The following ought to remove pykerberos and install kerberos and latest
version of pywinrm. Latest version of pywinrm also needs requests-kerberos
to make kerberos connections - if it doesn't get installed, install that
too. Check what you have installed using 'pip list'
pip uninstall pykerberos
pip install kerberos
pip install pywinrm version==0.2.0
You should be able to set configuration in host or group vars. Generally I
prefer to use group_vars so I don't have to copy and paste settings for
individual hosts, but its really a case of what makes sense for your
inventory.
Jon
On Tuesday, September 20, 2016 at 11:08:38 AM UTC+1, Chandra Pandey wrote:
>
> Hi,
>
> Can you please let me know the commands to install and configuration of
> host or group var ?
>
> On Tuesday, September 13, 2016 at 1:18:49 AM UTC+5:30, Chandra Pandey
> wrote:
>>
>> I get error while installing fresh exchange 2016 server using ansible ---
>>
>>
>> ExchangeSetup.log Error
>>
>> Active Directory operation failed on . The supplied credential for
>> 'ADS\Chandra Pandey' is invalid.
>> [09/12/2016 19:34:45.0055] [0] The supplied credential is invalid
>>
>>
>> Ansible Error:
>>
>> <dev-01.xyz.com> WINRM RESULT u'<Response code 0, out
>> "C:\\Users\\Chandra Pan", err "">'
>> <dev-01.xyz.com> PUT "/etc/ansible/playbooks/exch.ps1" TO
>> "C:\Users\Chandra
>> Pandey\AppData\Local\Temp\ansible-tmp-1473708846.5-280345779333025\exch.ps1"
>> <dev-01.xyz.com> WINRM PUT "/etc/ansible/playbooks/exch.ps1" to
>> "C:\Users\Chandra
>> Pandey\AppData\Local\Temp\ansible-tmp-1473708846.5-280345779333025\exch.ps1"
>> (offset=121 size=121)
>> <dev-01.xyz.com> EXEC & 'C:\Users\Chandra
>> Pandey\AppData\Local\Temp\ansible-tmp-1473708846.5-280345779333025\exch.ps1'
>> <dev-01.xyz.com> WINRM EXEC 'PowerShell' ['-NoProfile',
>> '-NonInteractive', '-ExecutionPolicy', 'Unrestricted', '-EncodedCommand',
>> 'JgAgACAAJwBDADoAXABVAHMAZQByAHMAXABDAGgAYQBuAGQAcgBhACAAUABhAG4AZABlAHkAXABBAHAAcABEAGEAdABhAFwATABvAGMAYQBsAFwAVABlAG0AcABcAGEAbgBzAGkAYgBsAGUALQB0AG0AcAAtADEANAA3ADMANwAwADgAOAA0ADYALgA1AC0AMgA4ADAAMwA0ADUANwA3ADkAMwAzADMAMAAyADUAXABlAHgAYwBoAC4AcABzADEAJwA=']
>> <dev-01.xyz.com> WINRM RESULT u'<Response code 0, out "\r\nWelcome to
>> Microso", err "There is a pending r">'
>> <dev-01.xyz.com> EXEC Set-StrictMode -Version Latest
>> Remove-Item "C:\Users\Chandra
>> Pandey\AppData\Local\Temp\ansible-tmp-1473708846.5-280345779333025" -Force
>> -Recurse;
>> <dev-01.xyz.com> WINRM EXEC u'PowerShell' [u'-NoProfile',
>> u'-NonInteractive', u'-ExecutionPolicy', u'Unrestricted',
>> u'-EncodedCommand',
>> u'UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEMAaABhAG4AZAByAGEAIABQAGEAbgBkAGUAeQBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA0ADcAMwA3ADAAOAA4ADQANgAuADUALQAyADgAMAAzADQANQA3ADcAOQAzADMAMwAwADIANQAiACAALQBGAG8AcgBjAGUAIAAtAFIAZQBjAHUAcgBzAGUAOwA=']
>> <dev-01.xyz.com> WINRM RESULT u'<Response code 0, out "", err "">'
>> <dev-01.xyz.com> WINRM CLOSE SHELL: 2304FF63-3899-4A5F-AA24-67A3E8DAF0B1
>> changed: [dev-01.xyz.com] => {"changed": true, "invocation":
>> {"module_args": {"_raw_params": "exch.ps1"}, "module_name": "script"},
>> "rc": 0, "stderr": "There is a pending reboot from a previous installation
>> of a Windows Server role or feature. Please restart the computer and then
>> run Setup again.\r\nYou must be a member of the 'Organization Management'
>> role group or a member of the 'Enterprise Admins' group to continue.\r\nYou
>> must use an account that's a member of the Organization Management role
>> group to install or upgrade the first Mailbox server role in the
>> topology.\r\nYou must use an account that's a member of the Organization
>> Management role group to install the first Client Access server role in the
>> topology.\r\nYou must use an account that's a member of the Organization
>> Management role group to install the first Client Access server role in the
>> topology.\r\nYou must use an account that's a member of the Organization
>> Management role group to install or upgrade the first Mailbox server role
>> in the topology.\r\nYou must use an account that's a member of the
>> Organization Management role group to install or upgrade the first Client
>> Access server role in the topology.\r\nYou must use an account that's a
>> member of the Organization Management role group to install the first
>> Mailbox server role in the topology.\r\nSetup encountered a problem while
>> validating the state of Active Directory: Active Directory operation failed
>> on . The supplied credential for 'ADS\\Chandra Pandey' is invalid. See the
>> Exchange setup log for more information on this error.\r\nEither Active
>> Directory doesn't exist, or it can't be contacted.\r\n", "stdout":
>> "\r\nWelcome to Microsoft Exchange Server 2016 Unattended
>> Setup\r\n\r\nCopying Files...\r\nFile copy complete.\r\nSetup will now
>> collect additional information needed for installation.\r\n\r\n
>> Languages\r\n Management tools\r\n Mailbox role: Transport
>> service\r\n Mailbox role: Client Access service\r\n Mailbox role:
>> Unified Messaging service\r\n Mailbox role: Mailbox service\r\n
>> Mailbox role: Front End Transport service\r\n Mailbox role: Client
>> Access Front End service\r\n\r\nPerforming Microsoft Exchange Server
>> Prerequisite Check\r\n\r\n Configuring Prerequisites ... COMPLETED\r\n
>> Prerequisite Analysis\r\n\r\nThe Exchange Server setup operation didn't
>> complete. More details can be found in ExchangeSetup.log located in the
>> <SystemDrive>:\\ExchangeSetupLogs folder.\r\n", "stdout_lines": ["",
>> "Welcome to Microsoft Exchange Server 2016 Unattended Setup", "", "Copying
>> Files...", "File copy complete.", "Setup will now collect additional
>> information needed for installation.", "", " Languages", "
>> Management tools", " Mailbox role: Transport service", " Mailbox
>> role: Client Access service", " Mailbox role: Unified Messaging
>> service", " Mailbox role: Mailbox service", " Mailbox role: Front
>> End Transport service", " Mailbox role: Client Access Front End
>> service", "", "Performing Microsoft Exchange Server Prerequisite Check",
>> "", " Configuring Prerequisites ... COMPLETED", " Prerequisite Analysis",
>> "", "The Exchange Server setup operation didn't complete. More details can
>> be found in ExchangeSetup.log located in the
>> <SystemDrive>:\\ExchangeSetupLogs folder."]}
>>
>>
>> ==========
>>
>> event errors:
>>
>> The description for Event ID 4027 from source MSExchange ADAccess cannot
>> be found. Either the component that raises this event is not installed on
>> your local computer or the installation is corrupted. You can install or
>> repair the component on the local computer.
>>
>> If the event originated on another computer, the display information had
>> to be saved with the event.
>>
>> The following information was included with the event:
>>
>> ExSetup.exe
>> 7044
>> Get Servers for ads.xyz.com
>> TopologyClientTcpEndpoint (localhost)
>> 3
>> System.ServiceModel.EndpointNotFoundException: Could not connect to
>> net.tcp://localhost:890/Microsoft.Exchange.Directory.TopologyService. The
>> connection attempt lasted for a time span of 00:00:02.0468972. TCP error
>> code 10061: No connection could be made because the target machine actively
>> refused it [::1]:890. ---> System.Net.Sockets.SocketException: No
>> connection could be made because the target machine actively refused it
>> [::1]:890
>> at System.Net.Sockets.Socket.DoConnect(EndPoint endPointSnapshot,
>> SocketAddress socketAddress)
>> at System.Net.Sockets.Socket.Connect(EndPoint remoteEP)
>> at System.ServiceModel.Channels.SocketConnectionInitiator.Connect(Uri
>> uri, TimeSpan timeout)
>> --- End of inner exception stack trace ---
>>
>> Server stack trace:
>> at System.ServiceModel.Channels.SocketConnectionInitiator.Connect(Uri
>> uri, TimeSpan timeout)
>> at
>> System.ServiceModel.Channels.BufferedConnectionInitiator.Connect(Uri uri,
>> TimeSpan timeout)
>> at
>> System.ServiceModel.Channels.ConnectionPoolHelper.EstablishConnection(TimeSpan
>>
>> timeout)
>> at
>> System.ServiceModel.Channels.ClientFramingDuplexSessionChannel.OnOpen(TimeSpan
>>
>> timeout)
>> at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan
>> timeout)
>> at System.ServiceModel.Channels.ServiceChannel.OnOpen(TimeSpan timeout)
>> at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan
>> timeout)
>>
>> Exception rethrown at [0]:
>> at
>> System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage
>> reqMsg, IMessage retMsg)
>> at
>> System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData&
>> msgData, Int32 type)
>> at System.ServiceModel.ICommunicationObject.Open()
>> at Microsoft.Exchange.Net.ServiceProxyPool`1.GetClient(Int32 retry,
>> Boolean& doNotReturnProxyAfterRetry, Boolean useCache)
>> at
>> Microsoft.Exchange.Net.ServiceProxyPool`1.TryCallServiceWithRetry(Action`1
>> action, String debugMessage, WCFConnectionStateTuple proxyToUse, Int32
>> numberOfRetries, Boolean doNotReturnProxyOnSuccess, Exception& exception)
>>
>> the message resource is present but the message is not found in the
>> string/message table
>>
>>
>> ======================
>>
>> The description for Event ID 106 from source MSExchange Common cannot be
>> found. Either the component that raises this event is not installed on your
>> local computer or the installation is corrupted. You can install or repair
>> the component on the local computer.
>>
>> If the event originated on another computer, the display information had
>> to be saved with the event.
>>
>> The following information was included with the event:
>>
>> 1
>> Base for Average Latency
>> MSExchange ServiceProxyPool
>> The exception thrown is : System.InvalidOperationException: The requested
>> Performance Counter is not a custom counter, it has to be initialized as
>> ReadOnly.
>> at System.Diagnostics.PerformanceCounter.InitializeImpl()
>> at System.Diagnostics.PerformanceCounter.IncrementBy(Int64 value)
>> at
>> Microsoft.Exchange.Diagnostics.ExPerformanceCounter.IncrementBy(Int64
>> incrementValue)
>> Last worker process info : Last worker process info not available!
>> Processes running while Performance counter failed to update:
>> 6300 TrustedInstaller
>> 1176 svchost
>> 2548 vmtoolsd
>> 4912 csrss
>> 380 csrss
>> 1364 inetinfo
>> 5892 winrshost
>> 5692 WMSvc
>> 1948 svchost
>> 1220 nsd
>> 2336 SMSvcHost
>> 6664 svchost
>> 1152 svchost
>> 560 lsass
>> 6860 taskhostex
>> 1740 rdpinput
>> 1396 mqsvc
>> 2132 vmtoolsd
>> 752 LogonUI
>> 944 svchost
>> 4292 taskhostex
>> 548 services
>> 872 svchost
>> 1728 splunkd
>> 7044 ExSetup
>> 4224 cmd
>> 4084 splunk-winevtlog
>> 5264 conhost
>> 728 TabTip
>> 4272 ccSvcHst
>> 4456 dwm
>> 1696 snmp
>> 6616 VSSVC
>> 1096 spoolsv
>> 2868 unsecapp
>> 2472 svchost
>> 1940 conhost
>> 5424 powershell
>> 2860 WmiPrvSE
>> 760 svchost
>> 3248 svchost
>> 484 winlogon
>> 5800 taskhost
>> 5404 AeXAgentUIHost
>> 1660 ccSvcHst
>> 3504 dllhost
>> 4092 splunk-winprintmon
>> 6576 WmiApSrv
>> 2240 svchost
>> 2040 uptmagnt
>> 4776 AeXMetricProv
>> 656 svchost
>> 5184 AeXSMAppDetector
>> 6364 TiWorker
>> 452 csrss
>> 252 smss
>> 2368 setup
>> 2020 svchost
>> 2412 TabTip32
>> 440 wininit
>> 3196 svchost
>> 2200 svchost
>> 4376 AeXNSAgentHostSurrogate32
>> 1420 SMSvcHost
>> 6540 powershell
>> 432 svchost
>> 3780 splunk-perfmon
>> 6536 conhost
>> 624 svchost
>> 1604 NPSrvHost
>> 788 dwm
>> 2192 putty
>> 812 svchost
>> 6524 conhost
>> 4944 winlogon
>> 2184 serversetup
>> 4812 explorer
>> 3364 splunk-wmi
>> 3336 WmiPrvSE
>> 2376 AeXNSAgent
>> 4320 rdpclip
>> 5128 AeXSMLogUpload
>> 3748 msdtc
>> 4 System
>> 3484 NPSrvWatchdog
>> 5212 conhost
>> 0 Idle
>> Performance Counters Layout information: FileMappingNotFoundException for
>> category MSExchange ServiceProxyPool :
>> Microsoft.Exchange.Diagnostics.FileMappingNotFoundException: Cound not open
>> File mapping for name Global\netfxcustomperfcounters.1.0msexchange
>> serviceproxypool. Error Details: 2
>> at Microsoft.Exchange.Diagnostics.FileMapping.OpenFileMapping(String
>> name, Boolean writable)
>> at
>> Microsoft.Exchange.Diagnostics.PerformanceCounterMemoryMappedFile.Initialize(String
>>
>> fileMappingName, Boolean writable)
>> at
>> Microsoft.Exchange.Diagnostics.ExPerformanceCounter.GetAllInstancesLayout(String
>>
>> categoryName)
>>
>>
>>
>> the message resource is present but the message is not found in the
>> string/message table
>>
>>
>> ============================
>>
>> Login Successfull on system
>>
>>
>> An account was successfully logged on.
>>
>> Subject:
>> Security ID: NULL SID
>> Account Name: -
>> Account Domain: -
>> Logon ID: 0x0
>>
>> Logon Type: 3
>>
>> Impersonation Level: Impersonation
>>
>> New Logon:
>> Security ID: ADS\Chandra Pandey
>> Account Name: Chandra Pandey
>> Account Domain: ADS
>> Logon ID: 0xD475400
>> Logon GUID: {10046cb6-9f06-048b-d251-f66c2878fa16}
>>
>> Process Information:
>> Process ID: 0x0
>> Process Name: -
>>
>> Network Information:
>> Workstation Name:
>> Source Network Address: -
>> Source Port: -
>>
>> Detailed Authentication Information:
>> Logon Process: Kerberos
>> Authentication Package: Kerberos
>> Transited Services: -
>> Package Name (NTLM only): -
>> Key Length: 0
>>
>> This event is generated when a logon session is created. It is generated
>> on the computer that was accessed.
>>
>> The subject fields indicate the account on the local system which
>> requested the logon. This is most commonly a service such as the Server
>> service, or a local process such as Winlogon.exe or Services.exe.
>>
>> The logon type field indicates the kind of logon that occurred. The most
>> common types are 2 (interactive) and 3 (network).
>>
>> The New Logon fields indicate the account for whom the new logon was
>> created, i.e. the account that was logged on.
>>
>> The network fields indicate where a remote logon request originated.
>> Workstation name is not always available and may be left blank in some
>> cases.
>>
>> The impersonation level field indicates the extent to which a process in
>> the logon session can impersonate.
>>
>> The authentication information fields provide detailed information about
>> this specific logon request.
>> - Logon GUID is a unique identifier that can be used to correlate this
>> event with a KDC event.
>> - Transited services indicate which intermediate services have
>> participated in this logon request.
>> - Package name indicates which sub-protocol was used among the NTLM
>> protocols.
>> - Key length indicates the length of the generated session key. This will
>> be 0 if no session key was requested.
>>
>> ===================
>>
>> Special privileges assigned to new logon.
>>
>> Subject:
>> Security ID: ADS\Chandra Pandey
>> Account Name: Chandra Pandey
>> Account Domain: ADS
>> Logon ID: 0xD475400
>>
>> Privileges: SeSecurityPrivilege
>> SeBackupPrivilege
>> SeRestorePrivilege
>> SeTakeOwnershipPrivilege
>> SeDebugPrivilege
>> SeSystemEnvironmentPrivilege
>> SeLoadDriverPrivilege
>> SeImpersonatePrivilege
>> SeEnableDelegationPrivilege
>>
>> =====================================================
>>
>>
>>
>>
>>
>>
>> I am part of "Organization Management role group" in AD
>>
>> I am able to run ansible commands for dev-01 server with same ads\chandra
>> pandey credentails but can't install exchange
>>
>>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/c32295b1-dd6d-4fc4-bb86-d21647f7bd00%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
