HI Team, I have a new requirement to install an agant in 1500 windows machines, all these machine are Domain managed VMs. When i try to connect using local user, i am able to connect the windows box, But when i use AD credentials its not working. Let me share my current Setup here. Please help.
Windows VM settings:- 1. Enabled WINRM 2. Ran the script in the remote Windows VM ConfigureRemotingForAnsible.ps1 <https://github.com/ansible/ansible/blob/devel/examples/scripts/ConfigureRemotingForAnsible.ps1> Ansible Host:(Linux RHEL 7.2) Installed packages: 1. Ansible 2.2.1.0 2. Python 2.7.5 3. krb5-workstation-1.14.1-27.el7_3.x86_64 4. krb5-devel-1.14.1-27.el7_3.x86_64 5. krb5-libs-1.14.1-27.el7_3.x86_64 6. kerberos Krb5.conf entry as below: [logging] default = FILE:/var/log/krb5libs.log kdc = FILE:/var/log/krb5kdc.log admin_server = FILE:/var/log/kadmind.log [realms] UAT.INTRA.COM = { kdc = winad23987.uat.intra.com admin_server = winad23987.uat.intra.com } [domain_realm] .uat.intra.com = UAT.INTRA.COM ============== Kinit and Klist as below:- [root@liuatasans01 ~]# kinit ansi...@uat.intra.com Password for ansi...@uat.intra.com: [root@liuatasans01 ~]# klist Ticket cache: FILE:/tmp/krb5cc_0 Default principal: ansi...@uat.intra.com Valid starting Expires Service principal 04/20/2017 18:31:59 04/21/2017 04:31:59 krbtgt/uat.intra....@uat.intra.com renew until 04/21/2017 18:31:55 [root@liuatasans01 ~]# ============================ Inventory file as below:- /etc/ansible/hosts [windows] 172.45.17.182 [windows:vars] ansible_ssh_user=ansi...@uat.intra.com ansible_password="P@$$wo6d" ansible_port=5985 ansible_connection=winrm ===================================== Error as below:-(while trying to connect the AD user) [root@liuatasans01 ~]# ansible windows -m win_ping 172.45.17.182 | UNREACHABLE! => { "changed": false, "msg": "kerberos: __init__() got an unexpected keyword argument 'hostname_override', plaintext: auth method plaintext requires a password", "unreachable": true } ==================================== Working when connecting as windows local user:- [root@liuatasans01 ~]# ansible windows -m win_ping 172.45.17.182 | SUCCESS => { "changed": false, "ping": "pong" } ================================= Please help to fix the issue: While connecting as AD user, getting the below error in the windows Audit log The computer attempted to validate the credentials for an account. Authentication Package: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0 Logon Account: ansi...@uat.intra.com Source Workstation: winvmuatiis7202 Error Code: 0xC0000064 ================================ Appreciate your help on this -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/2692d425-4c2a-4ea9-a0d1-5f99685baeb1%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
