protected] > renew until 29.04.2016 11:32:34 > 28.04.2016 11:41:36 28.04.2016 21:32:37 > HTTP/[email protected] > renew until 29.04.2016 11:32:34 > > But there appeared something (red text) new: > > root@BL-Ansible:~/ansible/hacking# ansible windows -m setup -vvv > No config file found; using defaults > <srv-vm-2012r2.TEST.LOCAL> ESTABLISH WINRM CONNECTION FOR USER: ansible on > PORT 5986 TO srv-vm-2012r2.TEST.LOCAL > srv-vm-2012r2.TEST.LOCAL | UNREACHABLE! => { > "changed": false, > "msg": "ssl: 'ascii' codec can't decode byte 0xc3 in position 12: > ordinal not in range(128)", > "unreachable": true > } > > > > And what do you mean with "-cx on your inventory / group_vars "? Always > remember, i'm a linux n00b :) > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/12d4d9fa-999f-4cc9-8c9f-6894181d779f%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
