thank you Hawkesworth, that worked. On Friday, July 7, 2017 at 12:02:21 PM UTC+2, J Hawkesworth wrote: > > Possibly a second hop issue. Try setting ansible_winrm_kerberos_delegation: > true > in your windows inventory (documented at the end of this section of the > documentation page: > http://docs.ansible.com/ansible/intro_windows.html#inventory > > Hope this helps, > > Jon > On Wednesday, July 5, 2017 at 4:53:13 PM UTC+1, anil kumar wrote: >> >> I am trying to invoke AD commands( I put this into powershellscript) from >> ansible server. I am using Kerberos in the ansible server for auth. Can you >> guys help in this issue? >> >> Below is my powershell script runs on windows server(windows server 2008 >> r2 standard), which is in domain. I am able to run this powershell script >> fine when I RDP into this machine. But fails when i run this script from >> powershell. >> >> ============================================================================================================================================================================== >> param ( >> [string]$vm_name >> ) >> $grp= -join($vm_name,"_login") >> Import-Module -Name ActiveDirectory >> Set-ADGroup -Identity $grp -GroupScope Universal -GroupCategory Security >> Add-ADGroupMember -Identity $grp -Members eoinf-sysadmin >> >> Below is error message when I run above script from ansible: >> ============================================= >> ansible-playbook winAD.yml --extra-vars "vm_name=marx5075" -vv >> Using /home/athangal/playbooks/ansible.cfg as config file >> PLAYBOOK: winAD.yml >> ************************************************************ >> 1 plays in winAD.yml >> PLAY [win] >> ********************************************************************* >> TASK [raw] >> ********************************************************************* >> task path: /home/athangal/playbooks/winAD.yml:8 >> changed: [WINDOWS.my.corp] => {"changed": true, "rc": 0, "stderr": >> "Set-ADGroup : Unable to contact the server. This may be because this >> server \r\ndoes not exist, it is currently down, or it does not have the >> Active Directory \r\nWeb Services running.\r\nAt >> C:\\scripts\\setUnvGp.ps1:6 char:1\r\n+ Set-ADGroup -Identity $grp >> –GroupScope Universal -GroupCategory Security\r\n+ >> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\r\n+ >> >> CategoryInfo : ResourceUnavailable: (marx5075_login:ADGroup) [S >> \r\net-ADGroup], ADServerDownException\r\n+ FullyQualifiedErrorId : Unable >> to contact the server. This may be becaus \r\ne this server does not exist, >> it is currently down, or it does not have th \r\ne Active Directory Web >> Services running.,Microsoft.ActiveDirectory.Managem >> \r\nent.Commands.SetADGroup\r\n\r\nAdd-ADGroupMember : Unable to contact >> the server. This may be because this \r\nserver does not exist, it is >> currently down, or it does not have the Active \r\nDirectory Web Services >> running.\r\nAt C:\\scripts\\setUnvGp.ps1:7 char:1\r\n+ Add-ADGroupMember >> -Identity $grp -Members eoinf-sysadmin\r\n+ >> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\r\n+ >> CategoryInfo : ResourceUnavailable: (marx5075_login:ADGroup) [A >> \r\ndd-ADGroupMember], ADServerDownException\r\n+ FullyQualifiedErrorId : >> Unable to contact the server. This may be becaus \r\ne this server does not >> exist, it is currently down, or it does not have th \r\ne Active Directory >> Web Services running.,Microsoft.ActiveDirectory.Managem >> \r\nent.Commands.AddADGroupMember\r\n", "stdout": "", "stdout_lines": []} >> >
-- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/c37b84cf-cb7e-46bc-b71a-6e5071793e82%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
