Try adding a mapping in your domain_realms section to associate lowercase ops68.isyntax.net to realm OPS68.ISYNTAX.NET. On Wed, Nov 7, 2018 at 12:35 PM sase kumar <[email protected]> wrote: > > Hi Team, > > In our environment , basic , ntlm ,credssp is disabled by default in > windows2012 machines and I tried it out with last option that is kerberos . > > Scenario - > > centos machine has ansible controller > new domain has been created and it has few servers with it > I added the domain fqdn in etc/hosts to make it reachable because initially > only IP is reachable from ansible > I installed all kerberos libraries uisng pip and configured krb.conf file > accordingly > > includedir /etc/krb5.conf.d/ > > [logging] > default = FILE:/var/log/krb5libs.log > kdc = FILE:/var/log/krb5kdc.log > admin_server = FILE:/var/log/kadmind.log > > [libdefaults] > dns_lookup_realm = true > ticket_lifetime = 24h > renew_lifetime = 7d > forwardable = true > rdns = false > default_realm = OPS68.ISYNTAX.NET > default_ccache_name = KEYRING:persistent:%{uid} > > [realms] > OPS68.ISYNTAX.NET = { > kdc = OPS68.isyntax.net > default_domain = OPS68.ISYNTAX.NET > } > > [domain_realm] > OPS68.ISYNTAX.NET = OPS68.ISYNTAX.NET > .OPS68.ISYNTAX.NET = OPS68.ISYNTAX.NET > > But still if i try to run playbooks , it says "Cannot find > KDC for realm \"ops68.isyntax.net\" while getting initial credentials", > > Any help is appreciated? > > -- > You received this message because you are subscribed to the Google Groups > "Ansible Project" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/ansible-project/12419e23-5c43-4fbf-b915-b19b563d6938%40googlegroups.com. > For more options, visit https://groups.google.com/d/optout.
-- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAFbiokdoRjd0hy5fUV%3D1-ikKhC74QNDmDNvAy%3DVB2_xvS1%3DBuQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
