Control Node: - CentOS 7 - Ansible 2.1 - pywinrm version from May 19th, 2016
Remote Node: - Windows 7 - Powershell 3 I'm having trouble connecting to my remote node with kerberos. I have carefully followed all the instructions from the Ansible Docs website <http://docs.ansible.com/ansible/intro_windows.html#active-directory-support>. When I run "klist" it shows a kerberos-ticket-getting-ticket so I know it is working that far. But then when I run win_ping, I get the error message below. Can I assume all AD accounts are in the Kerberos Database or do they need to be added somehow? Otherwise how can I fix this? *$ cat windows.yml* *---* *ansible_user: ads-6999* *ansible_password: ******* *ansible_port: 5985* *ansible_connection: winrm* *ansible_winrm_realm: ACME.COM* *ansible_winrm_transport: kerberos* *ansible_winrm_kerberos_delegation: yes* *$ klist* *Ticket cache: KEYRING:persistent:1000:1000* *Default principal: [email protected]* *Valid starting Expires Service principal* *06/01/2016 17:00:46 06/02/2016 03:00:46 krbtgt/[email protected]* * renew until 06/08/2016 17:00:19* *$ ansible windows -m win_ping* *No config file found; using defaultsLoaded callback minimal of type stdout, v2.0<ADS-6999> ESTABLISH WINRM CONNECTION FOR USER: ads-6999 on PORT 5985 TO ADS-6999<ADS-6999> WINRM CONNECT: transport=kerberos endpoint=http://ADS-6999:5985/wsman<ADS-6999> WINRM CONNECTION ERROR: (('Unspecified GSS failure. Minor code may provide more information', 851968), ('Server not found in Kerberos database', -1765328377))Traceback (most recent call last): File "/etc/ansible/lib/ansible/plugins/connection/winrm.py", line 134, in _winrm_connect protocol.send_message('') File "/usr/lib/python2.7/site-packages/winrm/protocol.py", line 193, in send_message return self.transport.send_message(message) File "/usr/lib/python2.7/site-packages/winrm/transport.py", line 269, in send_message krb_ticket = KerberosTicket(self.krb_service) File "/usr/lib/python2.7/site-packages/winrm/transport.py", line 205, in __init__ kerberos.authGSSClientStep(krb_context, '')GSSError: (('Unspecified GSS failure. Minor code may provide more information', 851968), ('Server not found in Kerberos database', -1765328377))ADS-6999 | FAILED! => { "failed": true, "msg": "kerberos: (('Unspecified GSS failure. Minor code may provide more information', 851968), ('Server not found in Kerberos database', -1765328377))"}* -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/eecedb02-6fb9-48ae-a357-5d0fdb536a9f%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
