Control Node:

   - CentOS 7
   - Ansible 2.1
   - pywinrm version from May 19th, 2016

Remote Node:

   - Windows 7
   - Powershell 3


I'm having trouble connecting to my remote node with kerberos.  I have 
carefully followed all the instructions from the Ansible Docs website 
<http://docs.ansible.com/ansible/intro_windows.html#active-directory-support>. 
 When I run "klist" it shows a kerberos-ticket-getting-ticket so I know it 
is working that far.  But then when I run win_ping, I get the error message 
below.  Can I assume all AD accounts are in the Kerberos Database or do 
they need to be added somehow?  Otherwise how can I fix this?


*$ cat windows.yml*
*---*
*ansible_user: ads-6999*
*ansible_password: *******
*ansible_port: 5985*
*ansible_connection: winrm*
*ansible_winrm_realm: ACME.COM*
*ansible_winrm_transport: kerberos*
*ansible_winrm_kerberos_delegation: yes*


*$ klist*
*Ticket cache: KEYRING:persistent:1000:1000*
*Default principal: [email protected]*

*Valid starting       Expires              Service principal*
*06/01/2016 17:00:46  06/02/2016 03:00:46  krbtgt/[email protected]*
*    renew until 06/08/2016 17:00:19*
*$ ansible windows -m win_ping*



















*No config file found; using defaultsLoaded callback minimal of type 
stdout, v2.0<ADS-6999> ESTABLISH WINRM CONNECTION FOR USER: ads-6999 on 
PORT 5985 TO ADS-6999<ADS-6999> WINRM CONNECT: transport=kerberos 
endpoint=http://ADS-6999:5985/wsman<ADS-6999> WINRM CONNECTION ERROR: 
(('Unspecified GSS failure.  Minor code may provide more information', 
851968), ('Server not found in Kerberos database', -1765328377))Traceback 
(most recent call last):  File 
"/etc/ansible/lib/ansible/plugins/connection/winrm.py", line 134, in 
_winrm_connect    protocol.send_message('')  File 
"/usr/lib/python2.7/site-packages/winrm/protocol.py", line 193, in 
send_message    return self.transport.send_message(message)  File 
"/usr/lib/python2.7/site-packages/winrm/transport.py", line 269, in 
send_message    krb_ticket = KerberosTicket(self.krb_service)  File 
"/usr/lib/python2.7/site-packages/winrm/transport.py", line 205, in 
__init__    kerberos.authGSSClientStep(krb_context, '')GSSError: 
(('Unspecified GSS failure.  Minor code may provide more information', 
851968), ('Server not found in Kerberos database', -1765328377))ADS-6999 | 
FAILED! => {    "failed": true,     "msg": "kerberos: (('Unspecified GSS 
failure.  Minor code may provide more information', 851968), ('Server not 
found in Kerberos database', -1765328377))"}*

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/eecedb02-6fb9-48ae-a357-5d0fdb536a9f%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to